Anyone who has managed a web server over a year ahs no doubt experienced the annoyances of automated botnets. For the past few months I have been banning the IP's to show up in my logs resembling this one:

BEFORE
71.121.4.197 - - [16/Jan/2008:23:38:59 -0600] "GET /viewone.php?id=http://laudanskisucksss.chat.ru/placeholder/image? HTTP/1.1" 200 221 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Window
s NT 5.1; .NET CLR 1.1.4322)"

The bold part is an invalid request. Over the months I have gone from banning an IP every other day, to nearly a dozen IP's in a matter of hours. Botnets are known to span thousands of computers... even millions. I have given up on banning IP's, and have adopted a new stragety of forbidding such requests immediatly - ensuring the PHP script never so much as recieves the query string.

AFTER
71.121.4.197 - - [16/Jan/2008:23:38:59 -0600] "GET /viewone.php?id=http://laudanskisucksss.chat.ru/placeholder/image? HTTP/1.1" 403 221 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Window
s NT 5.1; .NET CLR 1.1.4322)"

Notice the underlined parts of before and after.

200 = Request Accepted
403 = Request Forbidden

For those curious on how you two can do this, it is a simple change to your httpd.conf file on Apache.



You should be familar with at the least, the basics of mod_rewrite before applying that change. ;-)
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html#RewriteCond

私は日本語を少し読むと書くをできます。あなたも？