Bad Behavior for SMF mod

butchs · June 14, 2011, 03:23:58 AM

When the mod is uninstalled it disables its self. You need to check "Enable Bad Behavior" to turn it back on after installation.

butchs · June 14, 2011, 03:37:22 AM

Quote from: djkimmel on June 13, 2011, 08:27:29 PM
I did whitelist all my members. I haven't had a spammer get all the way on past Stop Spammer in a while so I should be okay. I'll change permissions to exclude members with less than 10 posts from the whitelist is things change.

It will be good to see the bots traffic down on my site. I'm starting up other websites and I want to be able to have tools to minimize their impact on those sites too. Thanks again.

Good idea! Now your members will not be tested. Drastically reducing possible conflicts with the Project Honey Pot part.

tabletsdroid · June 14, 2011, 07:47:34 AM

Quote from: butchs on June 14, 2011, 03:23:58 AM
When the mod is uninstalled it disables its self. You need to check "Enable Bad Behavior" to turn it back on after installation.

It is enabled but since installing smf 2.0 gold - it has stopped working, even with project honey pot configured correctly. My forum is now being overrun by ze nasty gremlins

rgho · June 14, 2011, 02:10:33 PM

Hi, I've recently installed Bad Behavior on my site and it appears to be working (there have been denied connections, all appear to be spammers). But I had one slip through (as is bound to happen). When I checked the ip on project honeypot I saw it's threat level was 45, which confused me.

I have a minimum threat level of 25 in the config on the site, and I have my http:BL Access Key set, so I would have expected that it would have filtered that out? The person was added to the "PERMITTED entries log", but I'm just not quite sure I have everything setup right so I thought I would ask what the appropriate behavior should be?

butchs · June 14, 2011, 08:21:16 PM

Yes it would have been filtered. I suspect its threat level was below 25 when it first visited your site.

If you have a honey pot they could have clicked it ands raised their level while on your site. The honey pot routines generated by the mod are quite effective. If caught, they paid a heavy price spamming you by getting black listed.

Their threat level could have been raised elsewhere. Nevertheless, they recently visited a honey pot and will not be able to access your site for a while.

butchs · June 14, 2011, 08:24:01 PM

Quote from: tabletsdroid on June 14, 2011, 07:47:34 AM
It is enabled but since installing smf 2.0 gold - it has stopped working, even with project honey pot configured correctly. My forum is now being overrun by ze nasty gremlins

Any errors in the SMF Error log?

What happens when you log out and visit your site with the "Bad Behavior Test" as your UA?

butchs · June 16, 2011, 05:23:49 AM

There is going to be an update this weekend for both 1.1.x and 2.0.x. In the mean time please replace the attached in your sources/bad-behavior/bad-behavior folder. It will not effect un-installation.

4b11l · June 16, 2011, 06:42:24 PM

Hello all,

I am curious if I have to do anything after installing this mod? Being a complete noob to this particular aspect of SMF, I would not be sure what to do. Can it just be installed we me not having to do anything after?

butchs · June 16, 2011, 07:55:53 PM

You need to enable the mod.

4b11l · June 16, 2011, 08:07:47 PM

Quote from: butchs on June 16, 2011, 07:55:53 PM
You need to enable the mod.

Well, besides that obviously.

butchs · June 18, 2011, 08:36:03 AM

New update. Fixed some project honey pot issues. If you use httpBL and the mod is working you can just replace the core.inc.php & blackhole.inc.php files to get the features of the update.

hawaiiautopages · June 21, 2011, 07:30:31 PM

Hi, new to this mod. After mod was installed I get weird random characters on the top left corner of my forums. Sometimes there's nothing but if I keep hitting refresh the characters will sometimes appear or change. Is this normal?

butchs · June 22, 2011, 07:13:47 PM

With honeypot traps enabled, the mod generates many random project honey pot traps in an effort to catch bad bots. The mod generates more traps than any other mod in SMF or other forums that I know about. The traps vary and some are unique. I created several new ones that bots never seen before. The traps dramatically increase the effectiveness of the traps and deter the bots from clicking everything. Details of the traps are confidential since bot authors regally read these threads.

The more "mild" traps are placed on your front page. Where more "aggressive" traps are used when a visitor is blocked via the warning page.

Some times the mod will put something up top. You should not see anymore than a extra blank line up there. If you see actual characters else, please PM me it to me.

LC · July 10, 2011, 02:48:30 AM

Just thought I'd share:

"Bad Behavior has blocked 769 access attempts in the last 7 days." I installed this mod two days ago. Holy crap.

I saw "Request contained a malicious JavaScript or SQL injection attack" on a few of the denied log entries. I think that would explain why my site was sluggish before installing this mod? Among other attacks I suppose.

I am glad I installed this mod. I will be recommending it to everyone I know who has a blog, website or forum.

Great mod.

butchs · July 16, 2011, 01:36:47 PM

New version. Can't have a default valueFile (evanoliver), added httpBL on/off line & API key check, improved whitelist.

butchs · July 16, 2011, 05:57:41 PM

Quote from: LC on July 10, 2011, 02:48:30 AM
Just thought I'd share:

"Bad Behavior has blocked 769 access attempts in the last 7 days." I installed this mod two days ago. Holy crap.

I saw "Request contained a malicious JavaScript or SQL injection attack" on a few of the denied log entries. I think that would explain why my site was sluggish before installing this mod? Among other attacks I suppose.

I am glad I installed this mod. I will be recommending it to everyone I know who has a blog, website or forum.

Great mod.

Thank you very much for the kind words.

butchs · July 18, 2011, 08:13:47 PM

I have a personal best at my website with this version:

QuoteBad Behavior has blocked 718 access attempts in the last 7 days.

400 of them were today!

ROCK and ROLL!!!

ziycon · July 20, 2011, 10:04:49 AM

I've updated to 2.0 and I'm having a problem with BB, basically, the hidden url its creates in the head of the forum pages, it sometimes ads the link text as a html character code or a html comment, these show up as a white bar about 12px high across the top of all forum pages.

If the random link text is a string it works fine and doesn't show the white bar, any ideas?

butchs · July 20, 2011, 08:11:17 PM

I believe it's the random honeypot trap. Not sure which one.

If you like view your source to identify it, PM me it and I can tell you where it is...

Dai Li · July 23, 2011, 05:41:16 PM

Mine hit:
Bad Behavior has blocked 1322 access attempts in the last 7 days.
Within four days of installing, before we changed servers and the URL went down for a while. Ridiculous. I had never realized we'd gotten so much bot traffic before. It would have been higher no doubt had I not cleared out the logs to make the DB smaller. 52.3 MB, and 51 of those MB were all BB logs. >>

News:

Bad Behavior for SMF mod