News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Bad Behavior for SMF mod

Started by butchs, April 12, 2010, 05:23:56 PM

Previous topic - Next topic

kaamaru

I replicated a spam bot and got
QuoteError 403


We're sorry, but we could not fulfill your request for
/ on this server.


An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.


Your technical support key is: 41af-850f-1756-6707


You can use this key to fix this problem yourself.


If you are unable to fix the problem yourself, please contact calumks at gmail.com and be sure to provide the technical support key shown above.




Warning:  Missing argument 2 for smf_db_query(), called in /home/public_html/iphone/Sources/bad-behavior/BadBehavior-SMF.php on line 70 and defined in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 235



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 263



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 267



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 277



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 322



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 345



Notice:  Undefined variable: db_string in /home/public_html/iphone/Sources/Subs-Db-mysql.php on line 372

Query was empty

Should I be getting those errors?

butchs

Was the whole quote in the warning message?

If not please fix it so I can understand.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

kaamaru

The whole warning message is in the quote, if that's what you mean?

butchs

Yes, I was not sure if it was the warning post and the SMF error log combined in the quote.

That should not happen.  I have not seen that before.  I need to try to duplicate that and see if it is indeed BB or another mod interfering.

Did you use "Bad Behavior Test" in the UA (if not what did you do) as the simulation?
Did it record your visit in the "DENIED Entries Log"?
Were there any entries in the log before you did the test or was it empty?
:)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

kaamaru

Well, it could be because I wasn't trying to be a spam bot. I was trying to see my theme's browser compatibility and one of the ways of doing that made the forum think I was a spam bot. I'm afraid I'm not sure if it was in my denied entries log. There were entries in the log before I did the test and how do I do the Did you use "Bad Behavior Test" in the UA again?

butchs

To test:
To insure that Bad Behavior is functioning correctly you can add the sting "Bad Behavior Test" to the User Agent (UA) of a HTTP request from someone who is not in the whitelist and is not the administrator.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

kaamaru

This error only appears when I view "http://ihackmyi.com" if I view "http://ihackmyi.com/iphone/index.php" no errors are displayed.

Look at the attachments.

butchs

Both of them give me "Query was empty" at the end.  This is saying that it can not write to the database because the information does not exist.  But the information does exist otherwise it would have never made it to the "error message" in the first place.  Something is preventing the transfer of data from BB to the SMF database.  At this point it looks like something on your end.  So:

1.  "Subs-Db-mysql.php" may be corrupted.  Try to back it up and reinstall this file from the SMF master disk.
2.  Maybe the installation of BB is corrupt.  A re-installation of both parts would be a good idea.
3.  You cold have a forum permission problem.  Make sure the permissions for the BB files comply with SMF standards.

If that does not work I will need more detail.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

kaamaru

Thanks, I fixed the problem by reinstalling the mod. I think I installed them the wrong way round.

butchs

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

butchs

Big update to BB 2.1.4 posted today.  Here are the updates:



1.  The mod supports 2.1.4 BB (now new install part 1) and a nasty Forum Spammer has been added to the ban list.
2.  Changes to BB 2.1.4:
  • A logic error in the CloudFlare code introduced in 2.1.3 caused installation or upgrading to fail under some circumstances, and caused a fatal error on systems which are using CloudFlare. This code has been rewritten.
  • A web crawler used by Facebook was inadvertently blocked because it engages in some unusual behavior. This could cause links to protected pages to appear on Facebook without their title, photo or description. This issue with Facebook's crawler has been worked around.
  • In rare configurations, the Firefox and Safari web browsers may send the nonexistent "Proxy-Connection" HTTP header. Old versions of Internet Explorer may also send this header in their default configurations. This usually occurs when the web browser is configured to connect to an (obsolete) HTTP/1.0 proxy or has been explicitly configured to use HTTP/1.0 when talking to a proxy, even if the proxy understands HTTP/1.1. This header originated with a proposal made by (then) Netscape which was rejected for inclusion in HTTP in 1998 due to its causing interoperability problems. Bad Behavior checks for this header as it has historically made an excellent indicator of malicious activity if it is seen at the origin server, because proxy servers are expected to strip the header. Because of the slight possibility of blocking legitimate users, this check is now active only in strict mode. (Thanks to Mark Nottingham for reporting this issue.)
  • A workaround for a problem with PHP on IIS servers has been implemented. This issue caused various parts of Bad Behavior's functionality to fail on IIS. (Thanks to Michael Kingery for reporting this issue.)
  • New code which implements "round-trip DNS" for verifying that an IP address belongs to a specific entity is now being used to verify Googlebot and MSNbot. This code replaces the old hard-coded IP addresses.
  • Support for the CloudFlare reverse proxy service has been added. Users of this service should now be able to use Bad Behavior successfully. (Thanks to Matthew Prince at Project Honey Pot for his assistance with this implementation.)



The big addition to the mod is CloudFlare support.  This mod is fully compatible with my CloudFlare mod.  If you are using CloudFlare and this mod please make sure both mods are installed.

You MUST completely uninstall both part 1 and 2 and reinstall the new version part 1 and 2 of thios mod.  Do not forget to backup your "whitlist.ini" file.

Enjoy!!
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

kaamaru

I just got this all over my portal

QuoteDeprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Deprecated: Function ereg() is deprecated in /home/iplod1/public_html/forum/Sources/bad-behavior/bad-behavior/functions.inc.php on line 62

Had to disable the mod. What could be the problem?

butchs

If you installed the new "bad_behavior_install_pt1of2" you will see that there is only comment code on that line.  It is obvious to me that you are mixing the old bad behavior with the new mod.

Try backing up your "whitlist.ini" file and uninstalling both "Bad Behavior install" and "Bad Behavior Mod" and downloading and reinstalling "bad_behavior_install_pt1of2 and "bad_behavior_install_pt2of2.

When you have the correct versions installed you should see the following in package manager:

Bad Behavior install    2.1.4
Bad Behavior mod    1.1.0

:)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Lou69

There is a difference for the user between the old whitelist.ini and the new whitelist.

New is:

[useragent]
useragent[] = "Mozilla/4.0 (It's me, let me in)"



Old is:

[useragent]
; This is an example; you should remove it
; useragent[] = "Mozilla/4.0 (It's me, let me in)"


Is the change intentional?

thanks




butchs

You are correct you need to remove it as follows:

; useragent[] = "Mozilla/4.0 (It's me, let me in)"
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Lou69


butchs

The CloudFlare portion of Bad Behavior 2.1.4 dies not work with CloudFlare.  I am currently debugging 2.1.5 and expect to be able to release Bad Behavior 2.1.5 soon.  Along with a mod and whitlist update.

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

butchs

New Version Posted today.

BB Mod 1.2.0
BB core 2.1.5
whitelist.ini

Mod changes:
Fixed email -  Streamed lined code and improvement for ip address.
Automatic detection of CloidFlare and IP addresses were resolved.

Core Changes
Improvements for CloudFlare.
The next official version will include some of the changes that are being installed by the above mod.
MSN bot error fixed.
ereg() is deprecated error fixed.

Whitelist Changes
Compatible with older versions of the mod.  Whitelist has been looked at more closely and comments were added.
More things are blocked to make it even more effective.
Only the base features were not commented.
This version is part of 2.1.5 and is recommended as a starting point for all users.
Your database server should be checked see (admin/Server Settings/Database and Paths/Database Server).

:D
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

MattH41

I want to say that this mod is amazing for SMF. I've had it installed for 3 days and these are the stats so far (running in strict mode):

Site #1:
2,622 Denied entries
20 Permitted entries

Site #2:
712 Denied entries
13 Permitted entries

Working great!

Quick question, if I want to move to 2.1.7 of Bad Behavior I just need to grab the files from the bad behavior site and drop them into the right location on the server, right?

butchs

That is good news.  You should see a drop in a few weeks as they give up.

There is no need to upgrade.  I submitted the changes that were used in the mod to BB to make BB version 2.1.7.  So latest version of the mod (part 1 and part 2) has everything that is in BB 2.1.7.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Advertisement: