A blog-spam notification e-mail sent by MT-Blacklist conveniently contains a link to de-spam the according comment. Unfortunately, all URLs start with “http://”, meaning that the request (and hence your credentials) are sent as plain-text. To force using HTTPS (encrypted HTTP) for anything related to MT-Blacklist, you can add the following line to your Apache configuration (this is an example, adjust it to match your server layout):
<VirtualHost 192.168.1.6:80> # other redirects here Redirect permanent /cgi-bin/mt/plugins/Blacklist https://news.numlock.ch/cgi-bin/mt/plugins/Blacklist </VirtualHost>
and restart Apache (for Apache2 on Gentoo: “/etc/init.d/apache2 restart”)