Bad Behavior 2.0.24
September 25th, 2008 by Michael Hampton
Bad Behavior 2.0.24 has been released. It is a maintenance release and is recommended for all users.
MediaWiki and WordPress users should take note of special upgrade instructions below.
Who should upgrade?
Users targeting the Amazon Kindle or who have readers viewing their sites using the Amazon Kindle should upgrade. Users whose sites are targeted toward smart phones and other wireless devices should also consider upgrading, since Kindle users may be a portion of your audience.
What’s new?
New in this release (since 2.0.23):
- Due to a bug in the Amazon Kindle Basic Web service, Kindle users are unable to browse more than one page of a Bad Behavior-protected site. Amazon has been notified of the problem. This release provides a temporary workaround which will allow Kindle users to view your site.
- One additional email address harvester has been identified and blocked.
Support
If Bad Behavior has helped you, please make a financial contribution toward further development. Your contribution ensures that I can prioritize Bad Behavior development. Otherwise I must spend most of my time on other projects which pay the bills. Which is a shame, because I really enjoy making spammers miserable and drying up their revenue streams until it’s more profitable for them to work at McDonald’s than to send spam.
Download
Special Upgrade Instructions
Users of MediaWiki and WordPress upgrading from version 2.0.20 or earlier should follow these special directions (from 2.0.21 or later, upgrade normally):
For MediaWiki: Before installing this version of Bad Behavior, manually remove (e.g. using FTP or ssh) any old versions you may have, including the lines added to LocalSettings.php. Then install the new version fresh, following the installation instructions for MediaWiki.
For WordPress: If updating to this version through the automatic updater fails, manually remove (e.g. using FTP or ssh) any old versions you may have installed. Then upload and install the new version fresh, following the installation instructions for WordPress. After doing so, future automatic updates should proceed normally.
For other platforms: No changes to your upgrade procedures should be necessary.
Computer Aid Says
Hmmm, I seem to have difficulty activating 2.0.24
I tried the “upgrade automatically” from plugins in the wordpress console, and I tried manually deleting the bad behaviour files on the server, and then uploading the files using FTP.
Each time, I get a http 403 error.
As soon as I upload 2.0.23, it activates flawlessly.
It might be a conflict with some of my other plugins (or maybe Australia is brimming with spammers
Either way, I’ll stick with 2.0.23 for now.
Sep 25th, 2008 at 1:48 pm
Michael Hampton Says
Have you tried reading the error message you received?
If you expect support, you’ll have to provide sufficient detail so that I can figure out what’s going on.
Sep 25th, 2008 at 2:57 pm
Computer Aid Says
OK, here is what I get (I’m very happy with BB, so I don’t mind staying on 2.0.23 for the moment):
Error 403
We’re sorry, but we could not fulfill your request for /blog/wp-admin/update.php?action=activate-plugin&plugin=bad-behavior%2Fbad-behavior-wordpress.php&_wpnonce=dd43408936 on this server.
You do not have permission to access this server.
Your technical support key is: cbd5-0784-17f4-e8c8
You can use this key to fix this problem yourself.
If you are unable to fix the problem yourself, please contact ca at computer-aid.com.au and be sure to provide the technical support key shown above.
Sep 25th, 2008 at 3:41 pm
Computer Aid Says
Fixed: plugin activates correctly when using firefox… weird
Sep 25th, 2008 at 3:46 pm
Ipstenu Says
I’m having ongoing issues with Feedburner and Bad Behavior. I keep getting 403 errors, ever since Feedburner flipped to Google. If I want to update my feed, I have to turn Bad Behavior off!
I point feedburner to http://domain.com/feed, and then in my .htaccess I have this:
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/?(feed.*|rss.*|comments.*) [NC]
RewriteCond %{HTTP_USER_AGENT} !^.*(FeedBurner|FeedValidator) [NC]
RewriteRule ^feed/?.*$ http://feedproxy.google.com/Updates [L,NC,R=302]
RewriteRule ^rss/?.*$ http://feedproxy.google.com/Updates [L,NC,R=302]
RewriteRule ^comments/?.*$ http://feedproxy.google.com/Comments [L,NC,R=302]
Which works, only if I turn off BB. And frankly, I don’t want to!
Sep 25th, 2008 at 4:38 pm
Michael Hampton Says
Computer Aid, as the technical support page says, you have software on your computer that has been associated with malicious activity in the past. Remove the offending software and try again. You may end up having to format and reinstall before IE will be entirely clean.
Sep 25th, 2008 at 4:46 pm
Michael Hampton Says
Ipstenu, you should contact me with further details. The comment page is a really bad place to request support, especially since I will need to know what web site you’re referring to.
Sep 25th, 2008 at 4:48 pm
Ipstenu Says
Emailed you at bad . bots email. Thanks.
Sep 25th, 2008 at 5:44 pm
Anthony Says
Hey,
I’ve installed the plug, it’s all working ok but cannot see statistics as it says in ‘footer’ – where are they meant to be showing?
Sep 27th, 2008 at 2:28 am
Michael Hampton Says
Does your theme include the standard wp_footer() call?
Sep 27th, 2008 at 2:57 am
Mike Says
Hi there!
I try to install badbehavior, but drupal allways only means “Directory Error”?!
The readme doesn’t tell me anything about what directory i have to create?!
pls help
Greets,
Mike
Sep 27th, 2008 at 8:00 am
Anthony Says
Hey Michael,
I don’t know if it does or not. Perhaps it doesn’t, and this is why i can’t see the stats…
Thanks
Sep 28th, 2008 at 2:41 am
dolphinling Says
Hi. I did an automatic upgrade on WordPress from 2.0.16 to 2.0.24 and everything seems to have worked just fine. Then I saw the special upgrade instructions for WordPress. Since it says it worked, should I be okay, or should I do the manual install anyway?
Sep 28th, 2008 at 2:45 pm
Leslie Says
Hi, guys. I stopped by to upgrade a wordpress installation and try BB out on a PHPBB3 installation. Wish me luck…
Anthony, while you’re waiting for the real guys to get back to you, a quick question that will help them with your problem.
Look in the active theme directory for a file called footer.php. If it isn’t there, ok. If it is there, make sure it contains a call to wp_footer().
What theme are you using?
Good luck!
Oct 6th, 2008 at 4:30 pm
Anthony Says
Hey Leslie, that worked great, thanks!
The Theme is corpblack from http://blogohblog.com
A.
Oct 6th, 2008 at 9:40 pm
Richard Virtue Says
Hi Michael.
You are probably already aware, but in case you’re not, the so-called “embedded web browser component” from bsalsa.com can result in a lot of “error 403″ blocked access attempts.
It modifies the MSIE user agent string to insert an item such as the following:
User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://bsalsa.com)
That modification, of course, gets blocked by Bad Behavior’s blacklist rejection of all “User-agent” inclusions.
For those who may be experiencing that problem, the MSIE user agent can be restored to its proper default by deleting the following key from the registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
More info at http://www.bsalsa.com/forum/showthread.php?t=686
Oct 18th, 2008 at 6:07 pm
scuty Says
‘Display statistics in blog footer’ seems to not work, in Word Press 2.6.3
Maybe I am doing something wrong …
Nov 11th, 2008 at 12:03 pm
Michael Hampton Says
I looked at your blog and it is working fine.
Nov 11th, 2008 at 4:49 pm
tmaster Says
It is still blocking feedburner. I had to remove my http:BL Access Key to stop it from blocking them.
In the logs it shows.
209.85.138.136
2008-11-11 17:21:31
IP address found on http:BL blacklist GET /xxx/feed/ HTTP/1.0
User-Agent: FeedBurner/1.0 (http://www.FeedBurner.com)
Accept-Encoding: gzip
Pragma: no-cache
Host: http://www.xxxxxxxx.com
Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
If-Modified-Since: Thu, 28 Aug 2008 04:41:15 GMT
Via: 1.1 proxy.google.com:80 (squid)
X-Forwarded-For: unknown
Cache-Control: no-cache, max-age=259200
Connection: keep-alive
Nov 11th, 2008 at 5:59 pm
scuty Says
Oh … it was just a line in the footer.
I think I missed that. Thanks!
Nov 11th, 2008 at 6:08 pm
Steve Says
Michael,
I have Bad Behavior 2.0.24 installed on my WordPress blog running 2.6.2. Did not know if you were aware, but it is blocking a bot that is most likely legitimate but possibly malformed. These requests are coming from 74.205.116.34 which is 128756-web1.hubspot.com.
Hubspot supports tools such as website grader (http://website.grader.com/), but I don’t know how they are related.
Anyway, I get a large number of “Required header ‘Accept’ missing” errors from the IP address above.
Thought you might be interested.
Nov 18th, 2008 at 8:18 am
Christopher Says
Just wanted to say “thanks” for this plugin. I managed to install it no trouble at all on “WordPress 2.7″ by following your foolproof instructions.
Cheers.
May 27th, 2009 at 3:06 pm
All Canadian pet services network Says
I understand a really great post, wonder how you came up with this really amazing insight.
Oct 25th, 2010 at 1:04 am
Christopher Says
UPDATE: It’s still working perfectly on “WordPress 3.0.1″. Many thanks again for your grand contribution to the fight against the scum of the earth that are Spammers!
Oct 26th, 2010 at 8:05 am