Recent Topics

1 Mar 21, 2006 00:27    

I don't know if this has something to do with the recent upgrade from 0.9.0.12 to 0.9.1, but now, nobody is able to comment. I saw a similar post here http://forums.b2evolution.net/viewtopic.php?t=7278 - maybe it's related? I have removed the hack "User must be logged in to comment" http://forums.b2evolution.net/viewtopic.php?t=5343 but the problem persists.

What can the reason be?

Which file permissions may be relevant?

Thanks for your help!

PS: Try yourself http://www.antropologi.info/blog/anthropology/
(the error page is my customized 403 error page)

2 Mar 21, 2006 01:06

I've removed the htaccess, the error message is

You don't have permission to access /blog/htsrv.Yx3UVe/comment_post.php on this server.

edit: chmoded 777 for htsrv-folder and files, didn't help

3 Mar 21, 2006 01:23

Solved: The reason was this hack in the .htaccess-file blog folder

# Fix for comments
RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://antropologi.info/.*$ [NC]
RewriteCond %{REQUEST_URI} ^.*comment_post\.php$
RewriteRule .* - [F]

I've removed it, now it works :D

4 Mar 21, 2006 04:29

Nomad,

That "hack" in your htaccess is intended to block remote calls to your comment file. The idea is that IF a spammer is using automated techniques to leave SPAM comments (and sends referrer information - not all do), that UNLESS they're actually coming from YOUR domain ... they're PROHIBITED from leaving a comment.

In other words, if it's done correctly, it should HELP you (not keep normal people from commenting).

*I THINK* your problem might be that the HTTP_REFERER doesn't include the WWW part of your website name. (I noticed that your "please try yourself" link INCLUDED it, but your htaccess code says

RewriteCond %{HTTP_REFERER} !^http://antropologi.info/.*$ [NC]

This means that ONLY http://antropology.info is allowed (http://www.antropology.info isn't) ;)

Try adding this to your htaccess instead and see if it doesn't work. People should STILL be able to comment normally (which is HOW you know it "works"). The REGEX provides acceptance of EITHER http://www.antropologi.info OR http://antropologi.info


# Block remote calls to comment_post.php 
RewriteEngine On 
RewriteCond %{HTTP_REFERER} !^http://(www\.)?antropologi.info/.*$ [NC] 
RewriteCond %{REQUEST_URI} .*comment_post.php$ 
RewriteRule .* - [F]

Hope that helps. It's a nice anti-spam measure that shouldn't affect normal comments. ;)

Cheers,

5 Mar 21, 2006 09:53

Yes, that was the reason! Thanks you very much!

6 Mar 27, 2006 22:24

I found this error in users who have installed de Norton Internet Security...


Form is loading...