Comments on: Bad Behavior 2.0.38 http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/ The Web's premier link spam killer. Wed, 16 May 2012 15:16:49 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: Bad Behavior / Bad Behaviour: Bad Behavior 2.0.39 http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1760 Bad Behavior / Bad Behaviour: Bad Behavior 2.0.39 Wed, 05 Jan 2011 03:44:55 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1760 [...] New in this release (since 2.0.38): [...] [...] New in this release (since 2.0.38): [...]

]]> By: Chris http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1759 Chris Wed, 15 Sep 2010 14:22:40 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1759 Hi Michael We are seeing our institutional search engine Funnelback blocked by BB 2.0.38. It identifies itself as "Mozilla/5.0 RPT-HTTPClient/0.3-3E" but does not send the "Accept" header, so receives the support key "17566707". I've whitelisted our Funnelback server's IP address for now, and we are talking to Funnelback's developers about this, but I thought you should know. Chris Hi Michael

We are seeing our institutional search engine Funnelback blocked by BB 2.0.38. It identifies itself as “Mozilla/5.0 RPT-HTTPClient/0.3-3E” but does not send the “Accept” header, so receives the support key “17566707″.

I’ve whitelisted our Funnelback server’s IP address for now, and we are talking to Funnelback’s developers about this, but I thought you should know.

Chris

]]> By: Michael Hampton http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1758 Michael Hampton Tue, 20 Jul 2010 17:25:39 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1758 James, thanks for letting me know about Drupal. When you're doing the installation there you only need to keep the innermost bad-behavior directory from the zip file, and drop THAT into Drupal's Bad Behavior module folder. James, thanks for letting me know about Drupal. When you’re doing the installation there you only need to keep the innermost bad-behavior directory from the zip file, and drop THAT into Drupal’s Bad Behavior module folder.

]]> By: James Horvath http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1757 James Horvath Tue, 20 Jul 2010 17:23:56 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1757 Hey Mike, Just wanted to say I installed 2.0.38 zip and the 6.x-1.0-rc2 module on my Drupal 6 install. Along side Mollom and recaptcha. Great bit of kit, and I hope to be making a donation and providing feedback soon. Note about the Drupal install. I have found that the BadBeh zip file creates a directory and a subdirectory that doesn't seem to be the correct context. Not sure if it is version specific but Drupal complained of missing files/directories until I moved some things around. The zip is structured as such /bad-behavior/bad-behavior The Drupal module path is structured as such: /modules/badbehavior Installing the Drupal module and extracting the Zip will yield a structure as follows: /modules/badbehavior/bad-behavior/bad-behavior I have found that you need to move all files in the last directory (/modules/badbehavior/bad-behavior/bad-behavior) banned.inc.php blackhole.inc.php blacklist.inc.php common_tests.inc.php core.inc.php functions.inc.php google.inc.php housekeeping.inc.php index.html konqueror.inc.php lynx.inc.php movabletype.inc.php mozilla.inc.php msie.inc.php msnbot.inc.php opera.inc.php post.inc.php responses.inc.php safari.inc.php screener.inc.php trackback.inc.php version.inc.php whitelist.inc.php back into (/modules/badbehavior/bad-behavior/) skipping overwrite of index.html etc. So in a nutshell, the last(or bottom level) directory appears to be errant. Hope that helps someone out. Cheers and thanks, James Horvath Hey Mike,

Just wanted to say I installed 2.0.38 zip and the 6.x-1.0-rc2 module on my Drupal 6 install. Along side Mollom and recaptcha. Great bit of kit, and I hope to be making a donation and providing feedback soon.

Note about the Drupal install. I have found that the BadBeh zip file creates a directory and a subdirectory that doesn’t seem to be the correct context. Not sure if it is version specific but Drupal complained of missing files/directories until I moved some things around.

The zip is structured as such

/bad-behavior/bad-behavior

The Drupal module path is structured as such:

/modules/badbehavior

Installing the Drupal module and extracting the Zip will yield a structure as follows:

/modules/badbehavior/bad-behavior/bad-behavior

I have found that you need to move all files in the last directory (/modules/badbehavior/bad-behavior/bad-behavior)

banned.inc.php
blackhole.inc.php
blacklist.inc.php
common_tests.inc.php
core.inc.php
functions.inc.php
google.inc.php
housekeeping.inc.php
index.html
konqueror.inc.php
lynx.inc.php
movabletype.inc.php
mozilla.inc.php
msie.inc.php
msnbot.inc.php
opera.inc.php
post.inc.php
responses.inc.php
safari.inc.php
screener.inc.php
trackback.inc.php
version.inc.php
whitelist.inc.php

back into (/modules/badbehavior/bad-behavior/) skipping overwrite of index.html etc.

So in a nutshell, the last(or bottom level) directory appears to be errant. Hope that helps someone out.

Cheers and thanks,
James Horvath

]]> By: Michael Hampton http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1756 Michael Hampton Fri, 16 Jul 2010 17:49:04 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1756 I really want to get to the bottom of this! :) I will wait patiently for your report. I really want to get to the bottom of this! :) I will wait patiently for your report.

]]> By: Roy http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1755 Roy Fri, 16 Jul 2010 17:47:22 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1755 Ah, you really want to get to the bottom of this! However... I can't reproduce it at the laptop here (it works like a charm). Problems with the proxy at work perhaps? Forget about it, when I run into it again, I'll make a descent report for you. Sorry for the trouble and thanks for the plugin, Ah, you really want to get to the bottom of this! However… I can’t reproduce it at the laptop here (it works like a charm). Problems with the proxy at work perhaps? Forget about it, when I run into it again, I’ll make a descent report for you. Sorry for the trouble and thanks for the plugin,

]]> By: Michael Hampton http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1754 Michael Hampton Fri, 16 Jul 2010 17:40:49 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1754 Roy, that's not a sufficient trouble report to figure out what's going on. First, you forgot your technical support key. :) Roy, that’s not a sufficient trouble report to figure out what’s going on. First, you forgot your technical support key. :)

]]> By: Roy http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1753 Roy Fri, 16 Jul 2010 13:48:10 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1753 That's funny. 2.038 in "strict checking" blocks any WordPress backend activity including the deactivation of this "strict checking" :-) When I deactivate and reactivate the plugin, the "strict checking" is right back. That’s funny. 2.038 in “strict checking” blocks any WordPress backend activity including the deactivation of this “strict checking” :-) When I deactivate and reactivate the plugin, the “strict checking” is right back.

]]> By: Alexa Kaufhof http://bad-behavior.ioerror.us/2010/07/13/bad-behavior-2-0-38/#comment-1752 Alexa Kaufhof Wed, 14 Jul 2010 18:18:45 +0000 http://www.bad-behavior.ioerror.us/?p=395#comment-1752 Hi, thanks for the upgrades. Two things that I have noticed (also with earlier versions): 1. In "msie.inc.php" line 12 you check for "Win32" in the user agent string. I have many (legitimate, I hope) German visitors who send user agent strings like "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 8.0; Win32; WEB.DE); (webde/1.1.0.21); .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)". Apparently, the provider "1&1" is distributing customized browsers that send such strings. 2. Could it be that lines 45 - 47 in "common_tests.inc.php" block pingbacks when someone links to a comment in a Wordpress blog? Hi,
thanks for the upgrades.

Two things that I have noticed (also with earlier versions):

1.
In “msie.inc.php” line 12 you check for “Win32″ in the user agent string. I have many (legitimate, I hope) German visitors who send user agent strings like “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; Mozilla/4.0 (compatible; MSIE 8.0; Win32; WEB.DE); (webde/1.1.0.21); .NET CLR 2.0.50727; .NET CLR 1.1.4322; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)”. Apparently, the provider “1&1″ is distributing customized browsers that send such strings.

2.
Could it be that lines 45 – 47 in “common_tests.inc.php” block pingbacks when someone links to a comment in a WordPress blog?

]]>