Bad Behavior / Bad Behaviour

Bad Behavior 2.2

January 29th, 2012 by Michael Hampton

Bad Behavior 2.2.0 has now been released. This is the first general availability release for the 2.2 series and is recommended for all users.

Support for the Bad Behavior 2.0 branch will end June 30, 2013. All users should make plans to migrate to version 2.2 prior to that date.

Who Should Upgrade?

All users should plan to upgrade to Bad Behavior 2.2.

IPv6 users, and users who use reverse proxies, load balancers or content distribution networks such as Akamai and CloudFlare, should accelerate their migration plans and upgrade as soon as possible.

Download

Impatient? Go download Bad Behavior now. The on-site documentation has already been updated for version 2.2, so please check the documentation before upgrading to familiarize yourself with the changes and new options.

What’s New?

Bad Behavior 2.2 adds new features, including some designed to assist enterprise users with very high traffic installations on large server farms, as well as convenience features for all users and a variety of fixes and improvements.

Since Bad Behavior 2.0:

• Some additional known spammers have been identified and blocked.
• IPv6 support has been improved, including new support for IPv6 whitelisting.
• New configuration options are available for web sites running behind reverse proxies/load balancers and third party content distribution networks such as Akamai and CloudFlare. These options ensure that Bad Behavior can correctly screen requests when operating in these environments.
• Search engines are screened faster and more accurately, improving search engine metrics such as Google Page Speed and YSlow and virtually eliminating the possibility of false positives for search engines. (Bad Behavior still blocks most malicious traffic originating from search engine providers’ networks.)
• Blackhole lists other than http:BL have been removed as unsuitable for sites running Bad Behavior. Because of its comment spammer tracking, http:BL remains the only blackhole list Bad Behavior uses. (It is disabled by default; enable it in your settings if you wish to use it.)
• For platforms without built-in administrative pages, Bad Behavior has a simplified method of changing settings. Settings changes on these platforms are preserved through software updates.
• Bad Behavior’s whitelisting feature has been completely revamped. Whitelists are much easier to maintain and are preserved through software updates.
• Across the board performance improvements have been added.
• Messaging displayed to blocked requests has been significantly improved for clarity and to facilitate issue resolution.
• MediaWiki: Fixes for database access have been incorporated. It should no longer be necessary to place strange hacks in LocalSettings.php to use Bad Behavior on MediaWiki.
• WordPress: Minor display issues in the log viewer have been corrected.
• Numerous additional minor improvements.

What’s Coming?

Shortly I’ll be posting my roadmap for Bad Behavior 3.0, the next major version. This will be a ground-up rewrite of Bad Behavior incorporating lessons learned over the past seven years of fighting link spam and programming in general.

I will also once again be adding new spammers to Bad Behavior as I catch them. Analyzing spammers is an ongoing process and is probably the most time-consuming part of this whole project.

Support

I will skip the usual speech. If you’re reading this you already know how valuable Bad Behavior is. Donate today to ensure that I can keep going in the fight against our mutual enemies, the spammers.