[JumpCrisscross]

> then blocked him from the other account after he said to not respond but got a page of text back

The point is the developer didn’t block “the author after seeing them link a blog post.” They received the disclosure and then blocked the author (on that account).

[evilDagmar]

The "disclosure" was a big waste of time. It was vague and ill-informed, nothing that came after seems to give the impression that they actually knew what they were talking about.

The only serious vulnerability that might have applied would have required the man to be using Apache as a reverse proxy to another server, which is just _extremely unlikely_ considering where it was hosted and what it was being used to do.

[firesteelrain]

So what? The guy probably feels harassed. He doesn’t know the author from Adam.