Bad Behavior - Version 2.0.18

Version Description

Release Info

Developer	error
Plugin	Bad Behavior
Version	2.0.18
Comparing to
See all releases

Code changes from version 2.0.17 to 2.0.18

Files changed (7) hide show

README.txt +1 -1
bad-behavior-wordpress-admin.php +15 -15
bad-behavior-wordpress.php +1 -1
bad-behavior/blacklist.inc.php +1 -0
bad-behavior/common_tests.inc.php +6 -1
bad-behavior/responses.inc.php +1 -0
bad-behavior/version.inc.php +1 -1

README.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Contributors: error, MarkJaquith, Firas, skeltoac
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 1.2
6	Tested up to: 2.6
7	- Stable tag: 2.0.17
8
9	Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
10	content management system free of link spam. Bad Behavior is a PHP-based


4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 1.2
6	Tested up to: 2.6
7	+ Stable tag: 2.0.18
8
9	Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
10	content management system free of link spam. Bad Behavior is a PHP-based

bad-behavior-wordpress-admin.php CHANGED Viewed

	@@ -66,25 +66,25 @@ function bb2_options()
66	<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
67	<p>If you find Bad Behavior valuable, please consider making a <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20<?php echo BB2_VERSION; ?>%20%28From%20Admin%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8">financial contribution</a> to further development of Bad Behavior.</p>
68
69	- <~~fieldset~~ ~~class="options"~~>
70	- <legend><?php _e('Statistics'); ?></legend>
71	<?php bb2_insert_stats(true); ?>
72	- <~~p><label><input~~ ~~type~~="~~checkbox~~" ~~name="display_stats" value="true" <?php if ($settings['display_stats']) { ?>checked="checked" <?php } ?>/> <?php _e('Display statistics in blog footer'); ?></label></p~~>
73	- ~~</fieldset~~>

74
75	- <~~fieldset~~ ~~class="options"~~>
76	- <~~legend><?php~~ ~~_e('Logging'); ?></legend~~>
77	- <p><label><input type="radio" name="logging" value="verbose" <?php if ($settings['verbose'] && $settings['logging']) { ?>checked="checked" <?php } ?>/> <?php _e('Verbose HTTP request logging'); ?></label></p>
78	- <p><label><input type="radio" name="logging" value="normal" <?php if ($settings['logging'] && !$settings['verbose']) { ?>checked="checked" <?php } ?>/> <?php _e('Normal HTTP request logging (recommended)'); ?></label></p>
79	- <p><label><input type="radio" name="logging" value="false" <?php if (!$settings['logging']) { ?>checked="checked" <?php } ?>/> <?php _e('Do not log HTTP requests (not recommended)'); ?></label></p>
80	- </~~fieldset~~>
81
82	- <~~fieldset~~ ~~class="options"~~>
83	- <~~legend><?php~~ ~~_e('Strict Mode'); ?></legend~~>
84	- <p><label><input type="checkbox" name="strict" value="true" <?php if ($settings['strict']) { ?>checked="checked" <?php } ?>/> <?php _e('Strict checking (blocks more spam but may block some people)'); ?></label></p>
85	- </~~fieldset~~>
86
87	- <p class="submit"><input type="submit" name="submit" value="<?php _e('Update »'); ?>" /></p>
88	</form>
89	</div>
90	<?php


66	<p>For more information please visit the <a href="http://www.bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
67	<p>If you find Bad Behavior valuable, please consider making a <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20<?php echo BB2_VERSION; ?>%20%28From%20Admin%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8">financial contribution</a> to further development of Bad Behavior.</p>
68
69	+ <h3><?php _e('Statistics'); ?></h3>

70	<?php bb2_insert_stats(true); ?>
71	+ <table class="form-table">
72	+ <tr><td><label><input type="checkbox" name="display_stats" value="true" <?php if ($settings['display_stats']) { ?>checked="checked" <?php } ?>/> <?php _e('Display statistics in blog footer'); ?></label></td></tr>
73	+ </table>
74
75	+ <h3><?php _e('Logging'); ?></h3>
76	+ <table class="form-table">
77	+ <tr><td><label><input type="radio" name="logging" value="verbose" <?php if ($settings['verbose'] && $settings['logging']) { ?>checked="checked" <?php } ?>/> <?php _e('Verbose HTTP request logging'); ?></label></td></tr>
78	+ <tr><td><label><input type="radio" name="logging" value="normal" <?php if ($settings['logging'] && !$settings['verbose']) { ?>checked="checked" <?php } ?>/> <?php _e('Normal HTTP request logging (recommended)'); ?></label></td></tr>
79	+ <tr><td><label><input type="radio" name="logging" value="false" <?php if (!$settings['logging']) { ?>checked="checked" <?php } ?>/> <?php _e('Do not log HTTP requests (not recommended)'); ?></label></td></tr>
80	+ </table>
81
82	+ <h3><?php _e('Strict Mode'); ?></h3>
83	+ <table class="form-table">
84	+ <tr><td><label><input type="checkbox" name="strict" value="true" <?php if ($settings['strict']) { ?>checked="checked" <?php } ?>/> <?php _e('Strict checking (blocks more spam but may block some people)'); ?></label></td></tr>
85	+ </table>
86
87	+ <p class="submit"><input class="button" type="submit" name="submit" value="<?php _e('Update »'); ?>" /></p>
88	</form>
89	</div>
90	<?php

bad-behavior-wordpress.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	- Version: 2.0.17
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://www.bad-behavior.ioerror.us/
7	Author: Michael Hampton


1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	+ Version: 2.0.18
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://www.bad-behavior.ioerror.us/
7	Author: Michael Hampton

bad-behavior/blacklist.inc.php CHANGED Viewed

	@@ -44,6 +44,7 @@ function bb2_blacklist($package) {
44	"user", // suspicious harvester
45	"User Agent: ", // spam harvester
46	"User-Agent: ", // spam harvester

47	"Wordpress", // malicious software
48	"\"", // malicious software
49	);


44	"user", // suspicious harvester
45	"User Agent: ", // spam harvester
46	"User-Agent: ", // spam harvester
47	+ "Winnie Poh", // Automated Coppermine hacks
48	"Wordpress", // malicious software
49	"\"", // malicious software
50	);

bad-behavior/common_tests.inc.php CHANGED Viewed

	@@ -55,7 +55,7 @@ function bb2_misc_headers($settings, $package)
55	// Exceptions: Clearswift uses lowercase via (refuses to fix;
56	// may be blocked again in the future)
57	if (array_key_exists('via', $package['headers']) &&
58	- ~~!strstr~~($package['headers']['via'],'Clearswift ~~Web~~ ~~Policy Engine'~~)) {
59	return "9c9e4979";
60	}
61
	@@ -115,6 +115,11 @@ function bb2_misc_headers($settings, $package)
115	}
116	}
117





118	return false;
119	}
120


55	// Exceptions: Clearswift uses lowercase via (refuses to fix;
56	// may be blocked again in the future)
57	if (array_key_exists('via', $package['headers']) &&
58	+ strpos($package['headers']['via'],'Clearswift') === FALSE) {
59	return "9c9e4979";
60	}
61

115	}
116	}
117
118	+ // "uk" is not a language (ISO 639) nor a country (ISO 3166)
119	+ if (ereg('/\buk\b/', $package['headers_mixed']['Accept-Language'])) {
120	+ return "35ea7ffa";
121	+ }
122	+
123	return false;
124	}
125

bad-behavior/responses.inc.php CHANGED Viewed

	@@ -10,6 +10,7 @@ function bb2_get_response($key) {
10	'17f4e8c8' => array('response' => 403, 'explanation' => 'You do not have permission to access this server.', 'log' => 'User-Agent was found on blacklist'),
11	'21f11d3f' => array('response' => 403, 'explanation' => 'An invalid request was received. You claimed to be a mobile Web device, but you do not actually appear to be a mobile Web device.', 'log' => 'User-Agent claimed to be AvantGo, claim appears false'),
12	'2b90f772' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. If you are using the Opera browser, then Opera must appear in your user agent.', 'log' => 'Connection: TE present, not supported by MSIE'),

13	'408d7e72' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'POST comes too quickly after GET'),
14	'41feed15' => array('response' => 400, 'explanation' => 'An invalid request was received. This may be caused by a malfunctioning proxy server. Bypass the proxy server and connect directly, or contact your proxy server administrator.', 'log' => 'Header \'Pragma\' without \'Cache-Control\' prohibited for HTTP/1.1 requests'),
15	'45b35e30' => array('response' => 403, 'explanation' => 'An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.', 'log' => 'Header \'Referer\' is corrupt'),


10	'17f4e8c8' => array('response' => 403, 'explanation' => 'You do not have permission to access this server.', 'log' => 'User-Agent was found on blacklist'),
11	'21f11d3f' => array('response' => 403, 'explanation' => 'An invalid request was received. You claimed to be a mobile Web device, but you do not actually appear to be a mobile Web device.', 'log' => 'User-Agent claimed to be AvantGo, claim appears false'),
12	'2b90f772' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. If you are using the Opera browser, then Opera must appear in your user agent.', 'log' => 'Connection: TE present, not supported by MSIE'),
13	+ '35ea7ffa' => array('response' => 403, 'explanation' => '', 'logYou do not have permission to access this server. Check your browser\'s language and locale settings.' => 'Invalid language specified'),
14	'408d7e72' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'POST comes too quickly after GET'),
15	'41feed15' => array('response' => 400, 'explanation' => 'An invalid request was received. This may be caused by a malfunctioning proxy server. Bypass the proxy server and connect directly, or contact your proxy server administrator.', 'log' => 'Header \'Pragma\' without \'Cache-Control\' prohibited for HTTP/1.1 requests'),
16	'45b35e30' => array('response' => 403, 'explanation' => 'An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.', 'log' => 'Header \'Referer\' is corrupt'),

bad-behavior/version.inc.php CHANGED Viewed

	@@ -1,3 +1,3 @@
1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	- define('BB2_VERSION', "2.0.17");
3	?>


1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	+ define('BB2_VERSION', "2.0.18");
3	?>