I maintain a server with sendmail and apache. At the moment I maintain a
list of banned top level domains and subnets using tcpwrappers
(/etc/hosts.deny).

I've twigged that apache does not use tcpwrappers :-(

I've tried using apaches own access control mechanism but it doesn't seem
to be reliable. If I ban my own domain by IP then it works, but banning
top level domains does not seem to work.

For example:

I get log entries with .ru domains as the host
[27/Dec/2007:11:38:04 +0000] boyard2.utk.ru - - "GET /readwriteconfig.cgi HTTP/1.0" 200 9729

But httpd.conf contains:

Deny from .ru

In an ideal world I would like apache running with tcpwrappers, does
anyone know of a way ?

Cheers,
Jon