Thread

I wrote one little letter about am male condition, that ironically, the EE blacklist here is keeping me from naming, and got hammered with comment SPAM. I kept downloading the blacklist, and even manually adding in the IPs of the spammers, but nothing was working.

I’m sure it’s blindingly obvious and well documented, but I couldn’t figure out what was going on.

I run MSM and was thinking that EE would use the htaccess file to block this stuff, but it’s Apache that does it (I’m guessing), so the fact that I had the file in my main site directory…well, guessing that was the issue.

It wouldn’t be so bad if I didn’t have email notification on. Every time I looked I had a half dozen emails telling me I had a comment, and this is like going to the mailbox, getting a lot of mail, but it’s all bills and crap! So I moved the file up a directory (so it covers all my sites), and it seems to be working now. So much quieter.

The world is a better place. Well, unless I am wrong on the way this works, but haven’t had SPAM in over 4 hours (a new record). And considering my main site never gets it, I am thinking this looks good!

Ok, what I wrote before is not working for me. I tried to consult the documentation, but am a bit unclear how the mechanics of the blacklist work. Does EE use the .htaccess file the is produced, or does it produce a file that is used by Apache?

Where exactly does this file need to reside? I moved it up a directory, but IPs I’m adding on my own keep showing up in the comments. If I have it in my master site, I seem to not be protected in my other sites. My understanding with .htaccess was that it works on all directories below the file.

Docs says, “You must have a .htaccess file at your site root,” but I run MSM, so which site? If it’s using Apache, can’t I just move it up a directory? That’s what I thought. But then what about, site specific things? Maybe it doesn’t matter, but docs say, “Also note that an “override” is included for any referrers that include your own server name (i.e. example.com) to make sure that there is no chance that you block your own site by accident.”

The htaccess file that’s being written only has a reference to my master site. I think this is working fine for me, and not a concern, but if later I want to have login areas for each of my sites….

Anyway, I have been getting spam hammered enough to make me want to shut commenting off. I’ve already had to do this for several posts.

I know it’s less efficient, but I am nearly ready to track down one of these IPs to it’s owner, get in my car, and go punch him in the mouth. I’m just saying, if we all did this…

EE will copy your blacklist to .htaccess, but it leaves it to the server to do the work.

I don’t use MSM but I do know that when I used a separate domain on my main site for my EE site, the blacklist was copied into the root domain of my whole hosting account, not for the domain on which the EE-run site would be found.

YMMV, I would imagine, depending on the hosting config your host uses.

I don’t get why it’s not blocking some IPs.

The .htaccess file resided above the folders that hold my domains.