The refer spammer scumbags have been at it all day. They have a new tactic which defies my strategy. Even after I changed to running my script twice an hour, which adds the IP addresses to my .htaccess file, it wasn’t helping. They were bursting, hitting me 100 times in a minute or two, and then moving on to a different IP address (probably an open proxy.)
I installed mod_throttle into my Apache instance, and set it to only allow 15 hits per minute for one IP address. I also changed the script to run every single minute, so now the most any specific IP address from a spammer can hit me is 15 times. It will either be locked out or added as a forbidden user before it can do more than that.
This crap sure is annoying, but ultimately is probably for the best. Now the mod_throttle will also prevent abusive crawlers and the like from hammering my websites. I just hope this doesn’t affect any legitimate users.