Bad Behavior 2.1.13 (development) has been released. For 2.1 users, this is a maintenance release and upgrading as soon as possible is recommended.
Please note: The 2.0 series of Bad Behavior is receiving limited updates, including unblocks, bug fixes and security fixes only. Future development is taking place in the 2.1 development tree.
Who should upgrade?
All users should upgrade to ensure that their placements in the Google and Yahoo! search engines remain intact.
What’s new?
New in this release (since 2.1.12):
- A logic error in the search engine handling code caused search engine requests to be subjected to additional checks not appropriate for them. This was causing Yahoo! crawler requests to be inadvertently blocked. This error has been fixed.
- New IP address ranges for Google and Yahoo!, which were previously unused for crawling, have been added to Bad Behavior.
What’s coming?
I’m currently preparing to release the next major stable release of Bad Behavior, version 2.2. This release is sufficiently different that anyone maintaining a port needs to update their port to handle the new features immediately (such changes are backward compatible if implemented properly). A backward-incompatible change to the database schema is coming shortly; porters should stand by for further details.
For our enterprise users who require long-term support, the 2.0 branch will continue to receive long-term support through June 30, 2012, and the 2.2 branch (coming shortly) will be fully supported until the 3.0 release, and then receive long-term support through June 30, 2014.
Download
Download the latest release of Bad Behavior now!
Support
You’ve probably noticed that my development schedule for 2.2 and 3.0 continues to slip. The reason for this is that I can only spend time on improving Bad Behavior when incoming donations cover the cost of my time. Otherwise I have to engage in paying work to keep food on my table.
At this point I would need approximately US $2000 in donations to meet an end-of-May date for 2.2 and mid-July for a 3.0 alpha; in a typical month I generally see less than $40 in donations.
I happen to like giving spammers a hard time, and it’s frustrating that I don’t get to spend enough time on it. You can help me make Bad Behavior even better by making your most generous donation for any amount. (BTW, I fixed all the broken donation links, I think. If you find any other broken ones, let me know!)
Thank you again for supporting Bad Behavior development!
Bad Behavior 2.0.43 (stable) and 2.1.12 (development) have been released. For 2.0 users, this is a security release and all users should upgrade as soon as possible. For 2.1 users, this is a maintenance release and upgrading as soon as possible is recommended.
Please note: The 2.0 series of Bad Behavior is receiving limited updates, including unblocks, bug fixes and security fixes only. Future development is taking place in the 2.1 development tree.
Who should upgrade?
All users of the 2.0 series should upgrade to prevent leakage of information about your server to spammers and malicious bots.
All users should upgrade to ensure that their placement in the Google search engine remains intact.
What’s new?
New in this release (since 2.0.42 and 2.1.11):
- The 2.0.42 release, and possibly older releases, inadvertently omitted a message intended to be displayed to spammers pretending to be the Yahoo! search engine. Because of this, in non-default server configurations, a PHP notice could appear to the spammer which leaked information about the server. This message has been reinserted and the issue fixed.
- Google is now operating a new IP address range in China, from which it is crawling some Web requests. Interestingly, it is crawling all countries from this Chinese address range. Bad Behavior is now aware of this address range and will no longer block requests from Google which originate in China.
What’s coming?
I’m currently preparing to release the next major stable release of Bad Behavior, version 2.2. This release is sufficiently different that anyone maintaining a port needs to update their port to handle the new features immediately (such changes are backward compatible if implemented properly). Ports which are currently feature-complete on 2.1 will not need updating for 2.2 as the API is now stable.
After that, the next development branch will target version 3.0. As I’ve mentioned before, it’s a complete ground-up rewrite, so anyone maintaining a port will need to track development and be prepared to completely rewrite their ports. It’s going to be a week or two at least before I have alpha code to share, but you will want to make time for it, because there will also be important changes in the way Bad Behavior is distributed. I hope to have 3.0 in beta later this month, and a general release by the end of May.
For our enterprise users who require long-term support, the 2.0 branch will continue to receive long-term support through June 30, 2012, and the 2.2 branch (coming shortly) will be fully supported until the 3.0 release, and then receive long-term support through June 30, 2014.
Download
Download the latest release of Bad Behavior now!
Support
I can only spend time on improving Bad Behavior when incoming donations cover the cost of my time. Otherwise I have to engage in paying work to keep food on my table.
I happen to like giving spammers a hard time, and it’s frustrating that I don’t get to spend enough time on it. You can help me make Bad Behavior even better by making your most generous donation for any amount. (BTW, I fixed all the broken donation links, I think. If you find any other broken ones, let me know!)
Thank you again for supporting Bad Behavior development!
Bad Behavior is now available for the vBulletin forum and content management system. I want to welcome the vBulletin community to a completely different way of blocking registration, signature and forum spam.
I’ve been asked a number of times for this, and I’m happy to announce that someone has taken it off my plate. Eric Sizemore has ported Bad Behavior to vBulletin 3.8 and 4.x.
While I haven’t been able to test the mods extensively as yet, they appear sane and usable, and are the first for vBulletin which are feature-complete and 2.2-ready.
If you’re new to Bad Behavior, you should be aware that it operates completely differently than other anti-spam measures you may already use. The biggest difference is that Bad Behavior does not analyze the content of anything posted to your forum. This is sure to surprise you at first, until you see the number of drive-by spam registrations drop off noticeably. Even so, no spam prevention technique is 100% perfect, and so you shouldn’t drop your existing spam prevention techniques until you read this.
Check out Bad Behavior’s complete documentation for more on what all the features do and how it’s done. This is especially important if you use a load balancer, cloud hosting such as Amazon EC2, or an accelerator service such as Akamai; in these cases there is additional configuration you will need to do after installing Bad Behavior.
As with all other ports, you should seek support for anything vBulletin-specific from the port maintainer, Eric (using the links provided above); as always, I continue to provide support for the Bad Behavior core, as well as the WordPress and MediaWiki ports. Welcome again, and here’s to a spam-free forum!