The Arcive of Official vBulletin Modifications Site.It is not a VB3 engine, just a parsed copy! |
|
vB Bad Behavior Details »» | ||||||||||||||||||||||||||
/**
* vB Bad Behavior is free software; you can redistribute it and/or modify it under * the terms of the GNU Lesser General Public License as published by the Free * Software Foundation; either version 3 of the License, or (at your option) any * later version. * * This program is distributed in the hope that it will be useful, but WITHOUT ANY * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A * PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. */ What is vB Bad Behavior? This is an integration of the Bad Behavior software with vBulletin. What is Bad Behavior? Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it. Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site's load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers. Visit http://bad-behavior.ioerror.us/ for more. Features For more information on the features of Bad Behavior (and subsequently this mod) please go to Bad Behavior's site: http://bad-behavior.ioerror.us/documentation/benefits/ For features related to the mod itself, please take a look at the screenshots. This mod should work with the entire 3.x series (well, beginning with 3.5), but it's only been tested on 3.8.x. I'm not sure if this works on vB 4.x yet, as I've not tested it - but if you try it out, let me know! Installation 1. Extract the contents of the zip file. 2. Upload the contents of the `upload` folder to your forum root. 3. Enter your AdminCP and go to Plugins & Products > Manage Products > [Add/Import Product] 4. Import the product using the `product-vb_badbehavior.xml` file. 5. Configure the mod in AdminCP -> vBulletin Options -> vBulletin Options -> vB Bad Behavior Options Upgrading vB Bad Behavior In many cases, all you'll need to do to upgrade is follow the installation instructions above. The only difference, will be you'll need to allow the files to overwrite. Also, when re-importing the product file, you'll need to set "Allow Overwrite" to "Yes". Bad Behavior Bad Behavior's files are at `/includes/bad-behavior/`. If you wish to update manually go to: http://bad-behavior.ioerror.us/download/ And download the latest development version. Extract the zip, and upload the contents of `bad-behavior` to `/includes/bad-behavior/` allowing the files to overwrite. Versions The current version of Bad Behavior this mod is using is: v2.2.14 The current version of Bad Behavior (development) is: v2.2.14 Changelog Version 1.0.13, 04/23/2013
Version 1.0.12, 12/21/2012 -- Released: 02/05/2013
Version 1.0.10, 09/09/2012
Version 1.0.9, 06/17/2012
Version 1.0.8, 06/12/2012
Version 1.0.7, 05/04/2012
Version 1.0.6, 01/04/2012
Version 1.0.5, 05/26/2011
Version 1.0.4, 04/28/2011
Version 1.0.3, 04/21/2011
Version 1.0.2, 04/10/2011
Version 1.0.1, 04/06/2011
Version 1.0.0, 04/05/2011
Screenshots Screenshots can now be seen at: http://www.secondversion.com/images/vb/vb_badbehavior/ I was running out of room for attachments here on vB.org Development https://github.com/ericsizemore/vb_b...ree/master/vb3 Only those who "Mark As Installed" will receive support for this modification. Download Now
Show Your Support
|
Comments |
#72
|
||||
|
||||
Quote:
Quote:
If you aren't using a reverse proxy or load balancer, then you should not enable this option. Quote:
If caching is in use, then the cached pages need to be expired at least every 48 hours. Quote:
The rest of the time, it's somebody who installed Norton or something and whatever they're using is stripping out random headers, and the user doesn't really know what's going on. Or someone who thinks they know what they're doing who is a bit extreme with their "privacy". Often these require somebody to actually talk with the user and figure out what's actually going on. Like Eric, I'm glad my code has been helpful in reducing the spam and DoS problems for your forums. I'm nearing the 2.2 core release and as soon as I have that out, I can get back to work on some core stuff that's been waiting a long time. I'll be posting an updated roadmap for 3.0 soon. |
#74
|
||||
|
||||
Error10, how do we use your latest release?
Also, this may sound a bit daft to you but i'm sure there are many other users of your efforts that want to ask, could you explain (because i don't have a clue) what each part of this is and what it does, i, like most forum owners are paranoid at denying real users or visitors, so it would be a great help (or perhaps release it as an article on your site) Here's a POST one Quote:
Quote:
|
#75
|
||||
|
||||
Quote:
In the logs of my limited testing these have been 100% real users. Quote:
New feature request: Alert staff if registered member performs SQL injection or other attacks One thing that I find missing in this addon is a way to feed bad bot data to the blacklist. Please consider to add such functionality. Either as part of this addon or as Projecthoneypot integration. Added to tracker: Feed data to blacklist |
#76
|
||||
|
||||
Could you give details of this whitelisting as i'd like to do the same
|
#77
|
||||
|
||||
In /includes/whitelist.ini find: example.php
Replace with the script that you want to whitelist. |
#78
|
||||
|
||||
, i know how to whitelist i'd like to know what you did to whitelist paypal?
|
#79
|
||||
|
||||
I whitelisted the php file that handles my subscriptions.
|
#80
|
|||
|
|||
I've been watching this mod, planning to install it soon. Do all of these things like search engine spiders, Paypal, adsense and other legitimate scripts come whitelisted out of the box?
If not, is there a list of them somewhere with simple instructions on how to add them? |
#81
|
|||
|
|||
Quote:
As for the two entries you posted, the Log entry gives an indication of what the issue was, and of course with POST requests you can inspect the entity. The first one is a pretty blatant registration spam. I'm not sure what the issue is with the second one. Perhaps it was on Project Honey Pot? It doesn't look like you provided the log entry for them, so I can't really be certain. Quote:
A way to send in data, both on bad bots and on legitimate users inappropriately blocked, is on my roadmap already. As for notifying the admin of particular events, I think that will be on Eric. |
|
|
X vBulletin 3.8.12 by vBS Debug Information | |
---|---|
|
|
More Information | |
Template Usage:
Phrase Groups Available:
|
Included Files:
Hooks Called:
|