I tried both of the following methods to block an ip address, but neither worked. In .htaccess, I put:
Order Deny,Allow
Deny from 123.123.123.123
and
RewriteCond %{REMOTE_ADDR} ^123.123.123.123
RewriteRule .* /maintenance.html [R=503,L]
(I do have the mod_rewrite module installed). In both cases, I put the rules at the top of the file so that it would be the first rules executed.
After each one, i did an apachectl stop, then apachectl start. In both cases, when i monitored my site with the server-status module, the ip address was still there, with sometimes more than 30 requests, and all for the same page, which was ..../login.php. And it continued to be there for the next 30 minutes until it just dropped off, but i was doing nothing to stop it at that point.
This method of blocking has worked for me in the past.
Is it possible for someone to bypass my blocking method(s)? Or is there something more I need to do?