I think .htaccess ban should do the job.

Also, you can contact your host and inform them - they can ban the person/ip from entire server.

I wouldn't ban it. It's just a regular Joe.

[webmasterworld.com...]

Some info here:

[incidents.org...]

Thanks for the replies. Much appreciated.

This is no average joe I am afraid. He also was looking for /formail.cgi as well..

The info was appreciated.

No, someone looking for formmail is not the average joe. You did not mention your server software, but if apache, in .htaccess, something like this:

<Limit GET>
Order Allow,Deny
Allow from all
Deny from 68.37.53.113
</Limit>

Since its comcast, that's most likely a static IP on cable. You wouldn't ban anyone else. It won't matter the UA or the file requested. That IP will be banned from all GET requests.

I think IP will matter. As cable users share IP, however the other option would be to

deny from user.host.com

Can you give a specific example NeedScripts? I've banned specific IPs before, but I don't really want to ban someone unintentionally.

Specifically, how do I:
deny from user.host.com?

Right now the IP resolves to:
bgp453514bgs.avenel01.nj.comcast.net

Isn't that just banning the same IP?

If its a proxy cache, then, yes, that will ban a bunch of users. (doesn't look like it though). And if they're on a router, yes, it could ban an entire company or anyone on the same intranet.

PS for frontpage..
If you don't have formmail anywhere around, then this is probably a waste of time anyway. That user will just get 404's anyway.

I have tried with following lines in .htaccess and it has worked for me :)

deny from bgp453514bgs.avenel01.nj.comcast.net

Isn't that just banning the same IP?

Nope, it is not. I am using Cox High Speed Internet [and I love it - about 3mbps + speed here :)] and I am sharing IP with *quite a few people*, however, I have a ipxx.xx.xx.xx.ok.ok.cox.net and other person is more likely to have different name [as far as I have seen]. So if you were to ban my IP, then you are blocking many other people, however if you ban my hostname, you are only blocking me :(

remember, by using above line, you are not blocking the whole IP. Now if the person is using dialup, then more likely he can still come back, but if he is using cable internet, than he is blocked cuz, he *cannot* [as far as what I know] change the hostname [he will have to ask for IP change or will have to change/move his address or pay more for another line ;)] easily.

I am sure you know how to make .htaccess file. [also if you are using front page, then your .htaccess file will already have some codes in it, just add the line at the bottom]

Hope this will help.

From:
[httpd.apache.org...]

This configuration will cause the server to perform a reverse DNS lookup on the client IP address, regardless of the setting of the HostnameLookups directive.

Of course, if the server is not set to do reverse DNS lookups, the user.host.com won't be looked up. If it is, it will put an extra burden on the server.

The deny directive:

This directive allows access to the server to be restricted based on hostname, IP address, or environment variables. The arguments for the Deny directive are identical to the arguments for the Allow directive.

Isn't that just banning the same IP?

Yes, it is. Not what you said.

na.. that is ok. :)