Hi,

I am trying to deny a bot from my weblog. My .htaccess file has the following first few lines....

# Last Update 24 Dec 2006

Deny from 66.139.XX.30
# 9 Jul 2006
Deny from 72.232.XX.253
# 24 Dec 2006
Deny from 81.95.XXX.66

Where X's are replaced with real numbers. Why is the last deny statement not being accepted? I note in my log files that it is still getting through.

What I have done is to rename the files it is trying to access, so it is doing much anyway. But I am curious as to why it is NOT being stopped by the .htaccess file.

Thank you.

Happy Holidays! :smile:

The denied IP will be logged as a 403 if forbidden, 200 if the file is downloaded. Is it actually getting through as a 200?

Hi Andi,

Thank you for responding. It's actually getting recorded as a 404. I made two changes at nearly the same time. One was the .htaccess file to deny, and the second was to rename the files it was accessing. It got through after the simple deny command, because I had to clean out some spam. The renaming trick seemed to freeze it dead in its tracks. I am just curious as to why the deny command isn't working.

Best regards,
Kevin

Happy Holidays. :smile:

I think I might have figured this out. I have my blog .htaccess file in a subdirectory off the main www directory. The bot goes right to my cgi-bin, bypassing the subdirectory. If I place a .htaccess file in the main root, www, do I still need to include a .htaccess file in my cgi-bin to stop this bot?

A .htaccess file in your /www folder will not affect the cgi-bin.

You need to either also place a .htaccess within your cgi-bin (I believe this works...you can test for yourself if you like), or I know for a fact that placing the .htaccess in your /xdomain folder above the /www folder will control both your /www and subfolders as well as your cgi-bin.

Hi Sheila,

That information was helpful to me. Thank you. :-)

Happy Holidays.

Best regards,
Kevin

:yeah:

Hope you're enjoying the Holiday Season also.

Happy New Year!
:QTparty: