Here is an interesting thread at WMW:
I need to ban a country using htaccess
Note the following posts:
[list][*] Key Master: You've got a big job ahead of you :). I'll start you off with the first IP block (using the SetEnvIf method).
SetEnvIf Remote_Addr ^61\.[0-3]\. ban
<Files ~ "^.*$">
order allow,deny
allow from all
deny from env=ban
</Files>
[*] BjarneDM:
In my experience in observing these scans for formmail, they are not based on an analysis of your website - they just try different IPs until they get a positive response when looking for [fF]orm[mM]ail.[cgi¦pl] in either cgibin or cgi-bin.
Thus, there are three very simple defenses against these scans:
- use the latest version of formmail
- rename the cgibin folder into something random like eftesfge
- rename formail to something either random or descriptive like OrderMail
[/list:o:3e92d4edbc]
DownLoad FormMail.
Related link:
Project BanBots
Also note the excellent tools at
DnsStuff, like
CIDR/Netmask that calculates CIDR ranges.