Bad Behavior 2.0.6 Test
Bad Behavior 2.0.6 is currently being tested.
Many of you have noticed the large upturn in spam flow in the past few weeks. Bad Behavior 2.0 to date has blocked much of it, but has not been able to block nearly as much of it as I would like.
I am currently testing a new spam blocking method which looks, for the moment, to be catching virtually all of the remaining uncaught spam which I am seeing.
I’m not releasing it immediately, though, so that I can evaluate whether it is generating any false positives, and if so, whether the affected users are able to clean their computers of the viruses and other malware which they contain, and whether this is sufficient to resolve the problem.
It will probably be about a week before I have enough data to be sufficiently satisfied with the false positive handling to put it out for general release, but so far I haven’t seen anything which would qualify as a false positive. It did catch one human being whose computer, it turned out, was sending out thousands upon thousands of e-mail and blog spams.
But if you’d like to get your hands on this code early, I am offering a pre-release package to anyone who has previously contributed financially at least $5.00 to Bad Behavior development (or anyone who contributes now). Just e-mail me and I’ll get your copy sent out.
Keep in mind that I haven’t fully evaluated whether the new code will generate false positives, though the preliminary results are that it should not stop anyone who isn’t actually sending spam, so keep a copy of the previous release around in case you don’t like it or have problems.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Bad Behavior Project Update
There’s no release of Bad Behavior this week, as no new bugs have been reported, and no new spammers have been blocked.
But there is a posting, because I am hard at work on a related project to identify and block more spammers before they can even send their first spam, and I need your help.
If you would like to help with this project, and you are running a high traffic blog getting a lot of blocked spam (or missed spam), you may qualify. E-mail me at badbots@ioerror.us with your blog address and an estimate of how much spam Bad Behavior blocks, and how much it misses, in any given day. If you’re only getting a small amount of spam, it’s probably not worth it; I’m looking for higher traffic sites.
You can also help by making a financial contribution. I develop Bad Behavior in my limited spare time, and every little bit allows me to devote more time to battling spammers.
Bad Behavior 2.1 and 3.0 Roadmap
When I released Bad Behavior 2, I noted that due to time constraints I was unable to complete everything on the roadmap. Most of that is because spammers have dramatically stepped up their activity in recent weeks and the new version provides greatly improved protection against their attacks. Part of it is that as an unpaid project, I can only devote so much spare time to it.
Now that Bad Behavior 2.0 has stabilized, it’s time to update the roadmap in preparation for the next minor (2.1) and major (3.0) releases.
Bad Behavior 2.0.5
Bad Behavior 2.0.5 has been released to provide small bug fixes.
New in this release (since 2.0.4):
- A bug affecting MediaWiki and ExpressionEngine users, and possibly others, caused database errors to be thrown when a POST request was received. This has been fixed. (I thought I’d fixed this previously, but apparently not. This one should fix it for real.)
- A couple of additional spambots have been identified and blocked.
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Bad Behavior 2.0.4
Bad Behavior 2.0.4 has been released to provide small bug fixes.
New in this release (since 2.0.3):
- A bug affecting MediaWiki and ExpressionEngine users, and possibly others, caused database errors to be thrown when a POST request was received. This has been fixed.
- A confusing entry in the generic code, which was causing PHP warnings for people who mistakenly used it without changing it, has been altered. The section of code, which users of the generic code are expected to change, referred to a variable which did not exist, and users who failed to change the code for their particular installation received warnings.
- A part of the housekeeping code which optimizes Bad Behavior’s log table has been rescheduled to run in only one of 1000 blocked requests. Under a heavy spam attack this was running much too frequently at its old schedule of one in 25 blocked requests, causing at least one shared hosting provider to complain.
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Update: Due to some errors which creeped in, I’ve repacked the 2.0.4 release. If you already downloaded it and are having strange problems, please re-download it.
Bad Behavior 2.0.3
Before I get into the release announcement, I just want to ask all of you to send me money so I can buy a T-shirt here at the HOPE conference. Oh, and eat too. NYC has drained my wallet to just about empty. Thanks!
Bad Behavior 2.0.3 has been released to provide additional protection from certain Ukrainian spammers and to prevent certain users from being blocked inappropriately.
New in this release (since 2.0.2):
- A check has been added for a high-volume Ukrainian spammer who can generate 500,000 spams per day (and quite possibly much more).
- A blacklist entry has been relaxed in order to prevent inappropriate blocking of a few rare legitimate users and bots.
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Bad Behavior 2.0.2
Bad Behavior 2.0.2 has been released to provide additional protection from certain blog and wiki spammers and email address harvesters.
New in this release (since 2.0.1):
- A check has been added for certain types of blog comment and wiki spam.
- Several email address harvesters have been added to the blacklists.
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
Bad Behavior 2.0.1
Bad Behavior 2.0.1 has been released to address a critical bug in the whitelisting code. All users who use or plan to use the whitelisting feature of Bad Behavior should upgrade to version 2.0.1.
New in this release (since 2.0.0):
- A bug causing the whitelist to fail on some POST requests has been fixed.
- Support for the LifeType blog platform has been added. This support was graciously provided by Mark Wu. Unfortunately, I don’t know much about LifeType, so I can’t really give any support for it. You can find more information at Mark’s blog.
- Some additional checks for trackback spam have been added.
As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.
And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)
E-mail with viruses is not from me
Some malicious software has gotten hold of the badbots at ioerror dot us email address and is sending out large numbers of e-mail messages with viruses and Trojan horses embedded in them, faking the From: e-mail address.
These e-mail messages do not originate from me and should be discarded unread. Under no circumstances should you open the attachment in these fake messages, as it contains malicious software.
I will probably change this e-mail address in the near future.
Bad Behavior 2 for ExpressionEngine
Paul Burdick of pMachine has managed to put out a port of Bad Behavior 2 for ExpressionEngine in the record time of “an hour this afternoon,” he wrote on the EE forums Thursday.
I took a quick look through the extension and to my eye it looks good. I haven’t tested it myself, but the early results on the forum suggest that it works OK.
Check out the EE forum thread for more info and to download the extension.
Please note these special installation instructions:
You need BOTH the bad_behavior extension from EE AND the standard Bad Behavior download.
To install it: Unpack the stock Bad Behavior download, and you’ll find a Bad-Behavior folder. Inside THAT folder is a bad-behavior folder. Upload ONLY the bad-behavior folder from the stock download, along with the ext.bad_behavior.php from the EE download, to your EE ./system/extensions folder. Then upload the lang.bad_behavior.php file to your EE ./system/language/english folder.
You can then activate and configure Bad Behavior from the Extensions Manager. The ‘strict’ and ‘verbose’ settings should work as for the other ports. I don’t know if the ‘display_stats’ setting has been implemented; I think on EE it probably requires a template change at least…
Thanks, Paul!
About
Copyright © 2005-2006 Michael Hampton. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.
Help contribute directly to Bad Behavior development:
Or indirectly by shopping at:
If you need web hosting, a VPS in the U.S. or Europe, or a dedicated server:
