Etanisla

I've ransacked the forums already, and understand that scripts and the like run as "nobody", and that any files they may create are chown'd as "nobody". But in doing a WordPress upgrade / winter cleaning, I find that many files that I had manually uploaded have been chown'd to "nobody" and I am now unable to delete them, change ownership or permissions. These are not the output of scripts, nor are they modified by any scripts, but are static files. Will I need to submit a help desk ticket to have all my files chown'd back to me? How/why were the files changed in the first place?

Imagine my surprise when I'm reviewing logs, and find someone getting a 200 on (mysite)/cgi-sys/guestbook.cgi. I don't have a guestbook (I thought). Never installed the guestbook scripts. Don't even want the script availble to poke at. I cleaned out everything in my /cgi-bin already, but the guestbook.cgi is still publicly accessible. Went through cPanel, and verified that there were no databases that I didn't explicitly create. How can I remove this? (How was it installed?!)

Keep in mind that robots.txt will only stop those bots that actually pay attention to it. All the big search-engine bots (M/Y/G) will abide by robots.txt. However, there are some that will not abide by robots.txt, and will sometimes _start_ their crawl in the very places you just made off limits. So keep an eye on your logs, and be prepared to ban by user-agent (and/or IP) in your .htaccess should a rogue bot come your way. (Sorry if I've reignited a worry. But I've learned this the hard way.)

Made the change last night, along with a few other experiments on different spamdomains. ^spamdomain.com didn't work... but >^http://(www\.)?.*(-|.)spamdomain.com.*$ did work. Time to study regular expressions again.

Doesn't the "^" mean "must start with"?

After reading many helpful posts about using .htaccess to block bad refers, I almost understand it. Except... I'm trying to block (for example) ://random.spamdomain.com by using >RewriteEngine On RewriteCond %{HTTP_REFERER} ^http://(www\.)?spamdomain.com.*$ [OR] RewriteRule .* - [F,L] But that didn't work. It will only block ://www.spamdomain.com or ://spamdomain.com. If the spammer adds a subdomain to it (or in the case I'm thinking of, two) like ://random.stuff.spamdomain.com, then it gets through. What am I missing? I feel like I'm just one character short of enlightenment here...

annie, You may just want to go ahead and ban all of Atrivo's network. I've had two from their network always picking on me, and after my "Master Spambot" post, I've received quite a few emails from others that claim other IPs on Atrivo are also master-bots but Atrivo won't do anything about it. --Etanisla

In that case, I'm not going to kick dust. The only people complaining (so far), are the spambots and myself. And my problem is more cosmetic that functional. I'm just not getting the acknowledgement page when I change options, but the changes are made anyway. I'll keep logs of the IPs that get 406 errors, and sit tight for now. I'd rather the MT folks get that reprieve from the spambots. Death to spambots!

I've suddenly started getting 406 "Not Acceptable" errors from some pages in my site. I haven't changed any language settings, nor made any changes to the WordPress blogging engine. I've googled the error, but all the fixes I've seen apply to Apache 2.x, so I'm not quite sure what to check next. Any ideas?

Having whipped up a quick chatroom gateway using the Entropychat code supplied in cPanel, I've been alerted to a curious problem. Win-boxes and Tux-boxes can access the chat room just fine. Macs, however cannot. Is there a "gotcha" that I've overlooked? I haven't altered the entropychat code, I just copied and pasted from cPanel to my HTML. Short of asking the Mac users to check their firewall/av (do Macs use an anti-virus?) and javascript settings, I'm at a loss...

I keep getting a automatic notification that my system has been sending a worm to a mailing list. The notification even is so kind as to sent the headers including the time stamp. I'm waiting for a real live person to email me about it, so I can point out that during the time in question, it can't possibly be my system, because during that time, my system is shut down for the night! Yes, joe-jobs (spoofed return addresses) are quite irritating.

Oh, the specific problem that led me on the wild goose chase: My blog Carelessthought.com will send to etanisla@gmail.com an automatic notification if someone leaves a comment. The blog uses my personal email [something] at etanisla.com as the return address. Because etanisla.com doesn't have an SPF record authorizing carelessthought.com to use etanisla.com's domain name as a return address, Gmail flags it as a possible spoof and disables links in the email, and warns me that it may start flagging it as spam in the near future. I know, I could just change the admin's email address on the blog and be done with it. But Gmail is rumored to start flagging all non-SPF domains as suspect in the near future. I email with a lot of Gmail receipients and I don't want to be caught short when it happens.

Yay! Excuse me while I do the happy dance... Rock Sign So that means I won't have to move my hosting or my email services They can stay right at TCH where I've been getting great service this whole time. And when the 60 days are up, I'll just move the domains to TCH because I like getting straight answers anyway! I already know the exact string I need, but trying to find out how I can get it done has been... Mad!!! Thanks much, you just re-validated why I chose and recommend TCH!

"...done for them" ... how? I'm asking because I have a blog on a domain that is hosted by TCH. But the domain is registered with someoneelse. The point of contact email is with Gmail. Because I don't have a SPF record setup, Gmail screams fits everytime my blog sends an admin email to my Gmail account. I just spend the weekend changing registrars to someoneelse-over-there that had advertised "we let you edit spf records!" Only to find that the gotcha was that I had to have my hosting and email services with them as well. I'm not moving my hosting from TCH, no-way, no-how. So, now I have 60 days to research (like I shoulda done before this weekend, oh well) a registrar that will let me edit my SPF record as I please, without forceing me to move my hosting and email services. So my pre-sales question is: Will TCH's registrar's services allow me to edit my DNS TXT records by hand to allow me to enter SPF records? (edit, added pre-sales question)

I'm looking around for a domain registrar that will let me add SPF records to my domain without forcing me to have my hosting and/or email services at that same registrar. (I'm quite happy with the hosting and email services provided by TCH, and I don't want to move!) Of course, if TCH can let me have my cake and eat it too, that will be a good thing...