Block an IP in Coldfusion

try these steps
Log into the .htaccess Editor, and then click Block IP Addresses.
Select the directory from which you want to block access. ...
To add a new IP address or range, enter it in the designated field.
Click Save to save your settings. ...
To delete an IP entry, click the delete icon in the Blocked IP Addresses/Ranges table.

OR this link

http://www.serverintellect.com/support/windowsserversecurity/restrict-ip/

I would not rely on CGI variable because they can  easily be  manipulated. But as general rule I would  use the suggestion

Thanks for the Coldfusion solution; I could get the .htaccess solution to work.

@Gregory Ambrose - You have several options depending on the environment you are working in. For example,

Yes, you can leverage CF to block specific IPs or range of IPs. However, you have to maintain the list if the IP changes.

@LajuanTaylor

The site faces the public on a windows server provided by a hosting company.

@Gregory Ambrose - If you suspect malicious user(s) via Internet traffic, then your best defense might be to have your hosting provider block the suspect IP range. Sometimes the control panel tools for management of your site allow you to perform this task yourself.

In addition to @gdemaria solution, you could add an application enhancement that captures the client IP in a table after certain conditions are met. Then use some sort of UDF, OnRequest, code to automatically restrict site access if the IP address was logged...