Hi, thanks for posting here.
To clarify this feature does not block broken URLs, a person who types in view=clck rather than view=click is not going to be blocked, instead they'll see a blank page inside your general template. This feature is designed to block the IP addresses of visitors with malicious intent, not users making mistakes.
Is the email notification of a hack attempt being received? If the setting is enabled then the email will be sent regardless of if the IP has been blocked.
Yes, to block an IP address automatically you will need the permission set to 666 on the .htaccess file in your root folder. If you do not have a .htaccess file, create one (leaving it blank is fine) and set the permission to 666.
I just blocked myself on your Basic site however your htaccess file is set to read, not write, so I was not actually blocked but you should have received an email telling you my IP (107.14
) and the view variable if your email settings are correct.