[mod-security-users] Network Attack v2.8 and Referers

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,
I want to learn, if we can ban ips with certain log entries by
mod_security, for example, in the harvest part: "Network Attack v2.8".
Also, can we reject the connections to our server from certain
referers such as "www.sanaldarbe.com" , "www.tahribat.com" and
"www.tithac.com". If we can, then can you help us with this issue?
Thank you for your time and attention.

Log Examples: 

213.208.67.82 - - [09/Apr/2005:13:34:49 +0200] "GET /index.php
HTTP/1.0" 200 1177 "-" "FireFox - Network Attack v2.8 - fuck you"
212.405.32.11 - - [09/Apr/2005:13:34:49 +0200] "GET /index.php
HTTP/1.0" 200 1177 "-" "FireFox - Network Attack v2.8 - tithack"