Lunacy Unleashed

Notes from the field in the War on Spam

Bad Behavior 2.0.7

Make a Donation.

Bad Behavior 2.0.7 has been released.

I’ve got a nice roundup of bug fixes this time around. Most people should upgrade right away to take advantage of the fixes and additional spam protections.

New in this release (since 2.0.6):

  • A bug (apparently in MediaWiki) which caused blank lines to appear on rendered pages in MediaWiki 1.7 has been worked around.
  • In version 2.0.6 four blackhole lists were added and incoming POST requests screened against them. Two of these lists generated significant hits in which primarily non-U.S. users who hadn’t actually sent any spam were being blocked. They have been removed. (Once Bad Behavior Blackhole is up and running, the other two may be removed as well, even though they’re performing fine.)
  • Two tests which catch some spambots and content thieves which were present in Bad Behavior 1 were inadvertently dropped from Bad Behavior 2. One of the hazards of rewriting something from the ground up. These tests have been restored.
  • A check which blocks users behind a Microsoft ISA Server 2004 proxy server, and one other type of proxy server I forget the name of, has been moved to strict mode only. Please disable strict mode if you are expecting traffic from such a source, and please contact Microsoft for a hotfix, if they’ve bothered to fix the bug in their software.
  • An additional IP address range for Google has been whitelisted. If you ever receive spam from an IP address owned by Google, please notify me immediately.
  • Several additional spambots have been identified and blocked.

Download Bad Behavior now!

As always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit means I have more spare time to devote to its development.

And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)

Also please note: Due to excessive levels of spam here on, which doesn’t use Bad Behavior anymore, I’ve had to close comments and pings entirely. You can reach me at without the nospam.

November 6, 2006 Posted by | Bad Behavior, Blog Spam, Blogging, Spam, WordPress | Comments Off on Bad Behavior 2.0.7

Making money from AdSense?

People ask me about making money from AdSense all the time. While I usually will offer little tips and tricks that I’ve learned along the way, one thing I want to make sure that new AdSense publishers know is what NOT to do.

The number one thing that you should NOT do is STEAL OTHER PEOPLE’S CONTENT. Yes, I know the guy who sold you the video or the eBook said it was okay. Guess what, he has your $97 bucks, and you’re about five minutes away from being up shit creek without a paddle, as you lose your web hosting, your domain names, and most importantly, your AdSense account, all because you ripped someone off.

If I catch you stealing my content, your ass is grass. (This obviously doesn’t apply if I gave you permission to use it.)

This content was stolen from Michael Hampton.

Copyright © 2006 Michael Hampton. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.

May 18, 2006 Posted by | AdSense, Advertising, Bad Behavior, Blogging, Google, Spam, Splog, WordPress | 5 Comments

Bad Behavior 2 Alpha 2

Make a Donation.

Bad Behavior 2 Alpha 2 is now available for wide testing. If you’ve used Bad Behavior in the past, or if you currently use Akismet or Spam Karma 2 and those spam numbers just keep going up, it’s time to learn what Bad Behavior 2 can do for you.

Bad Behavior 2 is a ground-up rewrite of Bad Behavior, the only Web spam killer which stops spammers before they even have a chance to get started. It does this by focusing not on the content of the messages, but on the delivery method. As such, for maximum effect, you should use it in conjunction with another content-based plugin, such as Spam Karma 2 or Akismet. But even on its own, Bad Behavior is once again shockingly effective at stopping spam.

When Bad Behavior was first introduced a year ago, (holy crap it HAS been that long!) it was the first tool of its kind targeting malicious activity on a wide variety of Web sites and platforms. While a few other similar solutions exist, such as mod_security for Apache, they can’t be installed by the user, and they don’t specifically target blog and forum spam, wiki vandalism and the like.

By contrast, Bad Behavior is a set of PHP scripts which pre-screens every request to your PHP-based Web site. The first major version of Bad Behavior was ported to nearly a dozen different blogs, wikis, forums and guestbooks, and many more generic ports were reported that their authors kept privately and never released. Bad Behavior 2 intends to keep the tradition of being portable to any PHP-based platform and expand on it by providing a more comprehensive and structured general API which can be wrapped into virtually anything.

Unfortunately, this wasn’t possible with the previous major version of Bad Behavior, owing to its design, thus the ground-up rewrite. Much to my surprise, Bad Behavior 2 is actually smaller than its predecessor, and catches virtually all spam with virtually no false positives. As of the time of this writing, it allowed only one spam to escape, and on investigation I found that spam had been manually posted by a very bored spammer. (In the final release, he too will be blocked.)

Now, down to business. As I said in the previous post, I haven’t completed the MediaWiki and ExpressionEngine ports yet, primarily due to time constraints, and the constraints of having thousands of people being hit by millions of spams and crying out for a solution now. So for now, this test release only runs on WordPress. It requires WP 1.5 or any later version.

Because this is a test release, there are some special installation instructions. First, if you installed 2.0 Alpha 1, delete it first before uploading this version.

This version can be installed alongside Bad Behavior 1, and in fact I recommend it. Upload the files in the usual way for any plugin. Then go to Manage Plugins. You’ll see both versions listed. Deactivate Bad Behavior 1, then activate Bad Behavior 2. To switch back, deactivate Bad Behavior 2, then activate Bad Behavior 1. Do not allow both version 1 and 2 to be active at the same time.

There are no show-stopping bugs that I’m aware of in this release; it’s stable enough for everyday use. However, it is not feature-complete; several items on the roadmap remain unfinished. For instance, a screener for requests which are suspicious but not certainly spam is only partially implemented. (Which is how that manual spammer got through.) The administrative screen located under Options > Bad Behavior is also not yet implemented.

Even so, I believe that this release will cut your spam flow on your WordPress blog to virtually nothing, without any false positives. However, in the extremely rare event that there is a false positive, the user will receive a technical support key and a brief explanation of what he can do to fix the problem (e.g. scan for spyware). Collect this key from the user and then mail it to me and I’ll get back to you with further information. The error page also provides a link the user can click for extended information; this part is also partially implemented and will be what I work on next.

And as always, if you find Bad Behavior valuable, please consider making a financial contribution. I develop Bad Behavior in my spare time, and every little bit counts.

Download Bad Behavior Now!

And don’t forget to subscribe to the RSS feed or the mailing list. (They’re the same content.)

April 27, 2006 Posted by | Bad Behavior, Blog Spam, Blogging, Spam, WordPress, WordPress 2.0 | 9 Comments

Give your blog design a spring cleaning

There’s too much stuff on your blog.


It’s okay, though. I’m not mad at you.

In fact, not only is there too much stuff on your blog, it’s poorly organized, difficult to see, and a real pain in the ass just to look at. And it’s not doing me any good when I visit your blog.

This rant came about as I was viewing one of my blogs on my new Palm T|X handheld, and trying to cut its download time down. This threw me into a whole new world: that of mobile computing. You see, on a mobile device, there’s very limited screen space, and anything more than minimal user input is a real pain in the ass. So the more stuff that appears on your blog, the worse off you are. And sidebars are the kiss of death.

But even without the constraints of the mobile devices, blog clutter and bad design are serious problems. Let’s take an example:

Below the Beltway Screenshot Below the Beltway Screenshot Below the Beltway Screenshot

Now this blog has excellent content. Unfortunately, the blog’s design has several problems, all of which compound the others to make it very difficult to deal with.

First off, it has a color scheme with poor contrast. It uses a dark blue background, light blue links, and black borders. The effect of the color choices leads people to look not at the content, but at the borders! It takes an amazing amount of will to actually focus on the content, and to focus on links takes even more concentration. So the choice of colors does not naturally lead a reader to where the blogger presumably wants the reader.

Second, it uses a three-column layout. A three-column layout can be done well, but it rarely is. Instead, people usually use three-column layouts so that they can get many more links to many more places onto every page. That’s what this blog does.

What the hell is this crap? — Butt-head

What’s so wrong with lots of links to lots of places? Too much clutter. This blog contains no fewer than six blogrolls with literally hundreds of links to other blogs in its two sidebars, and in the format and colors used, they are all but indistinguishable. Who is really going to wade through all of those links in all of those blogrolls? It’s certainly important to promote one’s blog, and to help promote others, but at a certain point it becomes excessive, and nobody pays attention to it.

Or they do what I did the first several times I saw this blog, and others with similar problems: they leave without reading anything.

And then there are the ads. In the right-hand sidebar, one can see ads from Amazon and Google, but the ads are very poorly integrated into the site. So they are almost certainly getting much less attention than they otherwise would. This has a direct negative impact on the income this blogger makes from his blog.

Oh, and I have one more bone to pick, and that’s with those chicklets. You know, the little buttons inviting you to subscribe to every feed aggregator service you’ve ever heard of, and a few dozen you’ve never heard of. It’s been my experience that almost nobody ever clicks on them. As you can see, this person doesn’t seem to have had much luck getting people to subscribe to his RSS feed, despite being very well linked to. (You don’t get to be a Large Mammal in TTLB unless you’re fairly decent sized.) (And they could also be subscribed to his Atom feed, and not showing in that count, a side effect of using Blogger.) But the buttons, when all thrown together, are just plain ugly. I’ve theorized that one would get better results with just one or two buttons, and that seems to be playing out fairly well for me. Even if it doesn’t, my site looks a lot better for not having the chicklets.

After studying real users in the real world, I’ve found that they have a much better time with simpler, cleaner looking sites. So I’ve tried to keep the clutter and extra features to a minimum. Of course, with a blog, you have extensive navigational controls which are going to take up quite a bit of space. But all the rest can go, as I discovered. Or almost all.

Now pick up your PDA or smartphone and use its built-in Web browser to visit . Hopefully you do this after viewing it in your Web browser. If all goes well, you’ll see a radically different site; it’s been stripped of almost everything, is about five times smaller, downloads much faster, and dare I say it, I think I like it stripped down.

Perfection is achieved, not when there is nothing more to add, but when there is nothing more to take away. — Antoine de Saint-Exuper

What’s cluttering up your blog theme? Is it easy to read? What can you get rid of to improve your blog’s appearance and usability?

March 28, 2006 Posted by | Blogging, Design, WordPress, | 11 Comments

2006 Weblog Awards

The finalists for the 2006 Weblog Awards have been announced, and below, I’m going to tell you who I think will win in each category (except the regional ones). Before that, I have to say something about the awards itself.
Continue reading

January 23, 2006 Posted by | Blogging, Personal, WordPress | 4 Comments