Danny B. wrote:
In my 404 log I often see various hacking and spamming attempts looking for known website weaknesses.
I would like to propose to totally block such IP addresses from accessing Toolserver.
What do you think about such approach?
Nearly every Web site on the Internet experiences constant "attacks" from bots and scripts. Some try exploiting weaknesses in SSH, others try exploiting weaknesses in server-side code (XSS), and still others try to exploit weaknesses in the Web server software (Apache, ZWS, etc.) or whatever else is possible exploitable. The answer is to these attacks is to write and run secure code. Attempting to play cat-and-mouse games with the infinite number of possible attackers is a very bad and costly approach.
If load becomes a problem (denial-of-service), it becomes a different matter, of course. But it's generally not worth sysadmin time to block such attacks unless (and until) they're actually problematic.
MZMcBride