Version Description
Download this release
Release Info
| Developer | error |
| Plugin |  Bad Behavior |
| Version | 2.0.30 |
| Comparing to | |
| See all releases | |
Code changes from version 2.0.29 to 2.0.30
- README.txt +1 -2
- bad-behavior-wordpress.php +1 -1
- bad-behavior/blacklist.inc.php +3 -1
- bad-behavior/index.html +1 -0
- bad-behavior/responses.inc.php +1 -1
- bad-behavior/trackback.inc.php +3 -1
- bad-behavior/version.inc.php +1 -1
- bad-behavior/whitelist.inc.php +21 -0
- index.html +1 -0
README.txt
CHANGED
|
@@ -4,7 +4,7 @@ Contributors: error, MarkJaquith, Firas, skeltoac
|
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 1.2
|
| 6 |
Tested up to: 2.8.4
|
| 7 |
-
Stable tag: 2.0.
|
| 8 |
|
| 9 |
Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
|
| 10 |
content management system free of link spam. Bad Behavior is a PHP-based
|
|
@@ -100,4 +100,3 @@ not be able to access your cached pages either.
|
|
| 100 |
warnings when Spam Karma 2 displays its internally generated CAPTCHA. This
|
| 101 |
is a design problem in Spam Karma 2. Contact the author of Spam Karma 2 for
|
| 102 |
a fix.
|
| 103 |
-
|
| 4 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0¤cy_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
|
| 5 |
Requires at least: 1.2
|
| 6 |
Tested up to: 2.8.4
|
| 7 |
+
Stable tag: 2.0.30
|
| 8 |
|
| 9 |
Welcome to a whole new way of keeping your blog, forum, guestbook, wiki or
|
| 10 |
content management system free of link spam. Bad Behavior is a PHP-based
|
| 100 |
warnings when Spam Karma 2 displays its internally generated CAPTCHA. This
|
| 101 |
is a design problem in Spam Karma 2. Contact the author of Spam Karma 2 for
|
| 102 |
a fix.
|
|
|
bad-behavior-wordpress.php
CHANGED
|
@@ -1,7 +1,7 @@
|
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
-
Version: 2.0.
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
| 1 |
<?php
|
| 2 |
/*
|
| 3 |
Plugin Name: Bad Behavior
|
| 4 |
+
Version: 2.0.30
|
| 5 |
Description: Deny automated spambots access to your PHP-based Web site.
|
| 6 |
Plugin URI: http://www.bad-behavior.ioerror.us/
|
| 7 |
Author: Michael Hampton
|
bad-behavior/blacklist.inc.php
CHANGED
|
@@ -48,6 +48,7 @@ function bb2_blacklist($package) {
|
|
| 48 |
"user", // suspicious harvester
|
| 49 |
"User Agent: ", // spam harvester
|
| 50 |
"User-Agent: ", // spam harvester
|
|
|
|
| 51 |
"Winnie Poh", // Automated Coppermine hacks
|
| 52 |
"Wordpress", // malicious software
|
| 53 |
"\"", // malicious software
|
|
@@ -87,7 +88,8 @@ function bb2_blacklist($package) {
|
|
| 87 |
// These are regular expression matches.
|
| 88 |
$bb2_spambots_regex = array(
|
| 89 |
"/^[A-Z]{10}$/", // misc email spam
|
| 90 |
-
|
|
|
|
| 91 |
"/[bcdfghjklmnpqrstvwxz ]{8,}/",
|
| 92 |
// "/(;\){1,2}$/", // misc spammers/harvesters
|
| 93 |
// "/MSIE.*Windows XP/", // misc comment spam
|
| 48 |
"user", // suspicious harvester
|
| 49 |
"User Agent: ", // spam harvester
|
| 50 |
"User-Agent: ", // spam harvester
|
| 51 |
+
"WebSite-X Suite", // misc comment spam
|
| 52 |
"Winnie Poh", // Automated Coppermine hacks
|
| 53 |
"Wordpress", // malicious software
|
| 54 |
"\"", // malicious software
|
| 88 |
// These are regular expression matches.
|
| 89 |
$bb2_spambots_regex = array(
|
| 90 |
"/^[A-Z]{10}$/", // misc email spam
|
| 91 |
+
// msnbot is using this fake user agent string now
|
| 92 |
+
// "/^Mozilla...[05]$/i", // fake user agent/email spam
|
| 93 |
"/[bcdfghjklmnpqrstvwxz ]{8,}/",
|
| 94 |
// "/(;\){1,2}$/", // misc spammers/harvesters
|
| 95 |
// "/MSIE.*Windows XP/", // misc comment spam
|
bad-behavior/index.html
CHANGED
|
@@ -0,0 +1 @@
|
|
|
|
| 1 |
+
Viewing directory contents is not permitted.
|
bad-behavior/responses.inc.php
CHANGED
|
@@ -14,7 +14,7 @@ function bb2_get_response($key) {
|
|
| 14 |
'35ea7ffa' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Check your browser\'s language and locale settings.', 'log' => 'Invalid language specified'),
|
| 15 |
'408d7e72' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'POST comes too quickly after GET'),
|
| 16 |
'41feed15' => array('response' => 400, 'explanation' => 'An invalid request was received. This may be caused by a malfunctioning proxy server. Bypass the proxy server and connect directly, or contact your proxy server administrator.', 'log' => 'Header \'Pragma\' without \'Cache-Control\' prohibited for HTTP/1.1 requests'),
|
| 17 |
-
'45b35e30' => array('response' =>
|
| 18 |
'57796684' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'Prohibited header \'X-Aaaaaaaaaa\' or \'X-Aaaaaaaaaaaa\' present'),
|
| 19 |
'582ec5e4' => array('response' => 400, 'explanation' => 'An invalid request was received. If you are using a proxy server, bypass the proxy server or contact your proxy server administrator. This may also be caused by a bug in the Opera web browser.', 'log' => '"Header \'TE\' present but TE not specified in \'Connection\' header'),
|
| 20 |
'69920ee5' => array('response' => 400, 'explanation' => 'An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.', 'log' => 'Header \'Referer\' present but blank'),
|
| 14 |
'35ea7ffa' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Check your browser\'s language and locale settings.', 'log' => 'Invalid language specified'),
|
| 15 |
'408d7e72' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'POST comes too quickly after GET'),
|
| 16 |
'41feed15' => array('response' => 400, 'explanation' => 'An invalid request was received. This may be caused by a malfunctioning proxy server. Bypass the proxy server and connect directly, or contact your proxy server administrator.', 'log' => 'Header \'Pragma\' without \'Cache-Control\' prohibited for HTTP/1.1 requests'),
|
| 17 |
+
'45b35e30' => array('response' => 400, 'explanation' => 'An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.', 'log' => 'Header \'Referer\' is corrupt'),
|
| 18 |
'57796684' => array('response' => 403, 'explanation' => 'You do not have permission to access this server. Before trying again, run anti-virus and anti-spyware software and remove any viruses and spyware from your computer.', 'log' => 'Prohibited header \'X-Aaaaaaaaaa\' or \'X-Aaaaaaaaaaaa\' present'),
|
| 19 |
'582ec5e4' => array('response' => 400, 'explanation' => 'An invalid request was received. If you are using a proxy server, bypass the proxy server or contact your proxy server administrator. This may also be caused by a bug in the Opera web browser.', 'log' => '"Header \'TE\' present but TE not specified in \'Connection\' header'),
|
| 20 |
'69920ee5' => array('response' => 400, 'explanation' => 'An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software.', 'log' => 'Header \'Referer\' present but blank'),
|
bad-behavior/trackback.inc.php
CHANGED
|
@@ -15,8 +15,10 @@ function bb2_trackback($package)
|
|
| 15 |
|
| 16 |
// Fake WordPress trackbacks
|
| 17 |
// Real ones do not contain Accept:, and have a charset defined
|
|
|
|
|
|
|
| 18 |
if (strpos($package['headers_mixed']['User-Agent'], "WordPress/") !== FALSE) {
|
| 19 |
-
if (
|
| 20 |
return 'e3990b47';
|
| 21 |
}
|
| 22 |
}
|
| 15 |
|
| 16 |
// Fake WordPress trackbacks
|
| 17 |
// Real ones do not contain Accept:, and have a charset defined
|
| 18 |
+
// Real WP trackbacks may contain Accept: depending on the HTTP
|
| 19 |
+
// transport being used by the sending host
|
| 20 |
if (strpos($package['headers_mixed']['User-Agent'], "WordPress/") !== FALSE) {
|
| 21 |
+
if (strpos($package['headers_mixed']['Content-Type'], "charset=") === FALSE) {
|
| 22 |
return 'e3990b47';
|
| 23 |
}
|
| 24 |
}
|
bad-behavior/version.inc.php
CHANGED
|
@@ -1,3 +1,3 @@
|
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
-
define('BB2_VERSION', "2.0.
|
| 3 |
?>
|
| 1 |
<?php if (!defined('BB2_CWD')) die("I said no cheating!");
|
| 2 |
+
define('BB2_VERSION', "2.0.30");
|
| 3 |
?>
|
bad-behavior/whitelist.inc.php
CHANGED
|
@@ -40,6 +40,21 @@ function bb2_whitelist($package)
|
|
| 40 |
|
| 41 |
// DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
|
| 42 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 43 |
// Do not edit below this line
|
| 44 |
|
| 45 |
if (!empty($bb2_whitelist_ip_ranges)) {
|
|
@@ -52,6 +67,12 @@ function bb2_whitelist($package)
|
|
| 52 |
if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) return true;
|
| 53 |
}
|
| 54 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 55 |
return false;
|
| 56 |
}
|
| 57 |
|
| 40 |
|
| 41 |
// DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
|
| 42 |
|
| 43 |
+
// Inappropriate whitelisting WILL expose you to spam, or cause Bad
|
| 44 |
+
// Behavior to stop functioning entirely! DO NOT WHITELIST unless you
|
| 45 |
+
// are 100% CERTAIN that you should.
|
| 46 |
+
|
| 47 |
+
// URLs are matched from the first / after the server name up to,
|
| 48 |
+
// but not including, the ? (if any).
|
| 49 |
+
|
| 50 |
+
// Includes two examples of whitelisting by URL.
|
| 51 |
+
$bb2_whitelist_urls = array(
|
| 52 |
+
// "/example.php",
|
| 53 |
+
// "/openid/server",
|
| 54 |
+
);
|
| 55 |
+
|
| 56 |
+
// DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
|
| 57 |
+
|
| 58 |
// Do not edit below this line
|
| 59 |
|
| 60 |
if (!empty($bb2_whitelist_ip_ranges)) {
|
| 67 |
if (!strcmp($package['headers_mixed']['User-Agent'], $user_agent)) return true;
|
| 68 |
}
|
| 69 |
}
|
| 70 |
+
if (!empty($bb2_whitelist_urls)) {
|
| 71 |
+
$request_uri = substr($settings['request_uri'], 0, strpos($settings['request_uri'], "?"));
|
| 72 |
+
foreach ($bb2_whitelist_urls as $url) {
|
| 73 |
+
if (!strcmp($package['headers_mixed']['User-Agent'], $url)) return true;
|
| 74 |
+
}
|
| 75 |
+
}
|
| 76 |
return false;
|
| 77 |
}
|
| 78 |
|
index.html
CHANGED
|
@@ -0,0 +1 @@
|
|
|
|
| 1 |
+
Viewing directory contents is not permitted.
|
