Alexa is in the business of providing 'free' toolbars & plugins to people, that meanwhile collect data. These days Alexa is a lot more open about what they are doing than before, when their practices was kept hidden. It was pure spyware before. Now its just crapware. The few users that have installed alexa toolbar do not generate enough data for Alexa to produce any meaningful analysis. And for good reason.

Ok, thanks guys, point taken. :) Thanks for the link Simon.

Dont be fooled by the amount of users that visit with Alexa Toolbar in their user agent. Its one of the out the box Xrummer user agents.
So a certain percentage of those hitting claiming to use it, could be low life. Thats normally on ie6 user agents.

Some stats I've collected over the past couple months by running queries on the log file. The log file has 780k records total.

Unique ip's blocked:
Sept: 12,571
Oct: 16,175

Unique ip's blocked from registering (hitting register.php):
Sept: 877
Oct: 1,211

Its a shame this has not been updated for a long time.
There have been several updates released, the last one was in October
http://bad-behavior.ioerror.us/2011/10/10/bad-behavior-2-2-rc3-2-1-15/

It's not abandoned, I'm just busy with school work. I have it updated, just need to test then release.

Eric, nice to see you alive n kicking :)

It's not abandoned, I'm just busy with school work. I have it updated, just need to test then release.

Awesome, thanks! I've had a few spammers slip through over the last couple weeks which is unusual. I was just coming to see if there was an update.

Also, please consider the earlier request for a bypass for members with over X number of posts. That way, questionable older accounts with 0 or 1 post can be screened by bad behavoir too. Sending in a donation- thanks again for your work on this!

By mistake i installed this plugin on vb 4.1.8 and now i m getting error in opening forum. although i deleted Upload folder from FTP. But still my forum is not opening.

http://forum.khoobsurati.com/ <- chk it

Help me to correct it...

Please update this to BB 2.1.15 (latest stable with needed fixes) or BB 2.2

Current version of vbBB is blocking new IP ranges for Google and Yahoo.

Current version of vbBB is blocking new IP ranges for Google and Yahoo.Wow, that would be really bad for SEO I assume? I'm disabling this mod for now.

Bad Behaviour also needs tweaking if anyone uses cloudflare
Im not using BB at the moment
When the final version gets released, I will go back to using it
At the moment BB is still a beta.
According to the developers website, the next release should be a full release

Wow, that would be really bad for SEO I assume? I'm disabling this mod for now.
You can easily add those IPs to the whitelist and resolve it.

You can easily add those IPs to the whitelist and resolve it.

Thanks for the tip

Can you share where I'd be able to find those IPs?

Or is it just something I'd have to collect over time?

Edit: Nevermind, see this:
Google doesn't post a public list of IP addresses for webmasters to whitelist. This is because these IP address ranges can change, causing problems for any webmasters who have hard coded them. The best way to identify accesses by Googlebot is to use the user-agent (Googlebot).
http://support.google.com/webmasters/bin/answer.py?hl=en&answer=80553

The problem is, if you dont add the ip ranges, it will see the google user agent coming from an unknown ip range and block them

The easy place to find the ip ranges, is on the bad behaviour website

Download the current versions from there and then look at the search engine file

Google ranges according to that are
"66.249.64.0/19", "64.233.160.0/19", "72.14.192.0/18", "203.208.32.0/19", "74.125.0.0/16", "216.239.32.0/19", "209.85.128.0/17"

MSN
"207.46.0.0/16", "65.52.0.0/14", "207.68.128.0/18", "207.68.192.0/20", "64.4.0.0/18", "157.54.0.0/15", "157.60.0.0/16", "157.56.0.0/14"

Yahoo
"202.160.176.0/20", "67.195.0.0/16", "203.209.252.0/24", "72.30.0.0/16", "98.136.0.0/14", "74.6.0.0/16"

The problem is, if you dont add the ip ranges, it will see the google user agent coming from an unknown ip range and block them

The easy place to find the ip ranges, is on the bad behaviour website

Download the current versions from there and then look at the search engine file

Google ranges according to that are
"66.249.64.0/19", "64.233.160.0/19", "72.14.192.0/18", "203.208.32.0/19", "74.125.0.0/16", "216.239.32.0/19", "209.85.128.0/17"

MSN
"207.46.0.0/16", "65.52.0.0/14", "207.68.128.0/18", "207.68.192.0/20", "64.4.0.0/18", "157.54.0.0/15", "157.60.0.0/16", "157.56.0.0/14"

Yahoo
"202.160.176.0/20", "67.195.0.0/16", "203.209.252.0/24", "72.30.0.0/16", "98.136.0.0/14", "74.6.0.0/16"


Thank you!

I'm still encountering the ncode opensearch issues.
https://vborg.vbsupport.ru/showpost.php?p=2191377&postcount=117

Version 1.0.6, 01/04/2012

Bad Behavior upgraded to 2.1.15

Is the ncode opensearch issue fixed?

Version 1.0.6, 01/04/2012

Bad Behavior upgraded to 2.1.15


Thanks!

Can you please add a setting for the site contact address? Currently it just uses the 'webmaster email address', which by definition is the email address that sends out all vbulletin email. In my case thats about 60.000 emails per month. You can imagine the amount of return emails and spam that land in that email account. There is no way that email address can be used to contact the admin.

Please add a separate setting, so that I can add our support ticket url.

It would be extremely helpful to have a search function, to search for specific forum members or IPs. I frequently need to search the logs (800.000 records per week) to find and resolve an issue.

Hi Eric, you posted on this mod "This mod should work with the entire 3.x series (well, beginning with 3.5), but it's only been tested on 3.8.x."

I tried installing vb_badbehavior-1.0.6 on a forum which is running 3.6.4 but received the following message:

The following dependencies were not met:

This product is not compatible with version 3.6.4 of vBulletin. (Compatible starting with 3.7.0).

Any ideas what stopped the install, apart from the forum being an older version and are there any workarounds apart from upgrading to a newer version of vB.

In the product xml change:
<dependency dependencytype="vbulletin" minversion="3.7.0" />
To:
<dependency dependencytype="vbulletin" minversion="3.6.0" />

Thanks Alfa1, worked a treat, will be interesting to see how the spammers are now dealt with.

This might sound like a daft question, but how do I know that this mod is working properly because bots are still trying to register on the forum since I installed it.

In addition, and I realise this is optional, I've signed up with Project Honey Pot and have pasted the API key into the relevant box, so assume it is picking up spammer details from that database.

Review the log in admincp. That will show you what its doing.

New more stable release of bb has been released today
http://bad-behavior.ioerror.us/2012/01/25/bad-behavior-2-2-rc4-2-1-16/

Just a case of waiting on Eric making the changes here

New release sounds like a good one :up:

The latest stable release is 2.2.1 This is a major update. Please implement this:

http://bad-behavior.ioerror.us/2012/02/01/bad-behavior-2-2-1/

I have had a substantial loss in Google Adsense revenue since the start of January, even though my traffic is up nicely since the first of the year. I know there are many factors involved, but the timing is about right and this one is easy to test and I am going to disable the plugin for a week to see if it is related. Anyone else noticed a similar issue? Ads seem to be appearing, but perhaps they aren't as optimized as they had been due to something of Google's being blocked?

You can check the BB logs in admincp and see if google adwords has been blocked. If it has, then you can whitelist the details in the whitelist file.

The latest stable release is 2.2.1 This is a major update. Please implement this:

http://bad-behavior.ioerror.us/2012/02/01/bad-behavior-2-2-1/Can we do this ourselves? I read this in the instructions of this mod:
== Bad Behavior ==
Bad Behavior's files are at `/includes/bad-behavior/`. If you wish to update manually go to:

http://bad-behavior.ioerror.us/download/

And download the latest development version. Extract the zip, and upload the contents of `bad-behavior`
to `/includes/bad-behavior/` allowing the files to overwrite.
So can we just download the latest files from the bad behaviour website and upload them to our server? Or does the mod and it's xml file need to be updated as well?

Keep in mind that
2.2 RC3 = 2.1.15
2.2 RC4 = 2.1.16

The latest release is now 2.2.1

Yes, all you have to do to update is upload and overwrite the files in the bad-behavior directory with the new ones.

From what I can tell, there is not that much different code wise between the two versions.

when we had version 3.8.x of forum this helped with nearly complete removal of spam problems

my only small wishes
+ adminCP statistics page which covers all types of violations and theirs amount (e.g. #2b021b1f : 65535 times)
+ public forum statistics similar to SOM (on bottom of main forum page)

also i think the automatic database prune / cleanup don't work properly/at all

This mod looks like it's really bad for our sites for seo, I just randomly picked one of the user agent strings that it had blocked and according to this website - http://user-agent-string.info it was a googlebot, that's really not cool, or am I reading it wrong? Screenshot attached.

136961

There are many bad bots disguising as Google bots.
None the less its possible that google gets blocked by bad behavior, because Google keeps using new IPs, and those need to be added to the whitelist.
This is why its vital that this addon keeps up to date and needs to run with the latest version of Bad Behavior. Else it will block valid users.

The latest stable version of Bad Behavior version is 2.2.2 while this addon runs 2.1.15

So what do we do, I am assuming we wait until the mod is upgraded to the latest version?

it would be nice if Eric brings it out of beta stage sometime soon too :0

I have a full time job, and I am a full time student. It is a bit hard to update this as often as I would like. You can update manually using the download from Bad Behavior until I update the mod.

Just thought I would give an update..

I am working on 1.0.7 now, with the latest BB 2.2.3. I am trying to work in a cron script as well to auto-prune.

Also, source/tracker is now available here:

http://projects.secondversion.com/vb-bad-behavior/

Updated.

Version 1.0.7, 05/04/2012

Bad Behavior upgraded to 2.2.3
Cron/Scheduled Task for automatic log pruning added.

How does this compare with ZBLOCK? http://www.spambotsecurity.com/

How do I block the Outwit scaper? This scraper is a popular firefox addons. Yesterday I found that some users who have this firefox addon installed, make 60.000 connections.
You can imagine that this causes a heavy load on the server.
http://www.outwit.com/
https://addons.mozilla.org/en-US/firefox/addon/outwit-hub/

Updated:

Version 1.0.8, 06/12/2012

Bad Behavior upgraded to 2.2.6
New Setting: EU Cookie

How do I block the Outwit scaper? This scraper is a popular firefox addons. Yesterday I found that some users who have this firefox addon installed, make 60.000 connections.
You can imagine that this causes a heavy load on the server.
http://www.outwit.com/
https://addons.mozilla.org/en-US/firefox/addon/outwit-hub/You have my ban spider by useragent mod installed don't you?, if you do then that will block them if you find their UA.

Hi Eric, what's the new EU Cookie setting? i know being in England we have to comply with the new cookie law and at the moment i have a 3rd party software for that but does your mod now incorporate it?

Updated:

Version 1.0.9, 06/17/2012

Bad Behavior upgraded to 2.2.7

Hi Eric, what's the new EU Cookie setting? i know being in England we have to comply with the new cookie law and at the moment i have a 3rd party software for that but does your mod now incorporate it?

I saw the setting mentioned in 1.0.8.

Keep in mind that, right now, I believe that Bad Behavior's cookie will be found to be exempt from the regulation, based on the ICO guidance that was posted last year. You should make your own decision, though and that's why I added the setting.

Please add to whitelist.ini:
url[] = "/mobiquo.php"

This is tapatalk. The most popular mobile app.

Please add to blacklist.inc.php:
"Artabus",
"Deepnet Explorer",
"DigExt",
"MarketwireBot",
"SoftLayer Server",
"FairShare",
"MRSPUTNIK",
"HackerTarget.com",
"JoBo",
"EMail Exractor",
"radian6",
"Radian6 FeedFetcher",
"radian6 comment reader",
"BoardPulse",
"harvest",
"Wget",
"HTTrack",
"copy",
"copier",
"Whitevector Crawler",
"Alexa Bitlybot",
"linkedin",
"Nutch",
"Postrank",
"Tweetmeme",
"glowhost",

Please add to whitelist.ini:
url[] = "/mobiquo.php"

This is tapatalk. The most popular mobile app.

Please add to blacklist.inc.php:
"Artabus",
"Deepnet Explorer",
"DigExt",
"MarketwireBot",
"SoftLayer Server",
"FairShare",
"MRSPUTNIK",
"HackerTarget.com",
"JoBo",
"EMail Exractor",
"radian6",
"Radian6 FeedFetcher",
"radian6 comment reader",
"BoardPulse",
"harvest",
"Wget",
"HTTrack",
"copy",
"copier",
"Whitevector Crawler",
"Alexa Bitlybot",
"linkedin",
"Nutch",
"Postrank",
"Tweetmeme",
"glowhost",

Most of those are not appropriate for blacklisting in Bad Behavior as they are legitimate bots. A few of them could be blacklisted, and I'll add those in.

As for the URL whitelisting, you don't REALLY want me to be able to cause whatever mayhem I want to just by visiting /mobiquo.php :)

As for the URL whitelisting, you don't REALLY want me to be able to cause whatever mayhem I want to just by visiting /mobiquo.php :)
You have got a point there. What would be the optimal approach to allow legitimate users to use Tapatalk?
BB blocks it by default.

You have got a point there. What would be the optimal approach to allow legitimate users to use Tapatalk?
BB blocks it by default.

I wish somebody had told me that sooner! Can you send me a log entry to look at, so I can fix the core (or alternately yell at Tapatalk for screwing something up on their end)?

This thread has a lot of discussion on tapatalk issues. Log entries are posted here: https://vborg.vbsupport.ru/showthread.php?p=2200933&highlight=tapatalk#post2200933

Also see: https://vborg.vbsupport.ru/showthread.php?p=2200939&highlight=tapatalk#post2200939

See this sticky on tapatalk support forum: http://support.tapatalk.com/threads/current-smf-2-0-rc3-plugin-mod-conflict-functions.3042/
http://support.tapatalk.com/threads/smf-1-x-dhamma-ru-forum.5995/
http://support.tapatalk.com/threads/deactivated-forum-error.3274/

This thread has a lot of discussion on tapatalk issues. Log entries are posted here: https://vborg.vbsupport.ru/showthread.php?p=2200933&highlight=tapatalk#post2200933

Also see: https://vborg.vbsupport.ru/showthread.php?p=2200939&highlight=tapatalk#post2200939

See this sticky on tapatalk support forum: http://support.tapatalk.com/threads/current-smf-2-0-rc3-plugin-mod-conflict-functions.3042/
http://support.tapatalk.com/threads/smf-1-x-dhamma-ru-forum.5995/
http://support.tapatalk.com/threads/deactivated-forum-error.3274/

This is defnitely Tapatalk's fault. They didn't send a User-Agent string when POSTing, which almost always indicates malicious behavior. In addition, in my testing with Tapatalk for Android, it sent several different user-agent strings (and one was obviously fake) when performing GET requests. This is something Tapatalk really needs to fix, and should have fixed long ago. It started to make me wonder if maybe spammers wrote Tapatalk...

Until Tapatalk fixes their apps, whitelisting the URL is probably the best you can do. :mad:

I tried to install the plugin on 3.6.8 and said I need 3.7 or something. I downloaded the 1.0.9 should I be using a different version for 3.6.8? Thanks for help.

Now on GitHub!

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb3

What I was using before didn't go well, so, moved to Git/GitHub. Feel free to create issues there, fork, do whatever! :)

D'oh! Almost forgot to update the thread.

Updated:

Version 1.0.10, 09/09/2012

- Bad Behavior upgraded to 2.2.10

Please add the following to whitelist.ini to resolve a conflict with Tapatalk:
useragent[] = "Tapatalk/2.0.0 (Tapatalk)"

Great Addon ,,, thanks for updating it :)

Thanks for the update. This was in logs, I think prior to the update:

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting ')' in /public_html/includes/functions_vb_badbehavior.php on line 284

Thanks for the update. This was in logs, I think prior to the update:
I have not been able to reproduce this. What is on line 284 for your file? For me, it is the below, which has not changed for quite some time:



'logging' => __bb2_read_settings_helper($vbulletin->options['vb_badbehavior_logging']),

The log is not showing up in my AdminCP. Anybody know what might be causing this?

Will package and release later today, but if you want it now, it is available on GitHub:

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb3

When you update for 2.2.11, would you please upload to here as well? Increasing number of spammers lately, hoping this may help!

When you update for 2.2.11, would you please upload to here as well? Increasing number of spammers lately, hoping this may help!

I meant to say when 2.2.12 is released, which it is now apparently. If you could upload your next update here I would greatly appreciate it, thanks!

Updated to BB 2.2.13 and added some ranges to whitelist.ini

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb3

I do plan on actually uploading it to vB.org this time! But I will not be able to until tomorrow.

Awesome, thanks. Anytime prior to the end of the world would be great!

Well, just my luck the world didn't end... lol :)

Got caught up in a few things, but will be putting up an update here as soon as I can. Sorry guys.

Well, just my luck the world didn't end... lol :)

Got caught up in a few things, but will be putting up an update here as soon as I can. Sorry guys.

hopefuly You fine and can update it here sometime, but thanks for posting the GIThub url ;)

I noticed what looks like a a good request from googlebot being blocked;

66.249.73.137 (whois) 2013-02-04 00:26:11 96c0bd29
http://who.is/whois-ip/ip-address/66.249.73.137/

Any idea why this might have hppened?

Version 1.0.12, 12/21/2012 -- Released: 02/05/2013

Bad Behavior upgraded to 2.2.13
Added some more ranges to whitelist.ini

Version 1.0.13, 04/23/2013

Bad Behavior upgraded to 2.2.14

thank you for this great plugin!

How does this compare with ZBLOCK? http://www.spambotsecurity.com/

Can this MOD be run alongside ZBBlock, or is it an either/or situation?

An upgrade for this would be very welcome!

It seems that IPv6 users can bypass this addon.

This addon is 3 years old and outdated. Please upgrade this to the latest version of bad behavior.

I've been away a while...

Will see what I can do about an update. :)

I do not need it anymore. I have moved to much greener pastures and have already arranged bad behavior integration through dragonbytetech.

I do not need it anymore. I have moved to much greener pastures and have already arranged bad behavior integration through dragonbytetech.

can u tel me the name of plugin please

i need it