Dos Attack

I woke up early this morning to a high load alert email from my server. It was a DOS attack (a good alternative to coffee/cafeine for waking you up). So I starting looking at logs and I was being hit from hundreds of different IP's. Instead of trying to block each and every IP, I noticed that they were all using the same Agent name. Okay, so I will just block the Agent name but how do I create a rewrite with such a long string? I went to this site and entered the agent string and it generated exactly what I needed. Entered the rewrite in my .htaccess and bye-bye DOS attack. Yes, I suppose I might be blocking a legit visitor or 2 but after a few days I will remove/comment out the rewrite.

I just thought I would mention it here in case anyone needs a quick easy way of stopping an attack.

What was the agent?

Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_4) AppleWebKit/600.7.12 (KHTML, like Gecko) Version/8.0.7 Safari/600.7.12