Most of my sites are been hit today with sql injection attempts all using user-agent NV32ts From a quick google it looks like it may be related to Conficker ? I have added the line below to my .htaccess file SetEnvIfNoCase User-Agent "^NV32ts" block_bad_bots Deny from env=block_bad_bots Code (markup): Can anyone confirm that what i have added should block it... i am reasonably sure it should. Thanks. vagrant