Bad Behavior for SMF mod

[snoopy_virtual]

An Error Has Occurred!
The package id given in the uploaded file does not match the package id given by previous versions of this mod.
Package id in database: Bad_Behavior_mod
Package id in the uploaded file: Bad_Behavior_install

It doesn't matter if your mod has one file or a lot of them. Inside all the files the id need to be exactly the same one.

So if the id in the first file you uploaded to SMF (when you started this mod) was:

Code Select Expand


<id>JMiller:Bad_Behavior_mod</id>


All the rest of the files need to have exactly that id.

Of course inside every file you can change the name and version:

Code Select Expand


<name>whatever name you want for every file</name>
<version>whatever version number it is</version>


But you cannot change the id.

[butchs]

I tried that on my test server and it did not work.  I am sure SMF can sort it out...

[butchs]

The new version is in the mod section.

The big change is that it no longer requires your server to have cache capabilities.  See reply 82 for details.

[MattH41]

I want to say how thankful I am for this mod. I've been using if for a few months and it's still knocking out like 400 requests per day (strict mode) without any adverse consequences for my users.

[butchs]

You are welcome.  That is what Bad Behavior (BB) is about!

With your traffic you should try my new mod.  As a minimum you should al least use the ip address (ipv4 and ipv6) check along with the DOS prevention features.  Run it on logging mode for a few days before blocking.  My new mod has been waiting for SMF approval for 1 day short of a month.  I programmed/ tested to for more than six(6) months, it is by far my best anti-spam effort to date.  Along with BB you will see even more wasted bandwidth go away so your members can enjoy your site.

I think it is simply sitting in never-never land because it is a security mod and SMF wants to cover up security flaws and make it look like it has no security issues with SMF.  But the reality of my new mod is not about pointing out flaws in SMF but to rid the forum of bad visitors that try to pass known security flaws in other software...  These are the ones you do not want at your site.  I prefer to block ban bots/ people than to sanitize them like SMF.  Let SMF sanitize the posts, use there filters, give them a warm and cosy so they want to try more things.  Forum Firewall is all about chasing the unwanted away...

If you like you can find it at P.C. Tweakr.

[Malaky]

Hi!

First great anti-spam mod, I have used several of them (httpbl, stop spammer), and yours is the only one to prevent 99,999% of the spam to reach my board (I need to have some boards fully open to posting from guests, so spam is a big problem for me).

Now, I've installed rc4 on a test site, (done a clean new install), then wanted to import through phpmyadmin the database of my main forum (rc3). It gives me this error:

CREATE TABLE `hip_log_badbehavior` (
id int( 11 ) unsigned NOT NULL AUTO_INCREMENT ,
ip varchar( 16 ) NOT NULL default '',
date varchar( 255 ) NOT NULL default '0000-00-00 00:00:00',
request_method varchar( 4 ) NOT NULL default '',
request_uri varchar( 255 ) NOT NULL default '',
server_protocol varchar( 15 ) NOT NULL default '',
http_headers varchar( 255 ) NOT NULL default '',
user_agent varchar( 255 ) NOT NULL default '',
request_entity varchar( 255 ) NOT NULL default '',
KEY varchar( 255 ) NOT NULL default '',
PRIMARY KEY ( id ) ,
KEY ip( ip ) ,
KEY user_agent( user_agent )
) TYPE = MYISAM ;

#1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'varchar(255) NOT NULL default '',
PRIMARY KEY (id),
KEY ip (ip),
KEY user_' at line 11

Do you know if this comes from your mod, what it is? could it come because I'm trying to import a db from a rc3 forum to a rc4 one?

[butchs]

It is my understanding that when you change SMF version the SMF installer updates the database.  So if you attempt to to run a SMF RC3 database in RC4 you can get an error.

I recommend setting up a test server or a dummy server on the net and import the RC3 database in to a fresh copy of RC3 with no mods.  Upgrade the RC3 to RC4, which will update the database.  Back up the RC4 database, remove the software and install the RC4 database in your live MASTER RC4 with no mods installed.  Reinstall all mods and rock on... 

[Malaky]

Thanks a lot!

[macmend]

I can see instructions that sya "install part 1 then part 2 of this Mod" but nowhere can i find the instructions of how to do this install, can someone point me in the right direction

[butchs]

You found them.  First you download and install part 1.  Then you download and install part 2. 

[ripystys]

Hi butchs,

this is areally awesome mod!
Is there also a version for SMF 1.1?

Regards,
ripystys

[darcysarto]

I'm very sorry about this but I am a complete and utter novice.  I have set up a forum using smf 1.1.12, I've used forums and am quite comfortable just using them.  I wanted to stop some of the spam I've been getting as I really don't want to buy any ugg boots and that's what they all seem to be selling!

I have downloaded parts 1 and 2 and the whitelist ini but now have what is probably a stupid question to you knowledgable ones.  In the part 1 readme.txt it says this

It is recommended that you open /bad-bfolder/whitelist.ini and make the following changes:

Search for:
Code: [Select]
ip[] = "localhost"
Replace the word localhost wiht the IP address of your database if it is not localhost.

Starting on the next line enter:
ip[] = "xx.xx.xx.xx"
ip[] = "yy.yy.yy.yy"
Where xx.xx.xx.xx is the Admins IP address.
Where yy.yy.yy.yy is the Shared IP Address.

Well my database is hosted on my site so I assume I can leave that as locahost but am not sure what is meant by Admins IP address and Shared IP Address?  Is the Admin IP address the address of my home pc?  And Shared IP Address?

Sorry for asking what are basic questions.

[butchs]

Sorry this mod does not work with smf 1.1.x.

[ACAMS]

This mod is kinda hard to install, and I have some questions.

I have SMF 2.0 RC3

Before I uploaded to Packages and installed it, I extraced it to my desktop and opened the folder and inside it I found whitelist.ini and I found ip[] = "localhost" and changed it to ip[] = "mysql.mysite.orgy".............will that work?.....that is what was in my server info!

Starting on the next line entered:
ip[] = "MY IP address"
ip[] = "yy.yy.yy.yy" (I left this off, because I have NO CLUE what a shared address is....will it work?)


I saved it, then re-zipped the package and installed it on my forum like any other package.


I edited my .htacces to include the time zone per the instructions

Code Select Expand


#--- DH-PHP handlers ---
AddHandler fastcgi-script fcg fcgi fpl
AddHandler php-fastcgi .php
Action php-fastcgi /cgi-bin/dispatch.fcgi
Options -Indexes
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html

#Set the timezoneSetEnv TZ America/Chicago

^^^^Will that work?^^^^



I don't think it is working, because I don't have any error logs......and still have bots trying to log in guessing members passwords!!!

[ACAMS]

I enabled Verbose HTTP logging, and got 59 in just a couple of minutes......does that mean it is working?


I noticed bots that were in my block list trying to log in with usernames so I changed my .htacess to this.....do you see a problem with it?

Code Select Expand


#Set the timezoneSetEnv TZ America/Chicago
#--- DH-PHP handlers ---
AddHandler fastcgi-script fcg fcgi fpl
AddHandler php-fastcgi .php
Action php-fastcgi /cgi-bin/dispatch.fcgi
Options -Indexes
ErrorDocument 403 /403.html
ErrorDocument 404 /404.html
ErrorDocument 500 /500.html
<Limit GET HEAD POST>
order allow,deny
# ACAMS Pissed off
deny from 108.1.174.239
deny from 108.41.42.137
deny from 109.169.29.56
deny from 109.169.29.56
deny from 109.169.41.48
deny from 111.1.32.23
deny from 111.1.32.24
deny from 111.1.32.25
deny from 111.1.32.26
deny from 124.106.204.40
deny from 124.148.154.221
deny from 125.255.2.30
deny from 128.6.224.107
deny from 137.30.164.165
deny from 137.56.163
deny from 140.180.130.93
deny from 142.68.83.148
deny from 144.85.24.218
deny from 144.92.92.15
deny from 150.140.188.242
deny from 150.70
deny from 155.239.155.200
deny from 173.193.221
deny from 173.193.221.27
deny from 173.193.221.28
deny from 173.255.238.178
deny from 173.48.174.212
deny from 173.54.2.133
deny from 173.54.2.197
deny from 174.138.169.218
deny from 174.36.199
deny from 174.36.199.200
deny from 174.36.199.201
deny from 174.36.199.202
deny from 174.36.199.203
deny from 178.18.17.250
deny from 178.239.55.32
deny from 178.33.149.173
deny from 178.63.198.71
deny from 178.63.246.164
deny from 178.73.209.99
deny from 178.78.255.254
deny from 18.246.0.69
deny from 180.149.96.69
deny from 184.99.175.66
deny from 188.120.245.249
deny from 188.124.19.114
deny from 188.134.24.234
deny from 188.40.51.2
deny from 188.40.98.60
deny from 188.72.223.162
deny from 188.72.225.172
deny from 188.72.241.209
deny from 192.251.226
deny from 192.251.226.205
deny from 192.251.226.206
deny from 193.138.216.157
deny from 193.198.207
deny from 193.198.207.8
deny from 194.145.200.128
deny from 194.154.227
deny from 195.43.157.85
deny from 195.71.226.87
deny from 199.48.147
deny from 199.48.147.35
deny from 199.48.147.35
deny from 199.48.147.36
deny from 199.48.147.37
deny from 199.48.147.38
deny from 199.48.147.39
deny from 199.48.147.40
deny from 199.48.147.41
deny from 199.48.147.42
deny from 199.48.147.43
deny from 199.48.147.45
deny from 202.71.106.147
deny from 202.81.69.142
deny from 203.174.87.18
deny from 204.152.222
deny from 204.152.222.140
deny from 204.8.156.142
deny from 206.221.217.246
deny from 208.115.203.16
deny from 208.66.135
deny from 208.66.135.190
deny from 208.66.135.190
deny from 208.75.57.100
deny from 208.75.88.34
deny from 209.159.142.164
deny from 212.13.195.235
deny from 212.42.236.140
deny from 213.112.111.205
deny from 213.154.227.205
deny from 213.165.81.179
deny from 213.239.192.229
deny from 213.46.138.76
deny from 213.46.88.109
deny from 213.49.109.9
deny from 216.115.3.26
deny from 216.24.174.245
deny from 216.243.32.170
deny from 216.86.61.205
deny from 217.15.23.215
deny from 217.19.50.77
deny from 217.20.114.254
deny from 24.106.191.235
deny from 24.192.171.225
deny from 24.247.220.16
deny from 38.102.94.125
deny from 46.4.160.39
deny from 46.4.237.146
deny from 50.15.57.221
deny from 50.16.134.106
deny from 50.22.180.2
deny from 58.247.181.212
deny from 60.242.34.204
deny from 61.47.35.34
deny from 62.141.53.224
deny from 62.141.58.13
deny from 62.212.67.209
deny from 62.24.181.134
deny from 62.24.181.135
deny from 62.75.139.221
deny from 62.75.159.139
deny from 62.75.185.133
deny from 64.120.209.40
deny from 64.27.17.140
deny from 64.34.162.160
deny from 66.230.230.230
deny from 66.233.158.229
deny from 66.96.16
deny from 66.96.16.32
deny from 67.207.136.44
deny from 68.126.24.162
deny from 68.71.46.138
deny from 69.163.34.69
deny from 71.129.110.137
deny from 71.198.26.88
deny from 71.244.55
deny from 71.244.55.170
deny from 72.47.252.215
deny from 74.106.13.137
deny from 74.106.17.110
deny from 74.110.86.176
deny from 74.208.243.167
deny from 74.208.246.213
deny from 74.208.246.222
deny from 74.3.165.39
deny from 76.10.214.53
deny from 76.10.214.89
deny from 76.253.141.244
deny from 77.109.139.87
deny from 77.207.206.122
deny from 77.220.41.47
deny from 77.232.135.67
deny from 77.37.136.160
deny from 77.54.97.144
deny from 78.107.237.16
deny from 78.153.153.8
deny from 78.225.101.56
deny from 78.42.9.166
deny from 78.46.39.228
deny from 78.47.240.52
deny from 78.47.251
deny from 78.48.204.3
deny from 79.120.86.20
deny from 79.136.50.205
deny from 79.140.39.227
deny from 80.237.226.75
deny from 80.237.226.76
deny from 80.62.217.18
deny from 80.81.183.178
deny from 81.169.155.246
deny from 81.169.173.120
deny from 81.218.219
deny from 81.218.219.122
deny from 82.209.175.58
deny from 82.224.122.209
deny from 82.228.252.20
deny from 82.245.41.171
deny from 83.142.228
deny from 83.142.228.14
deny from 83.168.210
deny from 83.168.210.55
deny from 83.169.9.70
deny from 83.170.92
deny from 83.170.92.9
deny from 83.220.133.86
deny from 83.226.245.207
deny from 83.80.129.253
deny from 83.86.110.188
deny from 84.25.173.164
deny from 84.75.174
deny from 85.114.135.224
deny from 85.114.141.18
deny from 85.17.92.13
deny from 85.214.73.63
deny from 85.235.31.248
deny from 85.25.144.101
deny from 86.101.114.199
deny from 86.201.237.21
deny from 86.205.122.125
deny from 86.81.118.37
deny from 87.118.104.203
deny from 87.126.133.230
deny from 87.236.194
deny from 87.236.199
deny from 87.236.199.73
deny from 88.189.58
deny from 88.208.121.151
deny from 88.80.29.99
deny from 89.176.88.245
deny from 89.208.236.35
deny from 89.208.237.70
deny from 89.253.105.39
deny from 89.253.97.235
deny from 89.77.213.43
deny from 91.118.57.238
deny from 91.121.175.151
deny from 91.213.50
deny from 91.213.50.235
deny from 91.214.30.60
deny from 91.216.191.11
deny from 91.67.236.41
deny from 92.101.211.233
deny from 92.241.168.146
deny from 92.241.174.9
deny from 92.241.184
deny from 92.241.184.106
deny from 92.241.190.129
deny from 92.241.190.168
deny from 92.241.190.188
deny from 92.247.192.176
deny from 92.9.221.213
deny from 93.104.215.8
deny from 93.115.241
deny from 93.156.76.66
deny from 93.157.46.163
deny from 93.167.245.178
deny from 93.31.155.175
deny from 93.50.137.186
deny from 94.132.72.2
deny from 94.19.12.244
deny from 94.249.153.47
deny from 94.251.75.55
deny from 94.27.70.144
deny from 94.75.253.73
deny from 95.142.174.176
deny from 95.143.193.145
deny from 96.226.21.90
deny from 96.255.16.21
deny from 97.107.142.93
deny from 98.113.149.36
deny from 98.191.188.71
deny from 91.66.107.36
deny from 74.110.86.138
deny from 217.114.211.20
deny from 178.32.95.23
deny from 107.5.17.164
deny from 87.194.9.111
deny from 64.34.184.153
deny from 64.83.196.144
deny from 74.208.231.162
deny from 217.114.211.20
deny from 109.202.66.4
deny from 190.183.221.175
deny from 91.66.107.36
deny from 85.17.97.6
deny from 91.218.39.92
deny from 24.83.197.147
deny from 95.142.174.183
deny from 78.40.42.152
deny from 80.232.240.249
deny from 78.34.189.131
deny from 66.8.120.130
deny from 93.125.165.43
deny from 88.198.109.35
deny from 168.144.48.133
deny from 194.0.229.54
deny from 217.160.221.7
deny from 78.34.148.210
deny from 88.162.37.58
deny from 95.105.224.155
deny from 96.226.21.242
deny from 208.110.65.123
deny from 46.28.108.24
deny from 193.34.144.124
deny from 62.141.53.224
deny from 192.251.226.205
# bots be gone
allow from all
</LIMIT>


[butchs]

Yes BB is working.

I can not vouch on your htaccess file since the requirements differ host by host.

As far as your list goes it is a waste of time since the bots change their ip often.  You could end up blocking a good user.

I would prefer to see you add a better robots.txt file.  Search this site there are a few discussions on robots.txt.

If you insist on blocking ip via htaccess then do it by country and a few notable locals in your own country.

[butchs]

Hi butchs,

this is areally awesome mod!
Is there also a version for SMF 1.1?

Regards,
ripystys

Working on a new version.  Lots of improvements and changes.  Added SMF 1.1.x functionality.  I will be running beta tests for a few weeks at SMF HELPER.  So follow the link if you will like to try it.  I will test it there at least two weeks fore the official release.

[ACAMS]

I have a member that is blocked and he gave me the technical support key number, but I have over 3000 entries in the block log.......How do I unblock him?

[butchs]

Two ways:

1.  You can go to the BB Website and make a request.
2.  Add him to the whitelist.  In the last release version that will require you to add his ip address to the whitelist.ini file.  The beta will be a permission change.

[ACAMS]

Thanks, I think we have it worked out.