I woke up early this morning to a high load alert email from my server. It was a DOS attack (a good alternative to coffee/cafeine for waking you up). So I starting looking at logs and I was being hit from hundreds of different IP's. Instead of trying to block each and every IP, I noticed that they were all using the same Agent name. Okay, so I will just block the Agent name but how do I create a rewrite with such a long string? I went to this site http://incredibill.me/htaccess-block-user-agent and entered the agent string and it generated exactly what I needed. Entered the rewrite in my .htaccess and bye-bye DOS attack. Yes, I suppose I might be blocking a legit visitor or 2 but after a few days I will remove/comment out the rewrite.
I just thought I would mention it here in case anyone needs a quick easy way of stopping an attack.