/**
* vB Bad Behavior is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at your option) any
* later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
*/

What is vB Bad Behavior?
This is an integration of the Bad Behavior software with vBulletin.

What is Bad Behavior?
Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it. Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site's load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.

Visit http://bad-behavior.ioerror.us/ for more.

Features
For more information on the features of Bad Behavior (and subsequently this mod) please go to Bad Behavior's site:

http://bad-behavior.ioerror.us/documentation/benefits/

For features related to the mod itself, please take a look at the screenshots.

This mod should work with vB 4.x, it was tested on 4.1.2/4.1.3. Screenshots are from vB 3.x, but it should still look relatively the same with vB4.

Installation
1. Extract the contents of the zip file.
2. Upload the contents of the `upload` folder to your forum root.
3. Enter your AdminCP and go to Plugins & Products > Manage Products > [Add/Import Product]
4. Import the product using the `product-vb_badbehavior.xml` file.
5. Configure the mod in AdminCP -> Settings -> Options -> vB Bad Behavior Options

Upgrading

vB Bad Behavior
In many cases, all you'll need to do to upgrade is follow the installation instructions above.

The only difference, will be you'll need to allow the files to overwrite. Also, when re-importing the product file, you'll need to set "Allow Overwrite" to "Yes".

Bad Behavior
Bad Behavior's files are at `/includes/bad-behavior/`. If you wish to update manually go to:

http://bad-behavior.ioerror.us/download/

And download the latest development version. Extract the zip, and upload the contents of `bad-behavior` to `/includes/bad-behavior/` allowing the files to overwrite.

Versions
The current version of Bad Behavior this mod is using is: v2.2.16
The current version of Bad Behavior (development) is: v2.2.16

Changelog
Version 1.0.14, 09/22/2015

Bad Behavior upgraded to 2.2.16


Version 1.0.13, 04/23/2013

Bad Behavior upgraded to 2.2.14


Version 1.0.12, 12/21/2012 -- Released: 02/05/2013

Bad Behavior upgraded to 2.2.13
Added some more ranges to whitelist.ini


Version 1.0.10, 09/09/2012

Bad Behavior upgraded to 2.2.10


Version 1.0.9, 06/17/2012

Bad Behavior upgraded to 2.2.7


Version 1.0.8, 06/12/2012

Bad Behavior upgraded to 2.2.6
New Setting: EU Cookie


Version 1.0.7, 05/04/2012

Bad Behavior upgraded to 2.2.3
Cron/Scheduled Task for automatic log pruning added.


Version 1.0.6, 01/04/2012

Bad Behavior upgraded to 2.1.15


Version 1.0.5, 05/26/2011

Added option for bypassing users/members.
If the visitor is a user, and is in usergroup 5, 6, or 7 (admin/mod/super mod) - Bad Behavior is bypassed.
Modified bad-behavior core to check for Google Web Preview

file edited: /includes/bad-behavior/core.inc.php

Added a link beside the IP address in the log for WhoIs.


Version 1.0.4, 04/28/2011

Bad Behavior upgraded to 2.1.13 (fixes search engine block issues)
Added Paypal/Paypal IPN IP address to the whitelist.
Added payment gateway file names to the whitelist.


Version 1.0.3, 04/21/2011

Fix #1: Pruning log doesn't work.
Fix #3: POST more than two days after GET (added support for BB's javascript)
Fix #5: Cannot modify header information error (suppressed error in BB's function)
Implemented #6: Filter per key (new admincp option to list keys not to be shown in log)
Implemented #9: Show link to member profile (if userid is found in headers, link to profile)


Version 1.0.2, 04/10/2011

Updated /includes/functions_vb_badbehavior.php to:

disable Reverse Proxy if Reverse Proxy Addresses are empty
distinguish SQL queries using "SET", for example: SET @@session.wait_timeout = 90 - which is used by BB
set "offsite_forms" to false by default, as it's not really needed in vB IMHO, and it can cause problems with certain setups
cleaned up the bb2_read_settings() function and fixed a typo in one of the vbulletin options calls

Updated /includes/whitelist.ini to include the following GOOGLE ranges:

74.125.0.0/16
216.239.32.0/19
209.85.128.0/17
66.102.0.0/20

Updated /admincp/vb_badbehavior.php

Log pruning was pruning all logs, despite what was entered for number of days



Version 1.0.1, 04/06/2011

Bad Behavior upgraded to 2.1.12
Changed files:

/includes/bad-behavior/core.inc.php
/includes/bad-behavior/searchengine.inc.php

"Verbose" admin option now set to "No" by default.


Version 1.0.0, 04/05/2011

Initial release.



Screenshots
Screenshots can now be seen at: http://www.secondversion.com/images/vb/vb_badbehavior/

I was running out of room for attachments here on vB.org


Development

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb4


Only those who "Mark As Installed" will receive support for this modification.

Reserved for future use.

An update will be coming soon, since a new version of Bad Behavior was released.

Version 1.0.1, 04/06/2011
- Bad Behavior upgraded to 2.1.12
- Changed files:
o /includes/bad-behavior/core.inc.php
o /includes/bad-behavior/searchengine.inc.php
- "Verbose" admin option now set to "No" by default.

I've reached the max. number of attachments for this thread - so I'll have to move the screenshots elsewhere. I will do this soon.

Thanks for this, I'm going to have a play with it at the weekend.

installed

plz can you tell me

i had high load in my server, can i get some benefit from this?

Thanks for this :)

Installed with thanks for testing on 4.04pl1 of vBulletin ... :)

Regards,
Doug

Screenshots can now be seen at: http://www.secondversion.com/images/vb_badbehavior/

I was running out of room for attachments here on vB.org - Also, to lower the size of the download... removed the screenshots from the zip files.

installed

plz can you tell me

i had high load in my server, can i get some benefit from this?
Yes, you could. Malicious bots can result in part of that load, if not most of it - with Bad Behavior blocking them, most folks do see a decrease in load.

Version 1.0.2, 04/10/2011

Updated /includes/functions_vb_badbehavior.php to:

disable Reverse Proxy if Reverse Proxy Addresses are empty
distinguish SQL queries using "SET", for example: SET @@session.wait_timeout = 90 - which is used by BB
set "offsite_forms" to false by default, as it's not really needed in vB IMHO, and it can cause problems with certain setups
cleaned up the bb2_read_settings() function and fixed a typo in one of the vbulletin options calls

Updated /includes/whitelist.ini to include the following GOOGLE ranges:

74.125.0.0/16
216.239.32.0/19
209.85.128.0/17
66.102.0.0/20

Updated /admincp/vb_badbehavior.php

Log pruning was pruning all logs, despite what was entered for number of days

Thanks for the update ... :up:

This mod seems to block a LOT of things .... :eek:

Some of them seem pretty nasty. For example ..

When I click on an item in the log under the key "dfd9b1ad", it says on a pop screen ...

HTTP Response: 403
Explanation: You do not have permission to access this server.
Log Message: Request contained a malicious JavaScript or SQL injection attack

I assume this something trying to do something bad to our site?

Also, I've been to project honeypot site and I can't find anywhere to register for an API key?

Regards,
Doug

looking good so far, its already flagged up a couple of accounts which we had previously banned for being spam bots. If it performs as well on previously unseen spammers, this could be a motm.

Also, I've been to project honeypot site and I can't find anywhere to register for an API key?
Regards,
Doug

http://www.projecthoneypot.org/httpbl_configure.php

http://www.projecthoneypot.org/httpbl_configure.php

Thank you ... appreciate that ... :up:

Regards,
Doug

SVN now available at: http://subversion.assembla.com/svn/vb-bad-behavior/trunk/vb4/
Trac as well: http://trac.assembla.com/vb-bad-behavior/

SVN now available at: http://subversion.assembla.com/svn/vb-bad-behavior/trunk/vb4/
Trac as well: http://trac.assembla.com/vb-bad-behavior/

Sorry ... :confused:

I just updated to 1.0.2 ....

Do I need to do go to that site and do this SVN thing as well?

Also, what is Trac and is it something that goes with Bad Behavior?

Thanks ... add-on seems to be working very well so far and catches an incredible amount of intrusions on the front end, although it does block IE6 users.

Regards,
Doug

SVN is just a backup of the latest files.
Trac is a Project Tools for this addon.

You can add the issue with BB blocking IE6 here:
http://trac.assembla.com/vb-bad-behavior/newticket

Version 1.0.3, 04/21/2011

Fix #1: Pruning log doesn't work.
Fix #3: POST more than two days after GET (added support for BB's javascript)
Fix #5: Cannot modify header information error (suppressed error in BB's function)
Implemented #6: Filter per key (new admincp option to list keys not to be shown in log)
Implemented #9: Show link to member profile (if userid is found in headers, link to profile)
Changes: http://trac.assembla.com/vb-bad-behavior/changeset?new=28%40trunk%2Fvb4&old=7%40trunk%2Fvb4

Updated to v1.0.3 with thanks .... :)

Sent PayPal donation previously ... :up:

Regards,
Doug

Does this work on PHP 5.3.6 without any problems?

Does this work on PHP 5.3.6 without any problems?
I've been testing on PHP 5.3.6, with no problems.

Updated to v1.0.3 with thanks .... :)

Sent PayPal donation previously ... :up:

Regards,
Doug
Although I don't remember receiving it (admittedly I'm very forgetful), I appreciate it :)

Very bad mod for anyone interested in search engine traffic as it blocks all search engine spiders,

Uninstalled.

Very bad mod for anyone interested in search engine traffic as it blocks all search engine spiders,

Uninstalled.
What proof do you have that it does?

What proof do you have that it does?

because i tested it?

use a search engine spider simulator this google one for example:
http://www.smart-it-consulting.com/internet/google/googlebot-spoofer/

install the mod and search one of your pages it will return a 403, uninstall/disable the mod and it returns to normal,

anyone using google tools can also submit a sitemap and see the full list of urls returned as error pages

because i tested it?

use a search engine spider simulator this google one for example:
http://www.smart-it-consulting.com/internet/google/googlebot-spoofer/

install the mod and search one of your pages it will return a 403, uninstall/disable the mod and it returns to normal,

anyone using google tools can also submit a sitemap and see the full list of urls returned as error pages
So... you used something that spoofs the User-Agent? http://whois.domaintools.com/66.115.160.58 is the IP that site sent, obviously not owned by Google - the script checks the IP as well.

As for sitemaps, just checked that as well - no problems here, Google was able to access them just fine.

So... you used something that spoofs the User-Agent? http://whois.domaintools.com/66.115.160.58 is the IP that site sent, obviously not owned by Google - the script checks the IP as well.

As for sitemaps, just checked that as well - no problems here, Google was able to access them just fine.

my google sitemap is showing a list of errors on every page and adsense adverts are not displaying as the adsense spider can not access the page either,

if you have view spiders enabled on your forums you should notice that no spiders are showing after installing this

could possibly be a conflict with another mod, i'll do some checking

my google sitemap is showing a list of errors on every page and adsense adverts are not displaying as the adsense spider can not access the page either,

if you have view spiders enabled on your forums you should notice that no spiders are showing after installing this

could possibly be a conflict with another mod, i'll do some checking
I have no such issue on my site. What settings do you use?

how this work with vbseo?

i got a ip 74.86.16.2, which it seems it got blocked , not sure :S

*Tagged*

Thank You.

Hey all,

For some reason I wasn't getting notifications despite being subscribed to the thread. I went back through the messages to see what I might have missed that needs my attention:

i had high load in my server, can i get some benefit from this?

Yes. In the thread for the 3.8 version of Bad Behavior. Alfa1 said (https://vborg.vbsupport.ru/showpost.php?p=2183421&postcount=43) his server load dropped from 38 to 0.7. I've heard very similar stories over the years, and indeed, this is one of the things that Bad Behavior does well.

my google sitemap is showing a list of errors on every page and adsense adverts are not displaying as the adsense spider can not access the page either,

Some Google IP addresses were missing from Bad Behavior because Google never used them for crawling before. Apparently they're feeling the crunch from the IP address shortage. All of the remaining Google IP address ranges that I know of will be in the next update, which should be out later today.

my google sitemap is showing a list of errors on every page and adsense adverts are not displaying as the adsense spider can not access the page either,

if you have view spiders enabled on your forums you should notice that no spiders are showing after installing this

could possibly be a conflict with another mod, i'll do some checking

Seems to be working just fine on our site using 4.04 .... :confused:

Haven't seen any change in spider activity or viewing activity using our Google Analytics software.

Regards,
Doug

Updated Bad Behavior core to 2.1.13, but it may be a little bit before an official release of the mod, as I plan on making further changes. For the time being:

http://trac.assembla.com/vb-bad-behavior/export/35/trunk/vb4/upload/includes/bad-behavior/searchengine.inc.php
http://trac.assembla.com/vb-bad-behavior/export/35/trunk/vb4/upload/includes/bad-behavior/core.inc.php

You can download those files, then overwrite the corresponding files in: /yourforum/includes/bad-behavior/

Updated Bad Behavior core to 2.1.13

Updated with thanks ... :up:

Regards,
Doug

Thank you I just installed it

Updated...

Version 1.0.4, 04/28/2011
- Bad Behavior upgraded to 2.1.13 (fixes search engine block issues)
- Added Paypal/Paypal IPN IP address to the whitelist.
- Added payment gateway file names to the whitelist.
- Changes: http://trac.assembla.com/vb-bad-behavior/changeset?new=42%40trunk%2Fvb4&old=31%40trunk%2Fvb4

installed and ran for a day to test. seems to have issues with members running IE6 (they cannot upgrade them due to corperate policies in place )

snippets from log

62.25.XXX.XXX UserID:26

2011-05-09 14:17:08 dfd9b1ad

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)

GET HTTP/1.1

/showthread.php?t=21964&p=236004#post236004

GET /showthread.php?t=21964&p=236004#post236004 HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Encoding: gzip, deflate
Accept-Language: en-gb
Connection: keep-alive
Cookie: hof_lastvisit=1274088582; hof_lastactivity=0; hof_userid=26; hof_password=7bd4d08dcb9ec682962e66b989a56fd5; hof_thread_rate=0ee4b525f1cf08b89a7e7569f2bc6bd7f4 ec7cdca-2-%7Bi-10584_i-5_i-10701_i-5_%7D; hof_; bb2_screener_=1304950617+62.25.109.195; skimlinks_enabled=1
Host: www.hof.org.uk
Pragma: no-cache
Referer: http://www.hof.org.uk/newreply.php?p=236001&noquote=1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)


happening to around 10 people sofar but have disabled while i try to sort out the issue with IE6, if that is indeed the cause

user agents for another two having issues

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MS-RTC LM 8; .NET4.0C; .NET4.0E)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

thanks in advance :)

installed and ran for a day to test. seems to have issues with members running IE6 (they cannot upgrade them due to corperate policies in place )

snippets from log

62.25.XXX.XXX UserID:26

2011-05-09 14:17:08 dfd9b1ad

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)

GET HTTP/1.1

/showthread.php?t=21964&p=236004#post236004

GET /showthread.php?t=21964&p=236004#post236004 HTTP/1.1
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
Accept-Encoding: gzip, deflate
Accept-Language: en-gb
Connection: keep-alive
Cookie: hof_lastvisit=1274088582; hof_lastactivity=0; hof_userid=26; hof_password=7bd4d08dcb9ec682962e66b989a56fd5; hof_thread_rate=0ee4b525f1cf08b89a7e7569f2bc6bd7f4 ec7cdca-2-%7Bi-10584_i-5_i-10701_i-5_%7D; hof_; bb2_screener_=1304950617+62.25.109.195; skimlinks_enabled=1
Host: www.hof.org.uk
Pragma: no-cache
Referer: http://www.hof.org.uk/newreply.php?p=236001&noquote=1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)


happening to around 10 people sofar but have disabled while i try to sort out the issue with IE6, if that is indeed the cause

user agents for another two having issues

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; MS-RTC LM 8; .NET4.0C; .NET4.0E)

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)

thanks in advance :)

Gawd, I wish IE6 would just die already.

Anyway, I'll take care of this in the next release.

ok, thanks mate, corperate users are a pain ;-)

Gawd, I wish IE6 would just die already.
Maybe an alert that notifies the user that he/she/it is running an outdated browser with security issues and should update by clicking a link.

Maybe an alert that notifies the user that he/she/it is running an outdated browser with security issues and should update by clicking a link.

This is a great idea, but it's not really implementable in Bad Behavior. My favorite is currently IE6 No More (http://www.ie6nomore.com/).

lol, have you seen the outdated images here: http://www.ie6nomore.com/code-samples.html It mentions FF 3.5, IE 8 and Safari 4 as the latest. :S

lol, have you seen the outdated images here: http://www.ie6nomore.com/code-samples.html It mentions FF 3.5, IE 8 and Safari 4 as the latest. :S

Indeed. THAT is how long we've been trying to get rid of that abomination IE6.

Version 1.0.5, 05/26/2011

Added option for bypassing users/members.
If the visitor is a user, and is in usergroup 5, 6, or 7 (admin/mod/super mod) - Bad Behavior is bypassed.
Modified bad-behavior core to check for Google Web Preview

file edited: /includes/bad-behavior/core.inc.php

Added a link beside the IP address in the log for WhoIs.
Changes: http://trac.assembla.com/vb-bad-behavior/changeset?new=63%40trunk%2Fvb4&old=45%40trunk%2Fvb4

Thanks for the update ... :up:

I can't find where the "option" in the AdminCP exists to set the usergroup exception for 5,6,7?

Also, I assume the IE6 thing is handled somewhere? I ask because my logs now show a specific user ID who has been having trouble (Usergroup 9) because he's stuck with IE6 and the log shows.

HTTP Response: 403
Explanation: You do not have permission to access this server.
Log Message: Request contained a malicious JavaScript or SQL injection attack

Of course that's not true for him, but how do I get the mod to not bother checking him and his IE6?

My apologies if I've misunderstood how to do this, or have missed something obvious. :)

Thanks again... great add-on and I previously donated directly with PayPal ... :up:

Regards,
Doug

Thanks for the update ... :up:

I can't find where the "option" in the AdminCP exists to set the usergroup exception for 5,6,7?

Also, I assume the IE6 thing is handled somewhere? I ask because my logs now show a specific user ID who has been having trouble (Usergroup 9) because he's stuck with IE6 and the log shows.



Of course that's not true for him, but how do I get the mod to not bother checking him and his IE6?

My apologies if I've misunderstood how to do this, or have missed something obvious. :)

Thanks again... great add-on and I previously donated directly with PayPal ... :up:

Regards,
Doug
I have not heard back from error10 yet, so no go on the IE6 yet.

Usergroups 5,6,7 are hardcoded to be excepted. You wouldn't want to block them :) Otherwise, you can set the option to "yes" for all other usergroups.

I have not heard back from error10 yet, so no go on the IE6 yet.

Usergroups 5,6,7 are hardcoded to be excepted. You wouldn't want to block them :) Otherwise, you can set the option to "yes" for all other usergroups.


Thanks ... understood .. :up:

I changed the single instance hard coded line in the XML to add the other two usergroups we needed:

else if (is_member_of($vbulletin->userinfo, 5, 6, 7, 9, 10))

Regards,
Doug

This looks incredible.

I registered to HoneyPot, but I don’t know where to get the API

Also, which 404 does it send to? Can I edit it so that it provides a link to our email service?

EDIT:

Also how much drain have you noticed from connection speeds?

Also how much drain have you noticed from connection speeds?
BB greatly speeds up my site. If you mean delay from connecting to project honeypot: i think that you can manually submit user agents to PH. In that case there is no drain at all. But that feature has not been added yet. See here:
http://trac.assembla.com/vb-bad-behavior/ticket/11

Warning: Cannot modify header information - headers already sent by (output started at [path]/includes/class_core.php:5417) in [path]/includes/bad-behavior/screener.inc.php on line 8

I get this warning :(

Badgerdog, did this solve the IE6 problem? I'm still getting registered users blocked even though the mod is set to bypass registered users in the admin panel.
Thanks ... understood .. :up:

I changed the single instance hard coded line in the XML to add the other two usergroups we needed:

else if (is_member_of($vbulletin->userinfo, 5, 6, 7, 9, 10))

Regards,
Doug

Badgerdog, did this solve the IE6 problem? I'm still getting registered users blocked even though the mod is set to bypass registered users in the admin panel.

Well, by deduction, since I haven't had any complaints from registered members who I know are using IE6, I assume it's working fine .... :)

Regards,
Doug

Ok, thanks. :)

Ok, thanks. :)

You're welcome ... :)

One thing I don't find is working is the Log Filter Keys function. For example, we added the key "00000000" to the list in the AdminCP options, yet those entries still show up in the logs.

Regards,
Doug

Can someone give "fire & forget" settings.

I want this to run on non-members, I would prefer nothing too aggressive, I want only obvious spammers to be blocked and I certainly do not want to miss out on legitimate crawlers, what would you guys suggest?

Operating mode - no
Logging - yes
Verb - no
http:BL - on with key @ level 25
Reverse proxy - no
Members - no

since I haven't had any complaints from registered members who I know are using IE6, I assume it's working fine

the exempt users from checks is fine, but an unregistered user with IE6 cant view the site or access the register page unless im missing something

the exempt users from checks is fine, but an unregistered user with IE6 cant view the site or access the register page unless im missing something

Ahhh... I understand now .. :)

That's possible, but I don't know what could be done about htat, except for the author of this mod to check for IE6 browsers and let them through.

Regards,
Doug

You can whitelist ie6 if you want, but unless your forum is aimed at government employees, I would not see a reason to do so.

You can whitelist ie6 if you want, but unless your forum is aimed at government employees, I would not see a reason to do so.

Where (and how) can I whitelist outside un-registered users accessing our site who are using IE6?

Thanks for any guidance .. :)

Regards,
Doug

In whitelist.ini you can add any useragent that you would want to whitelist. The file explains itself, as it already whitelists some user agents.

i've had to de-activate this until it allows ie6 users to view the site, shame is its a nice modification.
i know i can add ie6 to whitelist but the whitelist says that each useragent needs to be input in full. there are quite a combination so i'll sit this out until its sorted

Is there any possibility that this mod has caused a problem with PayPal, specifically with the following files in 4.1.3.

payments.php and payment_gateway.php

It appears that after 5 years of using PayPal for subscriptions and changing nothing else, that about the time we installed/update this mod, PayPal's return communciations to vBulletin has stopped working. Payments are being accepted and processed by PayPal, but the vBulletin end where it would log the transactions and update user records has stopped working, about a month ago.

Also, we use Skimwords which is built into our vBulletin and it helps with augmenting site revenue. I notice in the Bad Behavior logs that it's blocking "SkimWordsBot/1.0".

Where are the white lists located so we can make sure communications from appropriate sources are being permitted through to our site?

Regards,
Doug

whitelist.ini is located in /includes/
You can just add payments.php and payment_gateway.php to the whitelist. And SkimWordsBot as well.

whitelist.ini is located in /includes/
You can just add payments.php and payment_gateway.php to the whitelist. And SkimWordsBot as well.

Thanks ... :up:

I added payments.php only, as payment_gateway.php was already there ...

I also added SkimWordsBot/1.0 as a useragent ...

I noticed that the IP addresses listed for PayPal, don't seem to correlate to what PayPal is showing on their Go Live Checklist (https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/howto_api_golivechecklist)

Should these be changed in the whitelist and is it possible that's been causing the blocking I've been experiencing in the last 30 days?

Regards,
Doug

It cant hurt to add these IPs.

How do I know this mod is working on my site?

I've set it up with our http:BL API Key (a bunch of lowercase letters) but I'm not seeing anything changed in my apache log.

I have even enabled verbose logging. Does it log elsewhere? If so, where?

Is there some term I can use to grep my log file with to find instances where the mod has caught a bot?

Thanks. -- Rik

Dumb question...where do I find the logs?

Admincp > logs

<a href="https://bad-behavior.ioerror.us/download/" target="_blank">http://bad-behavior.ioerror.us/download/</a>
any way we can get a update to this
also it does not stop the bots scanning my site

What do you mean. vb BB uses the latest version of BB. Your comment about stopping bots is far to general to get a helpful response from anyone. Which bots do you want to stop and why? Have you added them to your robots.txt and are they ignoring it?

I am trying to stop Baidu Spider bot and I have it added to my robot.txt file do i need to add them to this program if so where
the reason why I have 200+ of them on all the time they slow down my forums and they seem to be getting more day by day

You do realize that Baidu is the 5 most used website on the whole internet? Its a legitimate search engine that will send many visitors to your site.

Earlier this year, Bing struck a deal with the much larger search engine Baidu, in regard to the English search results in China. Baidu spiders now also serve English content.

As such its not blocked in BB, but you can add it to the blocklist.

well my forums have been up for months and so far i am the only active person on it so far it has done nothing for me just lagging my forums. So where do i find the blocklist as i dont see an option for that

took a few hrs but seems to be better now less bots. Can anyone tell me what are the best settings in the options. Want to make sure I have the best settings and all are set to what they should be. For now I have just left them as default

just installed this program and would also like to know how does this program work and do I need to leave it at default settings or change them

Please read this thread, because it contains the information you need. The same goes for the 3.8 thread.

post link to it on this thread as I have looked at each page and no where it tells me the info I need

post link to it on this thread as I have looked at each page and no where it tells me the info I need
Read the 3.8 thread as well and then you have the full information.

its ok forgot to say fixed the problem

I found a crawler hitting my site called Whitevector. They are a company that monitors social media for companies to see what people are saying about them. They literally hit > 20,000 pages in a matter of 2 hours. Banned them as soon as I found their bot.

Im having an odd issue, Every time I download the latest version and extract it, there are no .xml files in it. What could I be doing wrong?

Im having an odd issue, Every time I download the latest version and extract it, there are no .xml files in it. What could I be doing wrong?That's pretty vague. What size is the file you downloaded? What files are in it? What are you using to extract (try 7-zip (http://www.7-zip.org/))?

That's pretty vague. What size is the file you downloaded? What files are in it? What are you using to extract (try 7-zip (http://www.7-zip.org/))?
Im using winrar un unzip. It's about 170 kilo bytes.

The folder contains:


php files
bab behavior folder
read me
screenshots

Im using winrar un unzip. It's about 170 kilo bytes.That's the right size, but the wrong contents. Maybe you're swapping the file for another mod somewhere along the line? upload (folder)
gpl-3.0.txt
lgpl-3.0.txt
product-vb_badbehavior.xml
README.txt

That's the right size, but the wrong contents. Maybe you're swapping the file for another mod somewhere along the line?

Would you be kind enough to link me to the right one? Maybe I, using the wrong download from badbehavior.

Would you be kind enough to link me to the right one? Maybe I, using the wrong download from badbehavior.I just grabbed the one in the first post to compare. vb_badbehavior_vb4-1.0.5.zip (https://vborg.vbsupport.ru/attachment.php?attachmentid=129503&d=1306456736)

I just grabbed the one in the first post to compare. vb_badbehavior_vb4-1.0.5.zip (https://vborg.vbsupport.ru/attachment.php?attachmentid=129503&d=1306456736)

Weird, that one worked. I was downloading a newer one from their main site.

I just noticed that I had 1.000.0000 entries in the log.
Please add a function to automatically prune the log after X days.

I would add this to your tracker, but your tracker is filled with spam.

Some stats I've collected over the past couple months by running queries on the log file. The log file has 780k records total.

Unique ip's blocked:
Sept: 12,571
Oct: 16,175

Unique ip's blocked from registering (hitting register.php):
Sept: 877
Oct: 1,211

Its a shame it looks like the integration has been abandoned.
There have been a couple of updates since the last one was released on here
http://bad-behavior.ioerror.us/2011/10/10/bad-behavior-2-2-rc3-2-1-15/
It looks like the next stable version, should happen soon.

It's not abandoned, I'm just busy with school work. I have it updated, just need to test then release.

great to hear Eric!

For anyone using the mobile API I strongly recommend you add api.php to the whitelist. This was blocking some post calls to the API.

For anyone using the mobile API I strongly recommend you add api.php to the whitelist. This was blocking some post calls to the API.

Do you know if this is on vB 3 as well? I know they made a mobile API for the 3.x series but don't have access to it.

Do you know if this is on vB 3 as well? I know they made a mobile API for the 3.x series but don't have access to it.

I would imagine it would block the vb3 api as well since it works the same way.

Version 1.0.6, 01/04/2012

Bad Behavior upgraded to 2.1.15

It appears there are some conflicts with either vb 4.1.10 or with Firefox 10. Loading the page with this mod on = text only, no css.

Loading the page with the mod disabled, = fine.

There were no issues reported in any other browsers.
The mod is currently disabled on our site until we can pinpoint the issue.

I have no such issues with FF10
It must be related to vb4.1.10 then.

using this together with [GlowHost] Spam-O-Matic - Spam Firewall stops forum spam https://vborg.vbsupport.ru/showthread.php?t=248042
helped with nearly complete removal of spam problems

my only small wishes
+ adminCP statistics page which covers all types of violations and theirs amount (e.g. #2b021b1f : 65535 times)
+ public forum statistics similar to SOM (on bottom of main forum page)

also i think the automatic database prune / cleanup don't work properly/at all

my thanks to author

p.s. any reason this isn't listed inside Anti-Spam section of modifications? https://vborg.vbsupport.ru/forumdisplay.php?f=245&threadprefix=Anti-Spam+Options

p.s. any reason this isn't listed inside Anti-Spam section of modifications? https://vborg.vbsupport.ru/forumdisplay.php?f=245&threadprefix=Anti-Spam+Options
This indeed belongs in the anti-spam section.

also i think the automatic database prune / cleanup don't work properly/at all


Yeah, something is going on with that. Every so often I'll see it running a LOT of DELETE and INSERT statements on the log records.

well since i installed this plugin it not correctly cleaned it once
be it 3.8.x version same as 4.x.x version ...

for 3.8.x i tried several workarounds w/o any success so i gave up
if needed manual sql wipe of the db entries must be done

make yourself a super admin and you will be able to do it from the admincp

make yourself a super admin and you will be able to do it from the admincp

what and where exactly You got in mind?

what and where exactly You got in mind?

you can do this from the config file

Getting a whole lot of these one day a week:

DELETE FROM `vb_badbehavior` WHERE `date` < DATE_SUB('27-02-2012 22:22:40', INTERVAL 7 DAY)
INSERT INTO `vb_badbehavior` (`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `ht...

The inserts are building up because the vb_badbehavior table is locking.

Getting a whole lot of these one day a week:

DELETE FROM `vb_badbehavior` WHERE `date` < DATE_SUB('27-02-2012 22:22:40', INTERVAL 7 DAY)
INSERT INTO `vb_badbehavior` (`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `ht...

The inserts are building up because the vb_badbehavior table is locking.

make sure you are a super admin then you can prune when needed

Just to ask, can I just download newer versions of bad behavior (current is 2.2.2) and just upload bad-behavior directory in includes/bad-behavior directory on my server? Or there needs to be done something more?

EDIT: I mean, last bad behavior directory, as there are two named this way.

Just to ask, can I just download newer versions of bad behavior (current is 2.2.2) and just upload bad-behavior directory in includes/bad-behavior directory on my server? Or there needs to be done something more?

EDIT: I mean, last bad behavior directory, as there are two named this way.

you would be best to wait for a update from the op. And yes he is very slow at doing the latest update as the version running now is very old

Cheers for that. I will have some fun installing this mod as there are some people on my forum who need this as they are troublemakers.

I have a full time job, and I am a full time student. It is a bit hard to update this as often as I would like. You can update manually using the download from Bad Behavior until I update the mod.

I have a full time job, and I am a full time student. It is a bit hard to update this as often as I would like. You can update manually using the download from Bad Behavior until I update the mod.
When you have time you can update it would be nice to see a update done as the one running is very very old I hope it does not take to long

I have a full time job, and I am a full time student. It is a bit hard to update this as often as I would like. You can update manually using the download from Bad Behavior until I update the mod.

Yes, of course, no problem with this. So, I just need to download files from Bad Behavior, and upload the lowest bad behavior directory in it corresponding place? That's all I need to do?

I have a full time job, and I am a full time student. It is a bit hard to update this as often as I would like.
Consider to ask Michael (Bad Behavior Developer) for help. I'm sure he is very willing.

would be nice to see update for Bad Behaviour 2.2.3 (for these who are less skilled on manual updating)

You literally download the files from the bad behaviour site and upload them to your server...

You literally download the files from the bad behaviour site and upload them to your server...

i know, didn't said i need it ...

Getting a whole lot of these one day a week:

DELETE FROM `vb_badbehavior` WHERE `date` < DATE_SUB('27-02-2012 22:22:40', INTERVAL 7 DAY)
INSERT INTO `vb_badbehavior` (`ip`, `date`, `request_method`, `request_uri`, `server_protocol`, `ht...

The inserts are building up because the vb_badbehavior table is locking.

btw, I figured out this happens when the vb_badbehavior table is fairly large and something is continually hitting my site and being blocked by bad bahavour. The database can't keep up with the deletes and inserts when it has to go through 1 million + records several times a second. Keeping the log pruned (unfortunately a manual task) and adding this index seems to help a bit:

ALTER TABLE `vb_badbehavior`
ADD INDEX `date` (`date`)

It would be good if author would include cron task to automatically purge log. Or you could disable logging for the moment.

There is a function to prune logs. But it is not automated.

There is a function to prune logs. But it is not automated.

Can you please tell me where to prune the logs. Thank you!

Where you look at logs. Above is option to view logs, underneath is option to prune them.

Where you look at logs. Above is option to view logs, underneath is option to prune them.

erm, i definitely missing such option, can You screenshot that?

Just thought I would give an update..

I am working on 1.0.7 now, with the latest BB 2.2.3. I am trying to work in a cron script as well to auto-prune.

Also, source/tracker is now available here:

http://projects.secondversion.com/vb-bad-behavior/

Nice to hear, tell me do you use eclipse to compile it

erm, i definitely missing such option, can You screenshot that?

Sure:

http://img135.imageshack.us/img135/4255/image000my.png

there's something in Croatian, but what interests you is all in English. :)

wow, i don't have that option, at all ...

what forum version You have? care share e.g. settings file?

wow, i don't have that option, at all ...

what forum version You have? care share e.g. settings file?

make yourself a superadmin from the config

what forum version You have? care share e.g. settings file?

Well, it could be superadmin settings, or it could be this:

// ****** USERS WITH ADMIN LOG PRUNING PERMISSIONS ******
// The users specified here will be allowed to remove ("prune") entries from the admin
// log. See the above entry for more information on the format.

This is all in config.php.

Anyway, put yourself there in all settings.

Well, it could be superadmin settings, or it could be this:



This is all in config.php.

Anyway, put yourself there in all settings.

I done a few tests seems you need canviewadminlog, canpruneadminlog and superadministrators
but he might as well give him self them all when he is in the config

Does this work well with the vbulletin facebook app addon?

Does this work well with the vbulletin facebook app addon?

As long as you add api.php to the whitelist.

Updated.

Version 1.0.7, 05/04/2012

Bad Behavior upgraded to 2.2.3
Cron/Scheduled Task for automatic log pruning added.

Just realized 2.2.4 was released yesterday :/

I will try to get this updated in the mod in the next couple of days.

Eric:
As long as you add api.php to the whitelist.
As the facebook app is official vbulletin software, api.php should be whitelisted by default.

Thanks for the update :)

update is very much appreciated!

Updated:

Version 1.0.8, 06/12/2012

Bad Behavior upgraded to 2.2.6
New Setting: EU Cookie

Updated:

Version 1.0.9, 06/17/2012

Bad Behavior upgraded to 2.2.7

Now on GitHub!

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb4

What I was using before didn't go well, so, moved to Git/GitHub. Feel free to create issues there, fork, do whatever!

Thanks for the update Eric.

FYI, the latest version (2.2.8) is a little stricter and I saw that it was blocking Bing. I added these addresses to my whitelist:
ip[] = "131.253.21.0/24"
ip[] = "131.253.22.0/23"
ip[] = "131.253.24.0/21"
ip[] = "131.253.32.0/20"

Also, I checked the logs specifically for cell phone users. I found a lot that were getting the "Required header 'Accept' missing" error that appeared to be legitimate users.

For now I commented out the if statements in browser.inc.php that check the Accept headers. The logic being that if they are malicious, another mechanism will catch them. I'll see how this goes.

D'oh! Almost forgot to update the thread.

Updated:

Version 1.0.10, 09/09/2012

- Bad Behavior upgraded to 2.2.10

Thank you for the great addon

Thanks for the update Eric.

FYI, the latest version (2.2.8) is a little stricter and I saw that it was blocking Bing. I added these addresses to my whitelist:
ip[] = "131.253.21.0/24"
ip[] = "131.253.22.0/23"
ip[] = "131.253.24.0/21"
ip[] = "131.253.32.0/20"

I see in the latest release these IP's ranges were hard coded into searchengine.inc.php

Everyone should probably update to 2.2.11 since it includes a fix for Google Adsense crawler:

http://bad-behavior.ioerror.us/2012/10/11/bad-behavior-2-2-11-and-2-0-49/

op needs to update to latest

op needs to update to latest

or you could just download from the link above and upload to the bad-behavior folder...

or you could just download from the link above and upload to the bad-behavior folder...

I already did does not mean the op does not need to update

... This would prevent the delivery of targeted ads to a page, and result in generic ads being displayed.This wouldn't affect us at all as far as I can tell. Still, I guess it's always a good idea to keep updated.

edit: FYI, the bad-behavior folder is in /forum/includes/.

I'm confused... :)

We use Google Adsense ...

My vBulletin add-on says this is installec ...

vB Bad Behavior (vB4) 1.0.10

Is this the latest version?

Thanks .. :)

Regards,
Doug

My vBulletin add-on says this is installec ...

vB Bad Behavior (vB4) 1.0.10

Is this the latest version?
That is currently the latest version of this mod, yes. But there may be a later version of the program this mod uses. Open up your /forum/includes/bad-behavior/core.inc.php and it will tell you what version of Bad Behavior you have. define('BB2_VERSION', "2.2.11");Post #1 explains how to update - see "Upgrading".

version 1.0.10

currently getting




Warning: Cannot modify header information - headers already sent by
(output started at /register.php(338) :
eval()'d code:114) in /includes/bad-behavior/screener.inc.php on line 9

which points to


function bb2_screener_cookie($settings, $package, $cookie_name, $cookie_value)
{
// FIXME: Set the real cookie
if (!$settings['eu_cookie']) {
setcookie($cookie_name, $cookie_value, 0, bb2_relative_path());
}
}
any help on this please

version 1.0.10

currently getting




Warning: Cannot modify header information - headers already sent by
(output started at /register.php(338) :
eval()'d code:114) in /includes/bad-behavior/screener.inc.php on line 9

which points to


function bb2_screener_cookie($settings, $package, $cookie_name, $cookie_value)
{
// FIXME: Set the real cookie
if (!$settings['eu_cookie']) {
setcookie($cookie_name, $cookie_value, 0, bb2_relative_path());
}
}
any help on this please

remove all files and reinstall see if that helps

I plan on upgrading the plugin later today...

Will package and release later today, but if you want it now, it is available on GitHub:

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb4

That is currently the latest version of this mod, yes. But there may be a later version of the program this mod uses. Open up your /forum/includes/bad-behavior/core.inc.php and it will tell you what version of Bad Behavior you have. Post #1 explains how to update - see "Upgrading".

It says ... BB2_VERSION', "2.2.10"

Regards,
Doug

Eric

why are you not updating the whitelist.ini
google have released newer scopes

I think they're may be a conflict with this mod and Google's new PageSpeed service, which we've just started to use.... :confused:

We keep getting lots of members complaining of timeouts (blocking?) when they attempt to access our site, which is I believe when Google's caching severs attempt to redirect users to our site. There are hundreds of whois "f1182195" entries in our logs.

They all originate from Google's PageSpeed caching servers with IP addresses in this range 173.194.xx.xx.

GET /showthread.php?t=24952&p=137388 HTTP/1.1
Accept: */*
From: googlebot(at)googlebot.com
Connection: Keep-Alive
User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
X-Pss-Loop: pagespeed_proxy
Accept-Encoding: gzip
Host: www.xxxx.com
Cache-Control: no-cache
X-Forwarded-For: 66.249.74.150

Note: I put the xxx's in the above quote for privacy.

How can I address this, short of turning OFF and not using Bad Behavior? Can I whitelist the range of server IP's and what would be the correct line to add to the whitelist.ini file?

Thanks for any help... :)

Regards,
Doug

f1182195 key = HTTP Response: 403
Explanation: An invalid request was received. You claimed to be a major search engine, but you do not appear to actually be a major search engine.
Log Message: User-Agent claimed to be Googlebot, claim appears to be false.

Can some explain to me what this entry in whitelist.ini will allow and not allow as far as IP addresses, to access our site?

I'm trying to understand the .0.0 meaning... does that act as a wildcard so any number in there makes that a vaild entry to be able to access our site?

Thanks.. :)

Regards,'Doug


; Extra GOOGLE ranges
ip[] = "74.125.0.0/99"
ip[] = "216.239.32.0/19"
ip[] = "209.85.128.0/17"
ip[] = "66.102.0.0/20"

Can some explain to me what this entry in whitelist.ini will allow and not allow as far as IP addresses, to access our site?

I'm trying to understand the .0.0 meaning... does that act as a wildcard so any number in there makes that a vaild entry to be able to access our site?

Thanks.. :)

Regards,'Doug


; Extra GOOGLE ranges
ip[] = "74.125.0.0/99"
ip[] = "216.239.32.0/19"
ip[] = "209.85.128.0/17"
ip[] = "66.102.0.0/20"

the developer hasnt updated them, there are about 3 more ranges
he needs to use, which i put into the whitelist.ini myself

current issues with 1.0.10
the following varnames are not set as integer

vb_badbehavior_httpbl_threat
vb_badbehavior_httpbl_maxage

Keen to download and impliment this as soon as the latest version is available. Just removed another product that was treating GoogleBots as a log referer spammers, and the log file it generated on log file spammers was viewable publicily, so this other mod was actually causing log referer spammers to target my site!!

So please hurry and release the new version Eric

Last month we started getting lots of 403 errors from Google. I can't say I've done a lot of research, but the only thing I remember changing last month was updating this mod (Oct. 19 judging from my posts).

A quick web search pointed to earlier versions of BB causing this, so Saturday evening I disabled this mod and will be keeping an eye on Google webmaster tools to see if the error continues.

Last month we started getting lots of 403 errors from Google. I can't say I've done a lot of research, but the only thing I remember changing last month was updating this mod (Oct. 19 judging from my posts).

A quick web search pointed to earlier versions of BB causing this, so Saturday evening I disabled this mod and will be keeping an eye on Google webmaster tools to see if the error continues.

thats what i told they guy too but hes not bother about that, googlebot can activity crawl a website unless you change the settings in google webmater tools, the other day i limited to about 5 visits

thats what i told they guy too but hes not bother about that, googlebot can activity crawl a website unless you change the settings in google webmater tools, the other day i limited to about 5 visits

Oh dear, and I was so hopefuly this mod would be good, as I had to remove another product for labelling Googlebot as a referer spammer and creating a referal spam hole in my site.

Oh dear, and I was so hopefuly this mod would be good, as I had to remove another product for labelling Googlebot as a referer spammer and creating a referal spam hole in my site.

ok well you still dont understand then this product, and my product both use the projecthoneypot API so if its more than 1 product identifiying the same issue

then my guess as i said before it projectshoneypot not our mods

I too installed a honeypot way back when I first installed this mod. But I haven't done anything to change it since. So unless last month's BB update affected it, I'm not sure I can blame the honeypot. But I guess I'm going to have to look up the uninstallation instructions just in case.

edit: Turning off Honey Pot was as simple as going to the dashboard on their site and clicking the link. I also deleted the one html page in my html root that I had put there for them. However, it was not the page giving me 403 errors.

I also checked Google Webmaster tools and there was only a single bad gateway error listed since I turned off BB Saturday. No 403 errors.

ok well you still dont understand then this product, and my product both use the projecthoneypot API so if its more than 1 product identifiying the same issue

then my guess as i said before it projectshoneypot not our mods

Sorry, your English and rational both are very poor, can you restate your text please?

Sorry, your English and rational both are very poor, can you restate your text please?

sorry i will simplify

both this product and mine use projecthoneypot and you said it basically reports the same as mine, so as a suggestion you will need to contact projecthoneypot
with the IP's from the bots so they can investigate it for you


more than likely both our mods report the same thing because its designed to do that
google webmaster tools suggests that it has not issues crawling and no errors visiting

sorry i will simplify

both this product and mine use projecthoneypot and you said it basically reports the same as mine, so as a suggestion you will need to contact projecthoneypot
with the IP's from the bots so they can investigate it for you


more than likely both our mods report the same thing because its designed to do that
google webmaster tools suggests that it has not issues crawling and no errors visiting

Eh, no, that is not what I said. That is what you summized and wrongly reported. Your product wrongly labels GoogleBot as a link referer spammer when project honeypot says nothing of the sort; project honeypot says the bot is Google, nothing more, so why would I want to contact them? Anyway, it is mute, as your product has multiple flaws, including the fact the report file is targetting by link referer spammers (your report file is publicly viewable and therefore when it reports the actions of a spammer, it thereby gives the spammer a file / link back to exploit) and I have now uninstalled it.

I have reinstalled Ban Spider by UserAgent which is excellent, and I am waiting for this Bad Behavior mod to be updated so I can also install it.

I also checked Google Webmaster tools and there was only a single bad gateway error listed since I turned off BB Saturday. No 403 errors.

I'm not sure, but I think this mod may be getting in the way of Google services as well....

We operate Google's PageSpeed Service and we've been seeing a LOT of errors...

Maybe it's something else, but I've turned OFF this mod for now until someone can validate it's working correctly.

We were one of the original PayPal donators to thank the developer for the project ..

Regards,
Doug

I'm not sure, but I think this mod may be getting in the way of Google services as well....

We operate Google's PageSpeed Service and we've been seeing a LOT of errors...

Maybe it's something else, but I've turned OFF this mod for now until someone can validate it's working correctly.

We were one of the original PayPal donators to thank the developer for the project ..

Regards,
Doug

Dang!

I wish someone would produce a bad behaviour mod that has a bot (by name) whitelist, where anything in the whitelist is given a reverse dns lookup to verify they are whom they say. Because it seems this is a common enough problem, and the last bot I want to block is GoogleBot.

Update: We have now risen back where we belong on a Google search - well, almost - we're #2 behind Wikipedia. We had fallen all the way back several pages.

I noticed another oddity. When I went to Webmaster Tools last Saturday it only showed my site as "Shannondale.org", so I added "www.Shannondale.org". I always thought they were basically the same, but this morning I see my vb sitemap is only showing as having been submitted to "www.Shannondale.org". Does Google really expect two sitemaps and can vb even do that?

Update: We have now risen back where we belong on a Google search - well, almost - we're #2 behind Wikipedia. We had fallen all the way back several pages.

I noticed another oddity. When I went to Webmaster Tools last Saturday it only showed my site as "Shannondale.org", so I added "www.Shannondale.org". I always thought they were basically the same, but this morning I see my vb sitemap is only showing as having been submitted to "www.Shannondale.org". Does Google really expect two sitemaps and can vb even do that?

You want to avoid this, it can affect your rankings. Recommend you use htaccess to cover all bases (.domain-name.com, IP Address - resolve them both to www.domain-name.com).

am unstallingg. i use the default setting ....all guest are unable to view the forum,

see the error message

Error 403

We're sorry, but we could not fulfill your request for / on this server.

You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.

Your technical support key is: 5bc8-9c4f-2b02-1b1f

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact help(@)naiji(.)com and be sure to provide the technical support key shown above.

Do not be fooled by the massive number of fake Google bots that are around these days. If the IP/CIDR does not reveal a Google bot then its fake.

Add the following to your whitelist.ini to unblock Google, Baidu Japan and Facebook:
; Extra GOOGLE ranges
ip[] = "66.102.0.0/20"
ip[] = "173.194.0.0/16"
; Extra Baidu ranges
ip[] = "180.76.0.0/19"
ip[] = "119.63.196.0/19"
; Extra Facebook ranges
ip[] = "69.171.224.0/19"
ip[] = "173.252.64.0/18"
ip[] = "66.220.144.0/20"Please be so kind to include the above into the next release.
The above CIDR ranges come from checking the whois on all bots that visited my big board while I had BB turned off for testing. The above IP ranges belong to valid spiders which are blocked if this is not added to the whitelist.

Does BB whitelist the IPs of pingdom?
https://www.pingdom.com/rss/probe_servers.xml
Pingdom should be whitelisted

Do not be fooled by the massive number of fake Google bots that are around these days. If the IP/CIDR does not reveal a Google bot then its fake.

Add the following to your whitelist.ini to unblock Google, Baidu Japan and Facebook:
; Extra GOOGLE ranges
ip[] = "66.102.0.0/20"
ip[] = "173.194.0.0/16"
; Extra Baidu ranges
ip[] = "180.76.0.0/19"
ip[] = "119.63.196.0/19"
; Extra Facebook ranges
ip[] = "69.171.224.0/19"
ip[] = "173.252.64.0/18"
ip[] = "66.220.144.0/20"Please be so kind to include the above into the next release.
The above CIDR ranges come from checking the whois on all bots that visited my big board while I had BB turned off for testing. The above IP ranges belong to valid spiders which are blocked if this is not added to the whitelist.

Does BB whitelist the IPs of pingdom?
https://www.pingdom.com/rss/probe_servers.xml
Pingdom should be whitelisted


The trouble is, you do not know whether something is a true GoogeBot or not as Google do not publish all of their IP ranges for obvious reasons. The only safeguard is to do a reverse dns lookup.

The trouble is, you do not know whether something is a true GoogeBot or not as Google do not publish all of their IP ranges for obvious reasons. The only safeguard is to do a reverse dns lookup.
What obvious reasons?
620 Googlebots are currently visiting my site with published IP ranges. I wonder what harm there is in blocking unpublished IP ranges.

What obvious reasons?
620 Googlebots are currently visiting my site with published IP ranges. I wonder what harm there is in blocking unpublished IP ranges.

In case Google's algo thinks you are feeding Googlebot one set of results, while actually serving other visitors another. Look it up. Google expressly state they do not publish all their IP ranges. Look around forums like webmasterworld

I highly recommend everyone update to the latest version, 2.2.13 , since it has updates to the way that googlebot and others are detected.

Updated to BB 2.2.13 and added some ranges to whitelist.ini

https://github.com/ericsizemore/vb_bad_behavior/tree/master/vb4

I do plan on actually uploading it to vB.org this time! But I will not be able to until tomorrow.

I've just installed. I don't understand about half of the options, I assume in that case I should just leave whatever it's set on default, correct?

Got caught up in a few things, but will be putting up an update here as soon as I can. Sorry guys.

I've just installed. I don't understand about half of the options, I assume in that case I should just leave whatever it's set on default, correct?
In a situation such as this, yes, I would recommend leaving the defaults. :)

Just so I am clear...

I should install vb4-1.0.10.zip and then download the latest version of BB from the website and overwrite the files in the BB folder?

Is it so complex or time expensive to upload a zipfile to vb.org? I find this hard to understand.

In any case: thanks for your efforts.

Updated to BB 2.2.13 and added some ranges to whitelist.iniDownload Now
Its still missing here in "Download Now". :)

I will test it too.

I have look in http://bad-behavior.ioerror.us/support/installation/ and click on "My software is not listed.", but get only "(Data to be restored soon? contact me if you need immediate help)". Is here a instruction for installation on a custom php file or for kohana framework?

Yep, download it here: http://bad-behavior.ioerror.us/2012/12/10/bad-behavior-2-2-13/

They're the same files that are in the mod, just updated.

There are statistics of forums operators, how much spam is decreased?
My moderators says it is 50% less. Is this a good value for this addon?

BTW I use "Spammers suck!" addon too.

1. Is it possible to use this check ONLY for the registration page?

2. Tons of users get a false detection for ONE topic and send me a "technical support key". What is this key and what I can do with it? ^^°

The key shows you what the issue is. You can go into your admincp to the BB log and find the incidents. That should quickly make clear why the users are being blocked.
Its possible that some of your users are using a fishy browser plugin. Its amazing what people install because its free.

I was in "adminCP->Statistics & Logs->vB Bad Behavior Logs" there is no input for this key and there is nowhere such a key. :confused:
All users get this output:
Technical Support

Your request contained data which is consistent with spam, active malware, viruses, or similar software.

To resolve this problem, clean your computer of viruses and other malware.

-------------------------------

Its possible that some of your users are using a fishy browser plugin.
No, I don't think so. All (100%) users get this false detection in one topic. Exception admins (and mods?). This "bug" is only(found only this) in one topic of my forum and happen only if you change the page of this topic. I do not understand why.

Add. There is a bug in 403 site of this addon I have marked it bold):

If you are unable to fix the problem yourself, please contact <a href="mailto:support(&amp;#64;)domain(&amp;#46;)com">support(&amp;#64;)domain(&amp;#46;)com</a> and be sure to provide the technical support key shown above.

I have deinstalled it. Only 50% chance to detect spammer and it have a bad bug in detection of spammers.

I changed to "Spam-O-Matic" and now >90% of spammers are blocked. o/

Is here stopforumspam.com database so much better as projecthoneypot.org?

These are two different things. SFS blocks registration, while BB blocks useragents. I use both stopforumspam and badbehavior together and that works really well.

Please be aware that Spam-O-Matic advertises forum hosting to your moderating team, but does not display this to admins.

Version 1.0.12, 12/21/2012 -- Released: 02/05/2013

Bad Behavior upgraded to 2.2.13
Added some more ranges to whitelist.ini

Version 1.0.13, 04/23/2013

Bad Behavior upgraded to 2.2.14

Thanks for taking the time to update the VB plugin as well.

BTW, can we assume no new options/settings if nothing is mentioned in the changelog?

Thanks for taking the time to update the VB plugin as well.

BTW, can we assume no new options/settings if nothing is mentioned in the changelog?

That is correct. At this point only Bad Behavior itself has been updated. The product file only changed to reference the new version number.

Installed! VB 4.2.1 :)

I recently fell on hard times and just now getting back on my feet. I plan to work on all of my mods soon, with this one as a priority. Basically: I'm still around. :)

Version 1.0.14, 09/22/2015

Bad Behavior upgraded to 2.2.16

Updated.. thank you ...

Regards,
Doug

Edit: New version created all kinds of SQL error issues. Uninstalled... not using any longer.

Thanks for the update
EDIT: it works just fine for me vb 4.24 beta1

Upgraded from older version, still seems to work great. Integrated it with my Honeypot, if anyone is interested in using my honeypot, send me a PM.