Hi Anonymous,

If it's always the same IP, then you should definitely talk to your ISP about blocking it before it even reaches your server. Stopping it at that layer is much more efficient.

Since you say you're already capable of redirecting the attacker's IP, then redirecting it to as small a file as possible should reduce your bandwidth consumption. Also, 50 times a day isn't really that much, I've had a far worse number of requests on one of my servers - and if the attacker isn't getting anywhere with their attempts, then the only thing to worry about is the attacker getting smarter :-)

Hope this helps,
-- Hauke D