I have a simple question: What are the different ways of banning people from a secure (https) website? In other words, what are the ways of identifying a computer via the internet? IE: IP bans, MAC address bans (even though that isn't really possible as the number is local), or Physical Address Bans.
Any help is appreciated,
Thanks for your question.
You can ban based on a single IP example 18.104.22.168 or IP blocks like 123.123.123.*. This can all be done in the .htaccess file. If you search you should find plenty of examples. http://www.google.com/search?q=block+ip+.htaccess
You can also block an entire country. I've found this site helpful http://www.blockacountry.com to list all of the IPs associated.
You can also ban based on UserAgent. So if people are coming to you with a blank UA, then you may deem that they're up to no good so you can ban them.
Keep in mind that the bigger your .htaccess file is the more the load will be on your server as each request has to process.
If you decide to ban based on UA or IP, I'd list the UA's first since that list will be shorter to process.