Bad Behavior for SMF mod

Started by butchs, April 12, 2010, 05:23:56 PM

Previous topic - Next topic

Smog

Cause of the prob: installed the mod on a SMF 2 version older than 2.0 RC2

During install v1.4.2 I encountered no probs, I emulated SMF 2.0 RC2 and the mod installed without any protest. Didn't expected that for uninstall it was also demanded to emulate SMF 2.0 RC2, atm I emulated to RC2 the uninstall button appeared.  :)

Some questions:

Search Engine DNS: what is advisable, activating or not?
Cache Duration: the time delay can be set between 0 and 99 seconds, zero disables this feature, standard is the value zero. Is it advisable to set a time delay, and if yes, what value at least to be effective?

butchs

#201
Interesting...

Quote from: Smog on April 17, 2011, 10:50:34 AM
Search Engine DNS: what is advisable, activating or not?

I use it and it works well for my site.  I have been using it for 6 months now.  It blocks a fake google and etc every now and then.  But some servers such as Ubuntu have issues.  If you try it, I suggest you monitor it for a few days to make sure no regular members get blocked.

Quote from: Smog on April 17, 2011, 10:50:34 AM
Cache Duration: the time delay can be set between 0 and 99 seconds, zero disables this feature, standard is the value zero. Is it advisable to set a time delay, and if yes, what value at least to be effective?

This feature was designed to reduce the amount of checks the mod makes when testing a user for large forums.  For example, if a bad guy hits your site BB will test it the first time.  If the bad guy is blocked the mod will forgo testing and block the bad guy the remaining duration of the cache set point.  The same is true if a regular member comes to the forum.  The member will not be tested again the duration of the cache set point.

Typically you like to set this to half the average duration of a bad bot visit but in most cases no more than 20 or 30 seconds.  As a minimum you will like to test a bot two times a visit.  Some people prefer three to four times.

If you have cpanel or some other way of tracking the last 100 users, you can look at visitor ip records.  Take the duration of the average visit and divide by at least two.  If you can not do this then 2-8 seconds can be a good starting point.

Why use this feature?  Well, a bad bot can hit you once or twice every second and eat up your bandwidth and/ or processor speed.  This feature can make your site faster because it will send the bots packing before SMF fully loads (ie page images/ icons).

The reason it is not recommended is because Bad behavior is extremely fast in the first place.  Bad behavior's core author has informed me that the package has been installed on some large CMS sites and it sill completes all tests in less than 10 milliseconds.  If you look at the page source (just below the title when viewing the main index) you will see the speed of this mod at work:  <!-- Bad Behavior 2.1.12 run time: 3.025 ms -->.

However, if you are using the Project Honey Pot portion and/ or enable the Search Engine DNS features or have a large web site I will recommend using a little cache.

The reason for using cache on a large forum is obvious so I will not get into it.  The other two are less obvious.  The reason I recommend cache for them because they both look up information at a remote site.  Some say this can slow things down.  So by using cache you reduce the amount of remote lookups your site makes.
8)
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Smog

Thanks for the comprehensive reply, appreciated. I also appreciate all the time and efforts you invest in this mod, even more because the mod work extremely well.

Malicious or spam related activities are a serious problem and have heavy, severe impact on sites and their legal visitors. Problems related to mentioned activities are immense and on the rise, OTOH there are several solutions to limit or even to cease malicious activities on sites. Bad Behavior is one of the solutions and I must say, till yet the most effective solution, there is no doubt about that fact. Using Bad Behavior together with a http:BL Access Key the mod work deathly effective and block almost all malicious site activities, hence Bad Behavior is a must have tool for site owners taking their job serious: protecting their site as well customers and legal visitors.

Also important to mention: till yet no legal visitor, search engines included, was blocked, we shouldn't underestimate the importance of this.

I'm very pleased about the mod, and will unconditionally recommend it to fellow site owners.

Kind regards,

Smokey

butchs

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Hi,

Does the 'local timezone' refer to my personal timezone, or the zone where the server is located?

What is the purpose of this setting?

Thanks.

Col

Oh, and where do I have put the .htaccess file? Is the site root, or the BB root?

Col

Quote from: butchs on April 21, 2010, 10:05:00 PM
The mod does not give out your email as a normal email.  If your email is [email protected] it shows admin at yoursite.com.  A human/ spammer will have to correct and type it in order to be able to send you a message.  So the chances are low that you will get spammed.

This is included so that regular users can contact you for access.  For example, someone you know logs in and gets ERROR 403.  They can then use this error to send you a message and get placed on the whitelsit by you.  If you did not give them a method to contact you, they will never be able to log in.

The email listed is from the "Webmaster Email Address" listed in "admin -> server settings -> general -> Webmaster Email Address".  It is not recommended but, if you do not want your email address showing up leave the above setting blank.

Hello Butchs,

I've never looked into it, but I assume that spammers have systems in place to automatically remove simple obfuscation from harvested e-mail addresses. This must be a trivial matter compared to cracking anti-spam measures such as reCaptcha, etc. So, I will be changing this behaviour to protect my website from possible spam. I think it would be better to instead provide an admin setting so that we might specify a URL. The destination webpage could be a contact form (my intention), or just a set of instructions for how the visitor might fix the problem (in my view, not the best solution).

butchs

#207
Quote from: Col on April 18, 2011, 08:56:10 PM
Does the 'local timezone' refer to my personal timezone, or the zone where the server is located?

What is the purpose of this setting?

Where do I put htaccess?

In most cases you will not need that setting.  You only need to worry about it if you get an error.

An error will look like this:
QuoteStrict Standards: bb2_install() [function.bb2-install]: It is not safe to rely on the system's timezone settings. Please use the date.timezone setting, the TZ environment variable or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/New_York' for 'EDT/-4.0/DST' instead in .../BadBehavior-SMF.php on line 202

Notice: Undefined index: logging in .../BadBehavior-SMF.php on line 202

If you get it ask your host for assistance.  Some times they do it in the php.ini file.  It depends on the provider.  If so, it will be your home time zone.

Quote from: Col on April 19, 2011, 06:37:07 PM
I've never looked into it, but I assume that spammers have systems in place to automatically remove simple obfuscation from harvested e-mail addresses...

I have looked into it and my method is rather unique.  It is even different than the BB core.  I am not going to tell you what I do... Rest assured at publishing time my methods were not used anywhere else on the net.  I only write code for SMF so it is way too much trouble for a bot to make code just to harvest email addresses from my mods.  Caputa is much easier since it is more common.

Edit the following to make it even harder:
Take "BadBehavior.english.php" and change $txt['badbehavior_theadmin'], $txt['badbehavior_nospam'], $txt['badbehavior_dot'] and $txt['badbehavior_dash'] to something unique.

You are safe with the SMF BB mod.

Quote from: Col on April 19, 2011, 06:37:07 PMThe destination webpage could be a contact form (my intention), or just a set of instructions for how the visitor might fix the problem (in my view, not the best solution).

You miss the point of bad behavior.  BB provides a link to the BB home address and a support key.  So the support is dealt remotely by the BB home site or by you.  This is the power of the mod.  Literally millions of other sites use the same support system.  The following is taken from the BB site:

In extremely rare circumstances, Bad Behavior may block actual human visitors. Bad Behavior was designed to target robots, not people. If this happens, the profile presented by your browser matched that seen from actual malicious robots. In some cases, this is caused by over-aggressive personal firewall/browser privacy software. In other cases, this is caused by improperly configured Web proxy server software.

First, make a note of the technical support key and e-mail address shown on the error page. Then click the link to "fix it yourself" for suggestions on how you may be able to resolve the problem.

If you continue to have trouble, contact the e-mail address on the error page and be sure to provide the technical support key. This will allow the site administrator to tell you what you need to do to resolve the problem.

If you are the site administrator receiving a trouble report from a user, contact me and provide the technical support key and a copy of the logs which Bad Behavior stores in the database showing the IP address which was blocked. I will provide further assistance until the trouble is resolved.

For more information on how to diagnose a Bad Behavior blocking problem, see the Bad Behavior weblog entry on the topic.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Hi,

Thank you for your reply, Butchs.

I had someone else try entering my test forum using Modify Headers - I was reliant upon their feedback. They had a problem with a malconfigured email client, so their email program did not start when they clicked the contact email link provided. I had them instead right-click the email link to provide me with address - it was address listed for Webmaster Email Address in Server Settings, but with some no-spam obfuscation. This is where I'm confused by your reply - I thought this unobfuscated address easily discernible.

I am also confused by the practical difference between providing a direct email link and a link to a contact page, which generates an email to me, without ever revealing even an obfuscated version of my address. Reading your reply, I'm sure I must be missing something - but what is it!?

I don't properly understand how BB works (I don't really need to), but I like the idea of addressing this spam problem at a more fundamental level, without the need to resort to checking content, IP address, etc. I have my own (human) system in place, to act as a final check, before the first post of the new member ever makes it to the open forum (few make it this far). Any member of the team can approve the account by approving their first post, so there is usually little delay to genuine members. I do not anticipate needing Project Honeypot that you have usefully integrated into BB, as I never have spam reaching my forum boards. But I do suffer from an inordinate number of spam accounts (swamping the membership list), and bandwidth being eaten up by their attempts to join up and post at the forum. I anticipate substantial bandwidth savings using BB.

Again, thank you,

Colin.

butchs

#209
Only with the stand alone core but this is not the core!  This is the SMF Version which is much more secure...

You need to look for yourself and not rely on people who are trying to sell you something.  There are way too many people who are into smoke and mirrors who make up things to sell something.  Lame...

Take the troll I finally rid my mod posts from.  He claimed to be trying to help but if you read his posts they were nothing but self promotion.  All along he simply wanted to copy my ideas.  Glad the posts were deleted...

Edited because I have been mean to my troll so I decided to chill out and let things be.  Sorry...

The truth of the matter is that bots look at source code.  If you want to see what the warning page looks like to a bot look at it in your browsers view source mode.  Your webmasters email will be different on every page load.

Even if you click on your email address you will get an address as I described with the "BadBehavior.english.php" edits.  Basically the bot will have to edit the email to make it usable.  If you edit "BadBehavior.english.php" yourself, as advised, it will be even more unique.  Which is great for stopping spam.

There is no such thing as a webmaster "direct email link" or "unobfuscated address" with this mod unless you make it that way.   The mod only provides an obfuscated address that the emailer has to figure out.  They are usually easily discernible to experienced internet users.  But as stated before you can edit them to whatever you desire.

Bots are automated scripts when you throw something at them they never encountered they fail!

Nevertheless, I do not understand your concerns?  As stated in my last post the member has the ability to  "fix it yourself" through the vast Bad Behavior network.  So your webmaster email is the last resort not the first or only resort.  Please re-read my last post...  Then you will realize it is the last resort.

Now this mod has another feature that BB core does not have and that is the ability to place a Project Honey Pot - Honey Pot or a QuickLink in the Warning Page.  What this means if a bot went nuts and clicked on all the links in the warning page it will get penalized with an increased Project Honey Pot warning level.  Not only a deterrent but a no win situation for the bot.

So when it comes to webmaster link security rest assured, I have all the bases covered and will up the technology if and/ or when required.   8)

I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Quote from: butchs on April 20, 2011, 09:11:19 PM
Only with the stand alone core but this is not the core!  This is the SMF Version which is much more secure...

You need to look for yourself and not rely on people who are trying to sell you something.  There are way too many people who are into smoke and mirrors who make up things to sell something.  Lame...

Take the troll I finally rid my mod posts from.  He claimed to be trying to help but if you read his posts they were nothing but self promotion.  All along he simply wanted to copy my ideas.  Glad the posts were deleted...

Hello Butchs,

Thank you for the very fulsome reply.

No one is trying to sell me anything.

QuoteThe truth of the matter is that bots look at source code.  If you want to see what the warning page looks like to a bot look at it in your browsers view source mode.  Your webmasters email will be different on every page load.

Even if you click on your email address you will get an address as I described with the "BadBehavior.english.php" edits.  Basically the bot will have to edit the email to make it usable.  If you edit "BadBehavior.english.php" yourself, as advised, it will be even more unique.  Which is great for stopping spam.

I tried it out for myslef, after I was pretty confident I would not lock myself out of the forum. I had a look at the source - I'll take your word for it that a bot is highly unlikely to be able to make sense of what looks to me (as a non-coder) to be some sort bastardisation of html numbers and unicode.

Those that fail the BB requirements are presented with the following:

QuoteError 403 We're sorry, but we could not fulfill your request for /forum2/ on this server.
You do not have permission to access this server.
Your technical support key is: xxxx-xxxx-xxxx-xxxx
You can use this key to [link]fix this problem yourself[/link]
If you are unable to fix the problem yourself, please contact the WEBMASTER and be sure to provide the technical support key shown above

My forum has some of the least technically able, and most cognitively impaired people on the planet. I do not like the idea of them trying to work out how to edit the displayed email address to remove all the "+nospam-nospam" obfuscation. Even if I edited the message, and changed the obfuscation words, many of them would have hard time with this.

QuoteThere is no such thing as a webmaster "direct email link" or "unobfuscated address" with this mod unless you make it that way.   The mod only provides an obfuscated address that the emailer has to figure out.  They are usually easily discernible to experienced internet users.  But as stated before you can edit them to whatever you desire.

Bots are automated scripts when you throw something at them they never encountered they fail!

I understood that the address is obfuscated. I was worried that a spammer might have automated processes in place that would convert the code into a regular email address (after all, my e-mail client does this); and that they would automatically remove instances of "+nospam-nospam" from the email address (I understand though, as you pointed out, if I edit the obfuscation strings, this will be very unlikely to occur). This aside, the fact remains that many of my members would struggle to determine the correct email address and make the required edits.

QuoteNevertheless, I do not understand your concerns?  As stated in my last post the member has the ability to  "fix it yourself" through the vast Bad Behavior network.  So your webmaster email is the last resort not the first or only resort.  Please re-read my last post...  Then you will realize it is the last resort.

Again, I'm not sure how my members will fair. When they fail BB, they are presented with the following at the "fix this problem yourself link":

QuoteTechnical Support Your request was intercepted by Bad Behavior, security software which protects the Web site you visited from malicious activity, such as hackers, spam and viruses. We apologize for the inconvenience, but your request matched a profile of suspicious activity. This problem is usually quite easy to fix.
You accessed the Web site using software which is banned due to malicious activity associated with that software. Uninstall it from your computer and contact the software's author for assistance. In the meantime, you may access the site using different software, such as Firefox.
This problem may be caused by misconfigured or malfunctioning browser privacy software or personal firewall software. If you use this type of software, turn it off or reconfigure it and try again. (Example: For Norton Internet Security, you need to disable the Stealth Mode Browsing feature.)
This problem may be caused by viruses or spyware on your computer, or by malicious software that pretends to be anti-virus or anti-spyware software. Ensure that you have REAL anti-virus and anti-spyware software on your computer, that they are kept up-to-date, and that you have run a full system scan using each tool. Once your system is cleaned of viruses and spyware, please try your request again.
The free Microsoft Security Essentials provides reasonable protection against a wide variety of malicious software.
If the above suggestions fail to resolve the problem, click Back and contact the e-mail address you were given for further assistance.
 

They will end up needing to contact me, and they will struggle with the obfuscated email address. This is why I am instead considering directing them to a contact form.

QuoteNow this mod has another feature that BB core does not have and that is the ability to place a Project Honey Pot - Honey Pot or a QuickLink in the Warning Page.  What this means if a bot went nuts and clicked on all the links in the warning page it will get penalized with an increased Project Honey Pot warning level.  Not only a deterrent but a no win situation for the bot.

So when it comes to webmaster link security rest assured, I have all the bases covered and will up the technology if and/ or when required.   8)

I will consider adding Honey Pot to the mix. I am just not as convinced as you that those that fail BB will be able to either sort out the problem for themselves, or contact me via the provided email link.

Thanks.

Col

Hello again, Butchs,

I installed BB on my live forum last night, and all seemed well. It was late, so did not spend the time I probably should have done testing out the new feature. The forum and BB appeared to work flawlessly, but when I logged on this morning I found that BB was restricting all visitors on all webpages outside of the forum pages. This problem does not occur when logged into the forum. It appeared to be an SSI issue, so I commented out the SSI entry - this has resolved the immediate problem.

Spam registrations are much lower, but still significant. This was the even the case before I disabled the SSI function. Still, it is early days.

What are the likely consequences of removing the SSI function? I had to edit my SSI file so that manager could apply the BB modification. "// Do we allow guests in here?" did not appear in my SSI file, so I added the line to about where it would have appeared originally. Is it critical where the the following BB SSI function appears in the file?


// Bad Behavior Start
require_once($sourcedir . '/bad-behavior/BadBehavior-SMF.php');
// Bad Behavior End


Here's the BB function and surrounding code from my SSI file:

// Get rid of $board and $topic... do stuff loadBoard would do.
unset($board);
unset($topic);
$user_info['is_mod'] = false;
$context['user']['is_mod'] = false;
$context['linktree'] = array();

// Load the user and their cookie, as well as their settings.
loadUserSettings();
// Load the current or SSI theme. (just ues $ssi_theme = ID_THEME;)
loadTheme(isset($ssi_theme) ? (int) $ssi_theme : 0);

// Take care of any banning that needs to be done.
if (isset($_REQUEST['ssi_ban']) || (isset($ssi_ban) && $ssi_ban === true))
    is_not_banned();

// Load the current user's permissions....
loadPermissions();

// Bad Behavior Start
// require_once($sourcedir . '/bad-behavior/BadBehavior-SMF.php');
// Bad Behavior End

// Do we allow guests in here?

// Load the stuff like the menu bar, etc.
if (isset($ssi_layers))
{
    $context['template_layers'] = $ssi_layers;
    template_header();
}
else
    setupThemeContext();

// Make sure they didn't muss around with the settings... but only if it's not cli.
if (isset($_SERVER['REMOTE_ADDR']) && !isset($_SERVER['is_cli']) && session_id() == '')
    trigger_error($txt['ssi_session_broken'], E_USER_NOTICE);


I don't know what modification is responsible for the code changes to the SSI file - I'll try to determine this later today or tomorrow. This issue might be the result of my content management system, MODx, although it works fine with SSI calls, except where sessions might be involved (I cannot, for example, make the SSI Logout function work with MODx).

Please let me know if anything immediately springs to mind, or if there is any specific information I can provide to help you determine the cause of this error. There was other error information from MODx displayed with failed webapges that indicated a template. I'll reproduce the error later and copy it here.

Thanks.

butchs

#212
You are welcome.  Now that my troll is gone I can post without worrying about him harping in and mucking up things.

Edited because I have been mean to my troll so I decided to chill out and let things be.  Sorry...

Quote from: Col on April 21, 2011, 06:31:28 PM
They will end up needing to contact me, and they will struggle with the obfuscated email address. This is why I am instead considering directing them to a contact form

Though I recommend against it because most users of this mod report little if any members getting blocked.  So, even if you edit the "BadBehavior.english.php" file to un-obfuscate the address, your address will still be difficult for a bot to read and easy for a member to link to.

Quote from: Col on April 21, 2011, 06:31:28 PM
Please let me know if anything immediately springs to mind, or if there is any specific information I can provide to help you determine the cause of this error. There was other error information from MODx displayed with failed webapges that indicated a template. I'll reproduce the error later and copy it here...

Could be MODx since I did not write or test for it.  Other possibilities: Your "$sourcedir" may not be properly defined in your settings.php file or "$sourcedir" global  is not defined as a global when the function started. 

Other than that I will need to see the error. 
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Hi Butchs,

Thank you for the reply. Here's a copy of the error message:

QuoteError 400
We're sorry, but we could not fulfill your request for / on this server.

An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.

Your technical support key is: xxxx-xxxx-xxxx-xxxx

You can use this key to fix this problem yourself.

If you are unable to fix the problem yourself, please contact the WEBMA5TER and be sure to provide the technical support key shown above.

« MODx Parse Error »
MODx encountered the following error while attempting to parse the requested resource:
« PHP Parse Error »
 
PHP error debug
  Error:  include(header.php) [function.include]: failed to open stream: No such file or directory   
  Error type/ Nr.:  Warning - 2   
  File:  /home/xxxxxxx/public_html/forum/Sources/Load.php(1746) : eval()'d code   
  Line:  174   
 
Parser timing
  MySQL:  0.0435 s (0 Requests)
  PHP:  2.2996 s   
  Total:  2.3432 s   

I obfusacted the the support key number since I don't know if tehre are any possible issues with copying it here. Let me know if you need it for any reason.

What is the purpose of the SSI function in BB? What are the implications of disabling the function?

Again, thanks.

butchs

Thank you for the reply.  The error did not give me enough information for a solid fix.  Maybe in a future version I will try to detect Modx.

The only reason to leave the support key alone is that ties in with Bad Behavior home site and is useless otherwise.

The mod should not be used with that error as it provides too much information.  The code you commented out is duplicated in index.php so as long as the mod works when you are logged in and logged out it should be fine.  I would test it logged out and test it logged in as a regular member who is not an admin.  If it works then you are fine.

I believe this is a modx issue.  If it does not work fine with the code you commented out, I will have to load Modx on my test server.  But I doubt it.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Hi,

I guess I can live with this not working across my whole website. It probably will have little impact, since I do not have any interactive sections outside of the forum.

A few hours ago, I turned on the Honey Pot function. Yes, I joined up, added a key, and even a quicklick. However, I do not detect any reduction in the nuymber of registrations. There is activity in the denied log, but it is not very busy. I still seem to attract the best part of 100 spam accounts a day. They are not getting to the forum, but they are cluttering-up the membership list, and do cause some minor inconvenience for our a approval system.

A more pressing problem is that it appears that every click on the forum is adding the following error to the forum forum error log:

QuoteApply Filter: Only show the errors with the same message
8: Undefined index: id_group
File: /home/xxxxxx/public_html/forum/Sources/bad-behavior/BadBehavior-SMF.php
Line: 436

Do you know what might be behind this problem?

Thanks.

Edit: line 458 sometimes shows up in the error log too.

butchs

The mod is designed to work in the SMF system.  Most CMS's will need their own mods.

Try enabling strict mode.

Try replacing "id_group" on line numbers 436 & 458 with "ID_GROUP"?
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Col

Replacing with ID_GROUP did the trick. However, there is an occasional new error. It might be an pre-esiting error, but previously hidden by the myriad of other error log entries before I deleted them (there were thousands of pages of entries).

Quotehttp://www.xxxxxxxxx.com/forum/index.php?q=favicon.ico
Apply Filter: Only show the errors with the same message
Database Error: No database selected
File: /home/xxxxxx/public_html/forum/Sources/bad-behavior/BadBehavior-SMF.php
Line: 74

Any ideas?

I think I will install my forum from scratch, adding the modifications afresh. However, I'll first add BB with the minimum of other modifications and see how things go. At the moment, BB seems to be making little difference. My core forum installation is old, so the core code has been knocked around for a long time.

Thanks.

butchs

The mod does not use "favicon.ico".  Not sure what the issue is but if it happens infrequently then do not worry.  Could be a bot checking for vulnerabilities or an issue with your CMS.

BB blocks bad bots but does not protect registration.  You should see many bots bet blocked.  It takes 1-2 weeks before they slow down.  If you want registration protection may I suggest "Avatar_Verification" with 100 images.

I saw you site the other day and it looks easy to log in there.  I do not know how bad you problem is but if you are still getting hit hard after the above mod is installed then you may need to try the big gun Forum Firewall.

If you do make sure you run it in log mode for a few days before blocking things.  You will have to make the same sorta change to ssi.php.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

butchs

New version posted today.  They are minor bug fixes and the core was updated to 2.1.13:

New in this Core release:

  • A logic error in the search engine handling code caused search engine requests to be subjected to additional checks not appropriate for them. This was causing Yahoo! crawler requests to be inadvertently blocked. This error has been fixed.
  • New IP address ranges for Google and Yahoo!, which were previously unused for crawling, have been added to Bad Behavior.
I have been truly inspired by the SUGGESTIONS as I sit on my throne and contemplate the wisdom imposed upon me.

Advertisement: