Bad Behavior 2 - Extension
Development and Programming
ok
bad behavior is working with spam bots. but when i uninstall the blacklist module what happens with the “normal” spam which was and is from a user? with bad behavior i can not block his ip. or?
There is a link to the Bad Behavior website where you can find more information about how it works.
I installed this extension and when I try to change settings I am presented with three different Yes/No toggles but no description of what I am toggling for each one.
I’m guessing the options are:
* log_table: The name of the database table Bad Behavior should use. This is set by default for all platforms and should not be changed unless you are porting Bad Behavior to a new software package.
* display_stats: When this option is set, Bad Behavior will display statistics in the footer of your web pages. (Currently works only on WordPress.)
* strict: Enables strict mode blocking. When turned on, certain types of spam will be blocked, but legitimate corporate and government users may also be blocked. This is off by default.
* verbose: Enables logging of all requests received. When turned on, the details of every HTTP request Bad Behavior processes will be logged to the database. When turned off, only blocked requests, and a few legitimate but suspicious requests, will be logged. This is off by default.
but it is not stated anywhere on the actual settings page.
Etan - Do you see the documentation link for the extension?
Yep, I see the documentation link (thats where I got the options from).
Exactly.
OK, so here’s an initial report on how it’s going:
Installation was, of course, a snap and I currently have the “strict” option turned off. I had turned trackbacks off on my blogs so I went ahead and turned them back on to see how well this works. Removed the ReWrite rule I had put in my .htaccess file to block trackbacks before they ever hit my blog and deinstalled the Blacklist.
Within 10 minutes of trackbacks going live again I received my first trackback spam. I deleted it and left things as they were to see how bad it might get. Over the nighttime hours up until this posting I received 4 more trackback spams and none of them were duplicates. That’s not too bad all things considered. The reason I turned off trackbacks was because in the past when one managed to make it past the blacklist it usually ended up turning into a couple of hundred duplicates spread over dozens and dozens of entries. I don’t know if these spams weren’t duplicated because of the Bad Behavior extension or because they spammers all only bothered to spam a single entry before moving on, but I can live with cleaning up a handful of trackback spam as opposed to the tons I was getting in the past. If I were to turn the Blacklist back on it might be even more effective. Also, as I mentioned previously, I’m not currently using the “strict” option so turning that on may have eliminated the 5 I got last night. I’m going to leave things as they are for now and see how things go throughout the day and then perhaps I’ll try turning on the strict option later this evening.
One odd thing, though, is that two legitimate bloggers have tried to trackback ping my entry about the extension and have gotten forbidden error messages.
As for comment spam, I’ve not had a single one yet, but that could just as easily be due to the captcha requirement for non-members I have in place. I’ve not gotten any emails from anyone saying they were unable to comment on my blog since the extension went in.
Lastly, it doesn’t appear that the extension does anything in regard to referrer spam and I’m assuming that has to do with a difference in how sad spam is generated. Not a big concern, but just thought I’d mention in passing on the off chance it’s supposed to. Hope this helps.
Whoops, just noticed that I’ve received two more trackback spams in the time that I wrote this reply. Both are singular spams with different IPs and URLs. So that brings the total up to 7.
Another short update:
I’ve turned trackbacks on my blog off once again. While the spam that was coming in never hit anything close to the deluge we’ve had in the past – it was mostly one or two spams every hour or so – it was consistent enough to make it annoying. This was even after setting it to “strict” mode around 10:00 this morning.
Not sure how to judge the extension at this point. It seems like it kept trackback spam to a minimum, but wasn’t able to eliminate it altogether and, unlike the Blacklist, it has no way of adding new spammers to its blocking system. In combination with the blacklist it would probably be pretty effective, but the idea was to eliminate the need to maintain a huge blacklist (and SEB’s is quite huge).
No comment spam to speak of, but that’s never been a big problem with EE so that’s not a surprise. Not sure what to try next. 😊
Les, Have you relayed this to the fellow that does the core code for Bad Behavior? I’m sure he’d be interested in knowing; at least based off the posts on his site about it.
Not yet, been a busy weekend, but I’ll be sure to forward the info to him.
I got the following error message (on a blank page) after I submitted a comment to a blog (using the default installed template group). But the comment was successfully posted. The same happens with Firefox 1.5.0.4 and Safari 2.0.4, being logged in or not. The issue seems cookie related - Control Panel Session & User Session Type are set to Cookies only. Both browsers are set to accept cookies. The extension’s settings are the default one. EE build is 20060620.
(I made bold the important parts.)
Notice: Undefined variable: screener in /home/web/ee/system/extensions/bad-behavior/post.inc.php on line 32 Notice: Undefined variable: screener2 in /home/web/ee/system/extensions/bad-behavior/post.inc.php on line 32 Warning: Cannot modify header information - headers already sent by (output started at /home/web/ee/system/extensions/bad-behavior/post.inc.php:32) in /home/web/ee/system/extensions/bad-behavior/screener.inc.php on line 8 Warning: Cannot modify header information - headers already sent by (output started at /home/web/ee/system/extensions/bad-behavior/post.inc.php:32) in /home/web/ee/system/core/core.functions.php on line 651 Warning: Cannot modify header information - headers already sent by (output started at /home/web/ee/system/extensions/bad-behavior/post.inc.php:32) in /home/web/ee/system/core/core.functions.php on line 293
PS : Not sure I should have posted in the Bug Report forum.
These are Bad Behavior errors, so you should report them at the page mentioned in the download’s README.txt file.
Pretty strange stuff. BB’s dev says the bug comes from a piece of code that isn’t currently used, and that the rest is due to PHP verbosity… Also, the shared web hosting where I’m testing this has display_errors setting in php.ini set ON by default, which explain why I’m the only one reporting.
Another topic : Would it be a good idea to have the extension inactive for logged in members ?
Ah, well, I cannot disagree with BB’s dev as I have not pulled his code apart nor have the time to do so. Still, it is being triggered somehow…
Possibly, but it is only a matter of time before someone creates a smart enough bot that can login and post.