hi guys,

The spams i got were increasing these days, so i am going to take care of them now. but i was confused about the instructions in the admin panal.

under options->spam control menu, i see there lists with codes, then when i click 'update all banlists', I get a new list and above the list it reads, 'Copy the code below (CTRL+A and CTRL+C in Windows) and paste it into .htaccess file of your website to ban spam IPs and referers.'

i'm confused about where is my .htaccess file.
there's actually no such file in my directory.
do i need to create one? if yes, where should i do that?

thank you for your help.
i've searched the forum and got no answer, so i post it here.

If you dont ahve it then make it and place in root directory of your pixelpost installation.

thank you for your replay/
what should i name the file? '.htaccess' or something like 'abc.htaccess'?

Just .htaccess

as i can't create a file without file name in windows, i've created a file named abc.htaccess and then uploaded it to the server. then i renamed the file to .htaccess, it worked, but the file disapeared.
it's very strange, do you know what should i do?

thanks :)

it did not disappear, but files with a dot at the filename are "system files" and so by default invisible in the ftp-programm

set the options to "show all files" or "show system files and hidden files as well" and you will see, it is there

I have the same question as rambohoho.

Are we talking about a standard .html file?

thanx conie.
and mikofox, i've solve the problem. it's not a html file. I followed the instructions on this site and solved the problem.
http://www.javascriptkit.com/howto/htaccess.shtml
I paste some critical steps here., hope it helps

".htaccess is the file extension. It is not file.htaccess or somepage.htaccess, it is simply named .htaccess

In order to create the file, open up a text editor and save an empty page as .htaccess (or type in one character, as some editors will not let you save an empty page). Chances are that your editor will append its default file extension to the name (ex: for Notepad it would call the file .htaccess.txt). You need to remove the .txt (or other) file extension in order to get yourself htaccessing--yes, I know that isn't a word, but it sounds keen, don't it? You can do this by right clicking on the file and renaming it by removing anything that doesn't say .htaccess. You can also rename it via telnet or your ftp program, and you should be familiar enough with one of those so as not to need explaining.

htaccess files must be uploaded as ASCII mode, not BINARY. You may need to CHMOD the htaccess file to 644 or (RW-R--R--). This makes the file usable by the server, but prevents it from being read by a browser, which can seriously compromise your security. (For example, if you have password protected directories, if a browser can read the htaccess file, then they can get the location of the authentication file and then reverse engineer the list to get full access to any portion that you previously had protected. There are different ways to prevent this, one being to place all your authentication files above the root directory so that they are not www accessible, and the other is through an htaccess series of commands that prevents itself from being accessed by a browser, more on that later)
"

Thanks all. It took me a while to find this. This is something that should probably be posted in the wikki under 'security'.