Alright, this is a kind of rare question, and I was wondering if anyone had some input.

Basically, I've been getting some malicious attacks on my IIS Web Server lately, and they can't punch through which is great, but as a precausion I'm manually banning each IP address that makes these attempts. Now, since IP spoofing isn't the hardest thing in the world, this isn't a real effective solution, and it's also time consuming.

I was just curious if Apache (Or any web server) had the ability to automatically ban an IP which attempts malicious attacks on the web server. Perhaps by passing each HTTP-GET string through a regular expression which defines a given "malicious attack". For instance, it could look for "cmd.exe" in the HTTP-GET string, and automatically ban the IP that tried it.

Right now I'm using IIS, but I'd entertain a different web server if I could get some sort of auto-banning happening here. I personally think that would rock.