I've a site that sometimes receives many, unusual requests and want to block the requester. The session id is different for all requests but x-forwarded-for header is always the same.
Now, the x-forwarded-for IP I traced it with a geo-locator and it shows it is from a known ISP (Cox), so I can't just block all incoming requests from that ISP. The remoteAddress shows the address of MY load balancer.
Any idea what I can do to block this person without blocking all the ISP customers?
via Laerion
