Welcome to WebmasterWorld Guest from 188.8.131.52
Looking back over the logs it appears that:
. gethostbyaddr - not all AOL IPs yield a host name; those that do resolve end in proxy.aol.com.
. UA always seem to contain AOL
. The first three IP octets appear to be constant.
To address the the AOL problem Iím currently thinking about changing to a technique where I identify AOL visitors based on UA (and maybe host name), use only the first three octets of AOL visitors IPs and possibly appended with a hash of some sort per session. That would restore velocity traps to full function and I could re-implement the IP logic trap.
Any suggestions? Help would be much appreciated.
Amazingly, many bad bots accept cookies because some sites won't work unless you accept cookies, so I feed them a session cookie and it tracks them across multiple IP addresses on AOL so once I flag the session as bad, you can run, hop IPs, whatever, but until you toss that cookie, you're still blocked ;)
Hope that helps.