Title: htaccess not blocking spam/IPs Last modified: August 21, 2016 --- # htaccess not blocking spam/IPs * [chris32lr](https://wordpress.org/support/users/chris32lr/) * (@chris32lr) * [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/) * Hello all, * My website is running on IIS7 on SBS 2008. The blog is setup as domain.com/blog. I have the .htaccess file located in the domain.com/blog directory with the following: * # Protect from spam bots RewriteEngine On RewriteLog C:/inetpub/wwwroot/mydomain.com/blog/rewrite_log.txt RewriteLogLevel 2 RewriteCond%{ REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .wp-comments-post\.php* RewriteCond%{ HTTP_REFERER} !.mydomain.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule(.*) ^http://%{REMOTE_ADDR}/$ [R=301,L] * # block ips Order allow,deny Deny from 216.152.251.6 Deny from 36.250.178.161 Deny from 199.15.234.44 Allow from all * # BEGIN WordPress * However, I’ve tried adding IP addresses of people outside the LAN to test and they are still able to comment. I also have nothing in the rewrite_log.txt file notifying me that it’s working. * Any suggestions? Viewing 4 replies - 1 through 4 (of 4 total) * [Clayton James](https://wordpress.org/support/users/claytonjames/) * (@claytonjames) * [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/#post-3951205) * .htaccess is not a valid file extension when using an IIS server. An .htaccess file will be ignored in a Windows server environment. * Thread Starter [chris32lr](https://wordpress.org/support/users/chris32lr/) * (@chris32lr) * [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/#post-3951221) * Understood. I’ve tried using the IIS URL rewrite module but it doesn’t work for the above script. Any other suggestions? * Thread Starter [chris32lr](https://wordpress.org/support/users/chris32lr/) * (@chris32lr) * [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/#post-3951229) * I downloaded and installed helicon ape. Within the httpd.conf file inside helicon, I have this: * RewriteLog “C:\Program Files (x86)\Helicon\Ape\rewrite.log” RewriteLogLevel 9 * And my .htaccess file says: * # Helicon Ape version 3.1.0.113 * # Protect from spam bots RewriteEngine On RewriteLog “C:\Program Files (x86)\ Helicon\Ape\rewrite.log” RewriteLogLevel 2 RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .wp-comments-post\.php* RewriteCond %{HTTP_REFERER}!.* mydomain.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) ^http://%{ REMOTE_ADDR}/$ [R=301,L] * But still nothing showing up in the log as my “comments” continues to be spammed. * [sonalsinha21](https://wordpress.org/support/users/sonalsinha21/) * (@sonalsinha21) * [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/#post-3951303) * Hi Chris, * You need to set up web.config as i suppose instead of .htaccess. * There are many plugins to block spam for comments. Also try using a comment captcha plugin. It should reduce spam by a lot of margin. Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘htaccess not blocking spam/IPs’ is closed to new replies. ## Tags * [htaccess](https://wordpress.org/support/topic-tag/htaccess/) * [IIS7](https://wordpress.org/support/topic-tag/iis7/) * In: [Localhost Installs](https://wordpress.org/support/forum/localhost-installs/) * 4 replies * 3 participants * Last reply from: [sonalsinha21](https://wordpress.org/support/users/sonalsinha21/) * Last activity: [12 years, 9 months ago](https://wordpress.org/support/topic/htaccess-not-blocking-spamips/#post-3951303) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics