I have been looking around and trying to work out the best way to protect a few websites of mine.
Appart from the obvious manual monitoring of the site logs and banning extreme/suspicious activity. I have seen many posts etc. about banning user agents. Is this a good route to go down? and would it be a better idea too, instead off banning known bad user agents, just allowing the common mainstream ones such as IE, FireFox, Safari and Chrome?
Not worth it.
The User Agent is sent by the client, and is trivial to forge. There’s a Firefox add-on that adds alternate UA options to the menu, for example. If the attacker is writing a script, he can specify whatever UA he wants.