Bad Behavior - Version 2.2.14

Version Description

Release Info

Developer	error
Plugin	Bad Behavior
Version	2.2.14
Comparing to
See all releases

Code changes from version 2.2.13 to 2.2.14

Files changed (7) hide show

README.txt +2 -2
bad-behavior-generic.php +2 -2
bad-behavior-wordpress-admin.php +3 -3
bad-behavior-wordpress.php +3 -3
bad-behavior/blacklist.inc.php +3 -1
bad-behavior/common_tests.inc.php +5 -2
bad-behavior/core.inc.php +1 -1

README.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Tags: comment,trackback,referrer,spam,robot,antispam
3	Contributors: error
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 3.1
6	- Tested up to: 3.4.2
7	- Stable tag: 2.2.13
8
9	Bad Behavior prevents spammers from ever delivering their junk, and in many
10	cases, from ever reading your site in the first place.


3	Contributors: error
4	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=error%40ioerror%2eus&item_name=Bad%20Behavior%20%28From%20WordPress%20Page%29&no_shipping=1&cn=Comments%20about%20Bad%20Behavior&tax=0&currency_code=USD&bn=PP%2dDonationsBF&charset=UTF%2d8
5	Requires at least: 3.1
6	+ Tested up to: 3.5.1
7	+ Stable tag: 2.2.14
8
9	Bad Behavior prevents spammers from ever delivering their junk, and in many
10	cases, from ever reading your site in the first place.

bad-behavior-generic.php CHANGED Viewed

	@@ -16,7 +16,7 @@ You should have received a copy of the GNU Lesser General Public License along
16	with this program. If not, see <http://www.gnu.org/licenses/>.
17
18	Please report any problems to bad . bots AT ioerror DOT us
19	- http://~~www.~~bad-behavior.ioerror.us/
20	*/
21
22	###############################################################################
	@@ -135,7 +135,7 @@ function bb2_insert_stats($force = false) {
135	if ($force \|\| $settings['display_stats']) {
136	$blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
137	if ($blocked !== FALSE) {
138	- echo sprintf('<p><a href="http://~~www.~~bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
139	}
140	}
141	}


16	with this program. If not, see <http://www.gnu.org/licenses/>.
17
18	Please report any problems to bad . bots AT ioerror DOT us
19	+ http://bad-behavior.ioerror.us/
20	*/
21
22	###############################################################################

135	if ($force \|\| $settings['display_stats']) {
136	$blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
137	if ($blocked !== FALSE) {
138	+ echo sprintf('<p><a href="http://bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
139	}
140	}
141	}

bad-behavior-wordpress-admin.php CHANGED Viewed

	@@ -150,7 +150,7 @@ function bb2_manage() {
150	?>
151	<h2><?php _e("Bad Behavior Log"); ?></h2>
152	<form method="post" action="<?php echo admin_url("tools.php?page=bb2_manage") ?>">
153	- <p>For more information please visit the <a href="http://~~www.~~bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
154	<p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options") ?>">Settings</a> \| <a href="<?php echo admin_url("options-general.php?page=bb2_whitelist") ?>">Whitelist</a></p>
155	<div class="tablenav">
156	<?php
	@@ -272,7 +272,7 @@ function bb2_whitelist()
272	<h2><?php _e("Bad Behavior Whitelist"); ?></h2>
273	<form method="post" action="<?php echo admin_url("options-general.php?page=bb2_whitelist"); ?>">
274	<p>Inappropriate whitelisting WILL expose you to spam, or cause Bad Behavior to stop functioning entirely! DO NOT WHITELIST unless you are 100% CERTAIN that you should.</p>
275	- <p>For more information please visit the <a href="http://~~www.~~bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
276	<p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options") ?>">Settings</a> \| <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?>">Log</a></p>
277
278	<h3><?php _e('IP Address'); ?></h3>
	@@ -392,7 +392,7 @@ function bb2_options()
392	?>
393	<h2><?php _e("Bad Behavior"); ?></h2>
394	<form method="post" action="<?php echo admin_url("options-general.php?page=bb2_options"); ?>">
395	- <p>For more information please visit the <a href="http://~~www.~~bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
396	<p>See also: <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?>">Log</a> \| <a href="<?php echo admin_url("options-general.php?page=bb2_whitelist") ?>">Whitelist</a></p>
397
398	<h3><?php _e('Statistics'); ?></h3>


150	?>
151	<h2><?php _e("Bad Behavior Log"); ?></h2>
152	<form method="post" action="<?php echo admin_url("tools.php?page=bb2_manage") ?>">
153	+ <p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
154	<p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options") ?>">Settings</a> \| <a href="<?php echo admin_url("options-general.php?page=bb2_whitelist") ?>">Whitelist</a></p>
155	<div class="tablenav">
156	<?php

272	<h2><?php _e("Bad Behavior Whitelist"); ?></h2>
273	<form method="post" action="<?php echo admin_url("options-general.php?page=bb2_whitelist"); ?>">
274	<p>Inappropriate whitelisting WILL expose you to spam, or cause Bad Behavior to stop functioning entirely! DO NOT WHITELIST unless you are 100% CERTAIN that you should.</p>
275	+ <p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
276	<p>See also: <a href="<?php echo admin_url("options-general.php?page=bb2_options") ?>">Settings</a> \| <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?>">Log</a></p>
277
278	<h3><?php _e('IP Address'); ?></h3>

392	?>
393	<h2><?php _e("Bad Behavior"); ?></h2>
394	<form method="post" action="<?php echo admin_url("options-general.php?page=bb2_options"); ?>">
395	+ <p>For more information please visit the <a href="http://bad-behavior.ioerror.us/">Bad Behavior</a> homepage.</p>
396	<p>See also: <a href="<?php echo admin_url("tools.php?page=bb2_manage"); ?>">Log</a> \| <a href="<?php echo admin_url("options-general.php?page=bb2_whitelist") ?>">Whitelist</a></p>
397
398	<h3><?php _e('Statistics'); ?></h3>

bad-behavior-wordpress.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	- Version: 2.2.13
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://bad-behavior.ioerror.us/
7	Author: Michael Hampton
	@@ -24,7 +24,7 @@ You should have received a copy of the GNU Lesser General Public License along
24	with this program. If not, see <http://www.gnu.org/licenses/>.
25
26	Please report any problems to bad . bots AT ioerror DOT us
27	- http://~~www.~~bad-behavior.ioerror.us/
28	*/
29
30	###############################################################################
	@@ -163,7 +163,7 @@ function bb2_insert_stats($force = false) {
163	if ($force \|\| $settings['display_stats']) {
164	$blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
165	if ($blocked !== FALSE) {
166	- echo sprintf('<p><a href="http://~~www.~~bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
167	}
168	}
169	if (@!empty($bb2_result)) {


1	<?php
2	/*
3	Plugin Name: Bad Behavior
4	+ Version: 2.2.14
5	Description: Deny automated spambots access to your PHP-based Web site.
6	Plugin URI: http://bad-behavior.ioerror.us/
7	Author: Michael Hampton

24	with this program. If not, see <http://www.gnu.org/licenses/>.
25
26	Please report any problems to bad . bots AT ioerror DOT us
27	+ http://bad-behavior.ioerror.us/
28	*/
29
30	###############################################################################

163	if ($force \|\| $settings['display_stats']) {
164	$blocked = bb2_db_query("SELECT COUNT(*) FROM " . $settings['log_table'] . " WHERE `key` NOT LIKE '00000000'");
165	if ($blocked !== FALSE) {
166	+ echo sprintf('<p><a href="http://bad-behavior.ioerror.us/">%1$s</a> %2$s <strong>%3$s</strong> %4$s</p>', __('Bad Behavior'), __('has blocked'), $blocked[0]["COUNT(*)"], __('access attempts in the last 7 days.'));
167	}
168	}
169	if (@!empty($bb2_result)) {

bad-behavior/blacklist.inc.php CHANGED Viewed

	@@ -50,10 +50,12 @@ function bb2_blacklist($package) {
50	"Nutscrape/", // misc comment spam
51	"OmniExplorer", // spam harvester
52	"Opera/9.64(", // comment spam bot

53	"psycheclone", // spam harvester
54	"PussyCat ", // misc comment spam
55	"PycURL", // misc comment spam
56	"Python-urllib", // commonly abused

57	// WP 2.5 now has Flash; FIXME
58	// "Shockwave Flash", // spam harvester
59	"sqlmap/", // SQL injection
	@@ -81,7 +83,7 @@ function bb2_blacklist($package) {
81	"DTS Agent", // misc comment/email spam
82	"Email Extractor", // spam harvester
83	"Firebird/", // too old; assumed robot
84	- "Gecko/25", // revisit this in 500 years
85	"grub-client", // search engine ignores robots.txt
86	"hanzoweb", // very badly behaved crawler
87	"Havij", // SQL injection tool


50	"Nutscrape/", // misc comment spam
51	"OmniExplorer", // spam harvester
52	"Opera/9.64(", // comment spam bot
53	+ "PMAFind", // vulnerability scanner
54	"psycheclone", // spam harvester
55	"PussyCat ", // misc comment spam
56	"PycURL", // misc comment spam
57	"Python-urllib", // commonly abused
58	+ "revolt", // vulnerability scanner
59	// WP 2.5 now has Flash; FIXME
60	// "Shockwave Flash", // spam harvester
61	"sqlmap/", // SQL injection

83	"DTS Agent", // misc comment/email spam
84	"Email Extractor", // spam harvester
85	"Firebird/", // too old; assumed robot
86	+ "Gecko/2525", // revisit this in 500 years
87	"grub-client", // search engine ignores robots.txt
88	"hanzoweb", // very badly behaved crawler
89	"Havij", // SQL injection tool

bad-behavior/common_tests.inc.php CHANGED Viewed

	@@ -22,8 +22,11 @@ function bb2_protocol($settings, $package)
22	function bb2_cookies($settings, $package)
23	{
24	// Enforce RFC 2965 sec 3.3.5 and 9.1
25	- // ~~Bots~~ ~~wanting~~ ~~new-style~~ ~~cookies~~ ~~should~~ ~~send~~ ~~Cookie2~~
26	- // ~~FIXME:~~ ~~Amazon~~ ~~Kindle~~ is ~~broken;~~ ~~Amazon~~ ~~has~~ ~~been notified 9/24/08~~



27	if (@strpos($package['headers_mixed']['Cookie'], '$Version=0') !== FALSE && !array_key_exists('Cookie2', $package['headers_mixed']) && strpos($package['headers_mixed']['User-Agent'], "Kindle/") === FALSE) {
28	return '6c502ff1';
29	}


22	function bb2_cookies($settings, $package)
23	{
24	// Enforce RFC 2965 sec 3.3.5 and 9.1
25	+ // The only valid value for $Version is 1 and when present,
26	+ // the user agent MUST send a Cookie2 header.
27	+ // First-gen Amazon Kindle is broken; Amazon has been notified 9/24/08
28	+ // NOTE: RFC 2965 is obsoleted by RFC 6265. Current software MUST NOT
29	+ // use Cookie2 or $Version in Cookie.
30	if (@strpos($package['headers_mixed']['Cookie'], '$Version=0') !== FALSE && !array_key_exists('Cookie2', $package['headers_mixed']) && strpos($package['headers_mixed']['User-Agent'], "Kindle/") === FALSE) {
31	return '6c502ff1';
32	}

bad-behavior/core.inc.php CHANGED Viewed

	@@ -1,5 +1,5 @@
1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	- define('BB2_VERSION', "2.2.13");
3
4	// Bad Behavior entry point is bb2_start()
5	// If you're reading this, you are probably lost.


1	<?php if (!defined('BB2_CWD')) die("I said no cheating!");
2	+ define('BB2_VERSION', "2.2.14");
3
4	// Bad Behavior entry point is bb2_start()
5	// If you're reading this, you are probably lost.