Recently I had an application on apache become the victim of bot spam. As a good
measure and to be proactive, I set out to implement the same protection on a
Windows Server running IIS 7.5.
The web is something on the order of 60% bot traffic, many of
