Thread

I tried 666. Sorry, no difference.

All other options are written to the config.php? Wild guess, is your server running mod_security or other such software that might interfere? You might have to ask your host about that one.

I have now been in touch with my webhost, and we have carefully examined the mod_security log to see if there were any activities there when trying to modify the Banned IP Address list.

No registrations in the mod_security log. So the problem does not seem to be mod_security related.

Tricky this, isn’t it…?

// mWall

I don’t know if this is a subject for a new thread or if it adds to (or complicates) the picture. But on the same Banning page, you have the option of also banning e-mail addresses. I have *@yahoo.co.uk banned, because we get a lot of member spamming from there. But still spammers with this e-mail address can register as members. How is this even possible?!?

// mWall

I start a new thread with this question, as it seems to be a separate one.

I answered the other thread.. it’s a bug that’s fixed for the next release.

Back to the original question.. are you writing to the .htaccess file?

Back to the original question.. are you writing to the .htaccess file?

I’m not so sure how the system is set up. I sent you a PM with the contents of the current .htaccess file so you can judge for yourself it the problem lies there.

Cheers,

// mWall

My apologies. Your .htaccess file won’t be written to in this case.

So we’re back to perhaps a problem with mod_security or the like. Are you using it in any form?

This is what I wrote in post #17:

I have now been in touch with my webhost, and we have carefully examined the mod_security log to see if there were any activities there when trying to modify the Banned IP Address list.

No registrations in the mod_security log. So the problem does not seem to be mod_security related.

I don’t know if there’s any other way to check if mod_security is involved. If there are, please state specific questions I can bring to my webhost to find out if the problem lies with them.

Thanks,

// mWall

There are two ways.

See EEWiki:// HowTo Create a PHPInfo File

You can see the same thing inside EE - Tools > Utilities > PHP Info.

Look for the phrase mod_security.

You can see the same thing inside EE - Tools > Utilities > PHP Info.

Look for the phrase mod_security.

No mention whatsoever of mod_security in my PHP Info. (And safe_mode is set to “off”, if that setting has any bearing on this.)

As I said before, this seems to be a tricky one.  😖

// mWall

Hi mWall,

Do you have a config item for ‘banned_ips’ in your system/expressionengine/config/config.php file?

Cheers

Greg

Do you have a config item for ‘banned_ips’ in your system/expressionengine/config/config.php file?

Yes, I do. And its content corresponds to the list on the Banning page in the CP. And the config.php file have a 777 attribute.

// mWall

Hmmm.. Let’s have you remove those settings from your config.php file. Having them there means that EE doesn’t save them, it assumes you only want the ones in your config.php file.

Make sense? Thank Greg.. he figured it out.

Right. Thanks, Sue! So you just want me to delete that particular row in my config.php file? And those IP-numbers will still be in my database and show up in the list of Banned IP numbers?

Anyway, how come I have this line in my config.php? I sure haven’t tampered with it or put it there myself.

// mWall

EDIT: Yep, it’s working now. Thanks everyone for your help. Very discerning to track this one down. But it’s still a mystery how the line got there in the first place.

Glad you are up and running again. Feel free to start a new thread if you have any more questions