Suggestion to add block IP address option for each form

Consider the following:

The overwhelming majority of website attacks come from botherds, that is to say from infected computers being used by spammers in a distributed manner to attempt to hack your website for their own nefarious purposes. Most of those infected computers are home computers using ADSL to access the internet and very few of those computers will have fixed IP addresses, most will be on DHCP leases so their current IP address can change at any time. Blocking them will only be effective for a few hours at most and as many of the viri used to infect these computers know how to manipulate DHCP leases the block will most likely be effective for a matter of minutes before they are back on a new IP address. Their old IP will then be dished out to someone else.

Spamicide is effective at dealing with the simpler attacks that do not know about the hidden field. I have seen attacks that do recognise a Spamicide protected form and those know to avoid filling in the hidden field, fortunately they are (so far) pretty uncommon and can be thwarted by altering the name of the hidden form element, removing any mention of Spamicide from the source html etc. In the end they will give up and go and find an easier target.

Blocking IP addresses is an old fashioned method that is no longer the way to protect your site.

What if it just added the blocked IP address for an hour or a day? Then it would effectively prevent future spam attempts from that attacker for the short term, but would not fill up your blocked IP address list with random pwnd ip addresses or prevent the actual owners of those PCs from visiting your site after the specified blocked IP time is up.

Thoughts?

I 2nd this request to temporarily block IP's if for nothing more to help prevent them from hammering the site. an option to silently (no logging) block them would also be good to reduce DB hits.