We've just had another apparent brute force attack on our software download system, which uses HTAccess. This time, 9998 attempts were made by the same IP address, but all failed. Usernames ranged from things like "member", "visitor" and "private" through to crude language and pornographic references. In some respects, it seems to have been more intended as an annoyance than anything. Last time it was only 99 attempts, and someone on this forum pointed out that it could have just been Gozilla making a download attempt (and that seems by far the most likely case). But this time it was IE that was used.
I'm wondering if there's any course of action that we can take. We know the IP, but is it possible for us to contact our host and somehow ban access from that IP or something? And I'm not really sure if it's a big deal. Nearly 10,000 attempts seems big to me, but for all I know that could just be a petty attack. It may have even been intended as a DoS attack for all I know.
Anyone know much about this sort of stuff? I'm no expert on it.
