This is a compilation of info I found on various sites.
Add this to the end of your .htaccess file:
SetEnvIfNoCase Via evil-spam-proxy spammer=yes
SetEnvIfNoCase Referer evil-spam-domain.com spammer=yes
SetEnvIfNoCase Referer evil-spam-keyword spammer=yes
SetEnvIfNoCase Via pinappleproxy spammer=yes
SetEnvIfNoCase Referer semalt.com spammer=yes
SetEnvIfNoCase Referer semalt.semalt.com spammer=yes
SetEnvIfNoCase Referer poker spammer=yes
Order allow,deny
Allow from all
Deny from env=spammer
Drupal Modules I use:
ip_ranges - https://www.drupal.org/project/ip_ranges - Block entire range of IP's.
Additional Sites:
http://myip.ms/info/whois/ OR any other popular Whois database. I use this to see the range of IP's I want to exclude.
This process is a little long for me. Going through the logs and seeing what IP's are hitting bad URL's or protected URL's. Then find the IP range and enter into IP Ranges. I'd like to see a nice report that uses a Whois database to show where the requests are coming from.
I'm still looking for a better overall solution. For example, I've got to be able to put the rules somewhere in my Apache config to cover all the sites on my server, rather than configuring each one individually, I just haven't taken the time to do it yet. We'll see. :)
