This is a follow-up to a previous post about trackback spam.
I've noticed in my server logs that many spammers are still trying furiously to leave trackback spam at the default address. Since that address doesn't exist, they simply get 404 errors and try again. I already was using a custom error page, and now I've implemented a method to ban any IP address that repeatedly calls any script in the htsrv directory that generates a server error (e.g., 404 Not Found).
Here's the script: checkban. I call the function checkBan from my error document. I also intend to call it from other scripts (see BlockUntrustedVisitors) .
You'll also need to add something like the following to your .htaccess file to use this custom error page:
ErrorDocument 400 /blog/error.php?400 ErrorDocument 401 /blog/error.php?401 ErrorDocument 403 /blog/error.php?403 ErrorDocument 404 /blog/error.php?404 ErrorDocument 500 /blog/error.php?500
My forum post: here.