It's hard to say exactly, not knowing much about your site.... My site is built on Drupal, and i use a few different methods: 1) block the account - the user can no longer log in with the account he created 2) Ban the IP(s) he uses. I do this with the Drupal Troll module, but you can also do it in your .HTACCESS file This works good until he starts using a proxy. For blocking proxies i use BadBahvior, which will block SOME proxies, and I also have a list of over 1,000,000 proxies and compromised servers that I block at the firewall - this makes it quite a chore to find a proxy that will work.. THEN, when he raises his head, I block that account and the new proxy he was using. Eventually they get bored and go away..
Thanks T! Basically it's a custom site, no script but it's packed with contact forms and effectively this user is spamming the contact forms. So if I trip block him by IP, How can I deny him access by .htaccess?
You can block an ip in your .htaccess file like so: order allow,deny deny from xxx.xxx.xxx.xxx allow from all Code (markup): Just replace xxx.xxx.xxx.xxx with his ip. As Tearabite said though, he may decide to get around it by using a proxy.