We’re using Apache GeoIP to block access from a whole host of countries we a) don’t do business in and b) noticed were coming up regularly in the server logs (always attempts at hacks). It’s been a real success: by blocking China, then most other 3rd world countries (all of Africa) and Brazil as well we were able to cut down on attempts by over 90%. The biggest issue remaining is the US: we don’t want to block access to the US, but notice many of the remaining hack attempts come from there. My summary is we’ll just have to deal with this by hardening the site. It’s unfortunate that in the www you have to take such a drastic move as blocking a whole country from accessing your site, but it appeared on our site at least, that nothing but dodginess came out of these places. I’d like to throttle the people behind these attacks, but as that’s unrealistic, I’m content to block them from seeing the site. I know they can still get around the blocks with IP spoofers etc. but at least the automated bots are generally shut out - they work on simple, massed attempts at hacking: kind of like spam in general, of which these people are the human equivalents.