And they’re back. The referral spammers, that is. After less than 24 hours of being shut out by the .htaccess script, they’re back in business. The comment spammers are back as well; the logs show them trying to access the mt-comments.cgi, getting bumped, then going into real posts, and finally ending up with the renamed comments script. And now they’re hitting full force again.

I ask anyone who knows: how can a referral for a URL be left on a site when that URL is blocked by htaccess? Furthermore, I block IP addresses in the same script, and the in my activity log I see the very same IP address hit my site minute by minute. They act as if the htaccess script just isn’t there, blowing right past it. How can that happen, and more to the point, how can it be stopped?

I hope I didn’t fall prey to a spammer posing as a commenter–someone posing as a kindred spam-sufferer asked for the sample of the htaccess script I wrote just a few hours before the script got bypassed… I may have been had.