dscotese Posted November 10, 2005 Posted November 10, 2005 I've whittled my .htaccess file down to this: ># -FrontPage- IndexIgnore .htaccess */.??* *~ *# */HEADER* */README* */_vti* #<Limit GET POST> #order deny,allow #deny from all #allow from all #</Limit> <Limit PUT DELETE> order deny,allow deny from all </Limit> #AuthName www.consensusseekers.com #AuthUserFile /home/consens/public_html/_vti_pvt/service.pwd #AuthGroupFile /home/consens/public_html/_vti_pvt/service.grp DirectoryIndex index.php index.html index.htm default.htm ##EE Spam Block SetEnvIfNoCase Referer .*adrugsforyoubabe.* BadRef SetEnvIf Referer ".*(www\.litmocracy\.com).*" GoodHost SetEnvIf Host ".*(www\.litmocracy\.com).*" GoodHost order deny,allow deny from env=BadRef deny from env=BadIP allow from env=GoodHost ##End EE Spam Block However, cPanel last 300 visitors still shows hits from referers with adrugsforyoubabe in the URL. TCH's Jessica Jose suggested that something was wrong with my file before I whittled it down. Is there something wrong with this new version? Any help would be appreciated. Quote
TweezerMan Posted November 11, 2005 Posted November 11, 2005 Welcome to the forums, dscotese! I believe this line is your problem: >SetEnvIf Host ".*(www\.litmocracy\.com).*" GoodHost The server variable HOST will contain the domain name that is serving the page. Assuming that www.litmocracy.com is in fact the domain name for your site, HOST will always contain 'www.litmocracy.com', and the environment variable 'GoodHost' will always be set. The 'order deny,allow' line in your .htaccess file tells the web server to process all Deny directives first, then process all Allow directives. A request that does not match any Deny directive, or does match an Allow directive, will be granted access to view your site. With the following Allow directive in your .htaccess file: >allow from env=GoodHost ...and the fact that GoodHost will be set on every page request, every page request will be allowed on your site (i.e. no one will be blocked). I'm not sure what purpose the 'SetEnvIf Host' directive serves in your .htaccess file, so I'd suggest removing it. Quote
dscotese Posted November 11, 2005 Author Posted November 11, 2005 Thanks guys, I placed a hash (#) in front of the SetEnfIf Host line to comment it out. The requests still show up in the list, but "size" is '-' so I guess that means it was blocked right? I guess I'll see my bandwidth go down a lot now. Thanks! Quote
TweezerMan Posted November 11, 2005 Posted November 11, 2005 You should look at the "Http Code" for these entries. If access is indeed being blocked by your .htaccess file, the "Http Code" should be 403 (which is the HTTP status code for 'Forbidden'). The "Size in Bytes" doesn't necessarily have to be ("-"), as the server can serve a custom 403 error page in response. Quote
dscotese Posted November 11, 2005 Author Posted November 11, 2005 You should look at the "Http Code" for these entries. If access is indeed being blocked by your .htaccess file, the "Http Code" should be 403 (which is the HTTP status code for 'Forbidden'). The "Size in Bytes" doesn't necessarily have to be ("-"), as the server can serve a custom 403 error page in response. Yep, 403 it is. Thanks. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.