« Bad Behavior 2.0.37 and 2.1.3
Bad Behavior 2.1.4 »

Bad Behavior 2.0.38

July 13th, 2010 by Michael Hampton

Bad Behavior version 2.0.38 has been released. It is a maintenance release recommended for all users.

Please note: The 2.0 series of Bad Behavior is receiving limited updates, including unblocks, bug fixes and security fixes only. Future development is taking place in the 2.1 development tree.

Who should upgrade?

Users of Bad Behavior who expect a significant amount of traffic from Facebook, or who use Facebook integration tools, should upgrade to ensure that these tools work correctly.

What’s new?

New in this release (since 2.0.37):

  • A web crawler used by Facebook was inadvertently blocked because it engages in some unusual behavior. This could cause links to protected pages to appear on Facebook without their title, photo or description. This issue with Facebook’s crawler has been worked around.

Download

Download Bad Behavior now!

Support

You’ve probably noticed that until recently there hadn’t been a release of Bad Behavior in several months. This is due entirely to the fact that I can only spend time on it when incoming donations cover the cost of my time. Otherwise I have to engage in paying work to keep food on my table.

I happen to like giving spammers a hard time, and it’s frustrating that I don’t get to spend enough time on it. You can help me make Bad Behavior even better by setting up a recurring contribution, or making your most generous one-time contribution for any amount.

Thank you again for supporting Bad Behavior development!

9 Responses to “Bad Behavior 2.0.38”

  1. 1

    Alexa Kaufhof Says

    Hi,
    thanks for the upgrades.

    Two things that I have noticed (also with earlier versions):

    1.
    In “msie.inc.php” line 12 you check for “Win32″ in the user agent string. I have many (legitimate, I hope) German visitors who send user agent strings like “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 8.0; Win32; WEB.DE); (webde/1.1.0.21); .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)”. Apparently, the provider “1&1″ is distributing customized browsers that send such strings.

    2.
    Could it be that lines 45 – 47 in “common_tests.inc.php” block pingbacks when someone links to a comment in a WordPress blog?

    Jul 14th, 2010 at 6:18 pm   

  2. 2

    Roy Says

    That’s funny. 2.038 in “strict checking” blocks any WordPress backend activity including the deactivation of this “strict checking” :-) When I deactivate and reactivate the plugin, the “strict checking” is right back.

    Jul 16th, 2010 at 1:48 pm   

  3. 3

    Michael Hampton Says

    Roy, that’s not a sufficient trouble report to figure out what’s going on. First, you forgot your technical support key. :)

    Jul 16th, 2010 at 5:40 pm   

  4. 4

    Roy Says

    Ah, you really want to get to the bottom of this! However… I can’t reproduce it at the laptop here (it works like a charm). Problems with the proxy at work perhaps? Forget about it, when I run into it again, I’ll make a descent report for you. Sorry for the trouble and thanks for the plugin,

    Jul 16th, 2010 at 5:47 pm   

  5. 5

    Michael Hampton Says

    I really want to get to the bottom of this! :) I will wait patiently for your report.

    Jul 16th, 2010 at 5:49 pm   

  6. 6

    James Horvath Says

    Hey Mike,

    Just wanted to say I installed 2.0.38 zip and the 6.x-1.0-rc2 module on my Drupal 6 install. Along side Mollom and recaptcha. Great bit of kit, and I hope to be making a donation and providing feedback soon.

    Note about the Drupal install. I have found that the BadBeh zip file creates a directory and a subdirectory that doesn’t seem to be the correct context. Not sure if it is version specific but Drupal complained of missing files/directories until I moved some things around.

    The zip is structured as such

    /bad-behavior/bad-behavior

    The Drupal module path is structured as such:

    /modules/badbehavior

    Installing the Drupal module and extracting the Zip will yield a structure as follows:

    /modules/badbehavior/bad-behavior/bad-behavior

    I have found that you need to move all files in the last directory (/modules/badbehavior/bad-behavior/bad-behavior)

    banned.inc.php
    blackhole.inc.php
    blacklist.inc.php
    common_tests.inc.php
    core.inc.php
    functions.inc.php
    google.inc.php
    housekeeping.inc.php
    index.html
    konqueror.inc.php
    lynx.inc.php
    movabletype.inc.php
    mozilla.inc.php
    msie.inc.php
    msnbot.inc.php
    opera.inc.php
    post.inc.php
    responses.inc.php
    safari.inc.php
    screener.inc.php
    trackback.inc.php
    version.inc.php
    whitelist.inc.php

    back into (/modules/badbehavior/bad-behavior/) skipping overwrite of index.html etc.

    So in a nutshell, the last(or bottom level) directory appears to be errant. Hope that helps someone out.

    Cheers and thanks,
    James Horvath

    Jul 20th, 2010 at 5:23 pm   

  7. 7

    Michael Hampton Says

    James, thanks for letting me know about Drupal. When you’re doing the installation there you only need to keep the innermost bad-behavior directory from the zip file, and drop THAT into Drupal’s Bad Behavior module folder.

    Jul 20th, 2010 at 5:25 pm   

  8. 8

    Chris Says

    Hi Michael

    We are seeing our institutional search engine Funnelback blocked by BB 2.0.38. It identifies itself as “Mozilla/5.0 RPT-HTTPClient/0.3-3E” but does not send the “Accept” header, so receives the support key “17566707″.

    I’ve whitelisted our Funnelback server’s IP address for now, and we are talking to Funnelback’s developers about this, but I thought you should know.

    Chris

    Sep 15th, 2010 at 2:22 pm   

  1. 1

    Bad Behavior / Bad Behaviour: Bad Behavior 2.0.39

    Pingback on Jan 5th, 2011 at 3:44 am