Have any of you got any experience with using
Bad Behaviour on your websites? It's a system, primarily developed as a Wordpress plugin but also adaptable to other content management systems, that examines Http requests to see if they're malicious, and from the software's own blog, it appears to be very effective.
Currently, very little spam makes it past my filters, but about 20% of all hits to the content management system that runs
Rogues of Clwyd-Rhan are in some way malicious - attempted comment spam, referral spam, various script kiddie tricks. I'd like to conserve the wasted bandwidth and computer cycles, and keep those requests out of my statistics. Also, the vast majority of all searches on my blog are from blog spammers inserting their links into any web form they can find. It's a big problem that could risk bringing down my website again.
If you run Wordpress, you may need this or already have it; but I'm most interested in hearing from people who got it to work with software other than Wordpress, which it may not do out of the box.
I'm no PHP programmer, but I've got access to a good one.