Bad Behavior / Bad Behaviour: 2010 February archive

Archive for February, 2010

Stop Forum Spam

February 20th, 2010 by Michael Hampton

Recently it was suggested to me that Bad Behavior could incorporate support for Stop Forum Spam.

Stop Forum Spam is meant to be a list of IP addresses, emails and usernames which spammers use when registering or posting spam to forums. It seems to work well, but it has some shortcomings.

First among them is it has no native support for DNSBL. Instead, it exports its data to a third party DNSBL where the data is commingled with other data from unknown sources, making it difficult to use effectively.

Second is that it has no clearly defined removal policy. It does provide a form where people can request manual removal, but it also implies that a “network administrator” has to request removal.

After much experimentation with blackhole lists over the years, Bad Behavior currently uses only the Project Honey Pot http:BL list (and it is disabled by default). This list works very well at catching actual spammers, and it provides instant automatic removal for the very few legitimate users who happen to get caught by it.

Bad Behavior is meant to provide as little inconvenience to legitimate users as possible. When it happens, the user must be given clear directions on how to resolve the problem and ideally must be able to restore their access as soon as possible, e.g., by removing the viruses from their computer, etc.

Because it lacks a removal policy and clear process, it will not be appropriate to incorporate Stop Forum Spam at this time. I will continue to monitor the service and if it changes to allow for easier removal by legitimate users, then it may be incorporated in the future.

Bad Behavior,Spam 20 Comments

Bad Behavior 2.1.2

February 13th, 2010 by Michael Hampton

Bad Behavior 2.1.2 has been released. This release fixes bugs and is recommended for affected users as described below.

Please note: The 2.0 series of Bad Behavior is receiving limited updates, including unblocks, bug fixes and security fixes only. Future development is taking place in the 2.1 development tree.

Who should upgrade?

Users who use the new URL whitelisting feature should upgrade to ensure that whitelisting works correctly in all circumstances.

What’s new?

New in this release (since 2.1.1):

A logic error in the URL whitelisting feature caused URLs to fail to match the whitelist if the if the web browser requested a URL containing a ? character. This issue has been fixed.

Download

The 2.1 development releases will not be offered through the WordPress automatic upgrade facility.

Download the 2.1.2 development release of Bad Behavior now!

Support

This release would not have been possible without the support of people like you who find Bad Behavior valuable enough to make a financial contribution to ensure its further development.

Your contributions ensure that I can continue to devote time to bringing you the features you want, as well as continuing work on making spammers’ lives hell.

If you haven’t already done so, consider setting up a recurring contribution for as little as $5 per year, or make your most generous one-time contribution for any amount.

Thank you again for supporting Bad Behavior development!

Bad Behavior 20 Comments