Someone has been using one of my XOOPS sites to route spam-mail through. The root cause is the old contact module. To stop the problem I've dropped Contact in favour of Liaise, but my server error logs are still showing multiple attempts via far east (korean, taiwanese, thai, malayan and chinese) ip addresses to connect to /contact/index.php directly. Is there a way I can

a/ turnaway anyone trying to connect directly to this file (it doesn't exist anymore) unless the request originates from my own site?

and/or

b/ automatically gather IP addresses of those trying to connect directly to the page and put them in a deny list in .htaccess?

As I say, I've stopped the spam mail, but now I'd like to go a step further and get a bit proactive.

TIA
Regards
Ashley

Have you got the protector module installed? You'd need to write a custom script to run on a cron job to automatically gather IP addresses and add them to a .htaccess file, but it most certainly could be done.

yes thanks, Protector is installed on top of XOOPS 2.0.13.2.

Any pointers on how I might go about writing this script?

regards
A