magnify
Home Uncategorized Bad Behavior 2.2.10
formats

Bad Behavior 2.2.10

Bad Behavior 2.2.10 has been released. This is a maintenance release and is recommended for all users.

Changes

The following changes have been made since version 2.2.9:

  • Code added in the previous release to support detection of malicious attacks contained an unfortunate typo causing PHP warnings to appear. This has been fixed.

Download

Download Bad Behavior now.

 
 Share on Facebook Share on Twitter Share on Reddit Share on LinkedIn
10 Comments  comments 

10 Responses

  1. Tom

    Well, this version foxed whatever was causing the issue in the previous one. Thanks to the author for the great work

  2. Carsten B.

    Kudos to you for fixing this so quickly. Thanks! :)

  3. Thank you for the quick update to fix the issues. Kudos!!!!

  4. Thank you for this pluggin, I have installed it but i still dont get how it exactly works.
    There is some log where i can`t see the spam that has been blocked?

  5. Nice plugin. But it blocks WordPress Jetpack comments. Think it has to do with Jetpacks external posting routine that generates a 403 message to the comment poster.

  6. Brad H

    I’m looking through the wordpress specific code, and I see a hook for the wp_insert_comment action. I was wondering, does Bad Behavior submit spammers to projecthoneypot.org? Namely if my other spam plugins detect that a comment is a spam comment, does bad behavior noticed the wp_insert_comment hook and submit the spammers IP to project honey pot. I don’t see anything in the code that appears to be doing that, but I didn’t read through all of it.

    • Brad,

      At the moment we do not submit to Project Honey Pot. They don’t accept submissions except through their own code, the last time I looked.

      The code you are looking at logs spam in Bad Behavior’s log if any other plugin on the system marked it as spam. This helps us get a copy of any spam that Bad Behavior missed without having to enable verbose logging, which can slow down a busy server.

      • Brad H

        Thanks for the reply. I guess that also explains why it logs a key of 00000000. Because it’s logging that it DIDN’T block it but it was later identified as spam.

        Have you thought about adding these “false negatives” as another test for future bad behavior tests? In other words, if headers, and agent and IP pass all the other tests, but the IP and/or user agent and/or other post attributes consistently gets caught by other spam plugins, then also include it in the black list?

        If I wanted to make some mods to Bad Behavior to handle this, it looks like the workhorse function is bb2_screen() and you have nice design pattern going in there of a serial list of screening tests. Thoughts on adding a callback or plugin mechanism to extend Bad Behavior to integrate with other systems?

        FWIW, I’ve been running BB on a test system that averages about 60 spam comments a day. Most of them get caught by our content filters ~80%, the other 20% end up in moderation. Since running BB, I’ve seen about 20% get cut out right away by BB2. I see now that when I test the IPs manually against various black lists (Projecthoneypot, Spamhaus, SpamCop, etc)… these IPs are not yet identified as “comment spam sources”. But on inspection, that’s clearly what they are.

        Anyway… even though it isn’t a silver bullet for the spam I am seeing, it’s still a great tool. So thanks for your great work! I totally appreciate it!