I'm getting hundreds to thousands of directory scans on my server every day. The country IP changes every time (mostly China, Philippines, Poland and Russia) and when I try to block them by country using .htaccess they just move to another ISP in another country and continue.
They scan for:
These are a very small random sample of the 1700+ attempts in the last 12 hrs. They hit the server with 1-2 requests per second. I can no longer see the stats for my real visitors without an hour of reading because of this, not to mention the server load and bandwidth.
The .htaccess became useless due to the overhead needed to parse the 2MB file of countries I was blocking, and it wasn't working anyway.
Is there some other way? Like after 3-5 404's in under 1 minute block the requesting IP for 30 minutes, or something similar? I've searched everywhere and can't find a script to do this...