5687fe96ca101da3db797f868f26a99108183b8b Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/0f8fe8d029a60ff41851616dee9aaf009cf5c2ce 0f8fe8d029a60ff41851616dee9aaf009cf5c2ce 2009-06-13T13:25:34-07:00 2009-06-13T13:25:34-07:00 * A particularly nasty trackback spammer advertising various drugs has been blocked in this release. * A check for a certain type of referrer spam had been broken and has been fixed. * Bad Behavior attempted to pass IPv6 addresses, in an incorrect format, to blacklists which are not themselves ready to handle IPv6 addresses. On Mac OS X, this also caused users on localhost to be blocked, since it uses the IPv6 address for localhost, even without another IPv6 network connection. A workaround was placed in version 2.0.26 to disable checking IPv6 addresses until the various blacklists are able to accept IPv6 addresses. The workaround was not coded correctly and has been corrected in this release. * A harmless PHP notice has been suppressed. * A particularly nasty trackback spammer advertising various drugs was blocked in the 2.0.27 release. An error in the logic may have caused legitimate trackbacks to be blocked. This error has been corrected. * A PHP warning which appeared in the IPv6 handling code has been corrected. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> aaba5dad69f0776bcdf8ece3366d26a6ea4fe2bd Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 747d599a4d6aceb1f874c76a274213b7ad380c1d Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/5687fe96ca101da3db797f868f26a99108183b8b 5687fe96ca101da3db797f868f26a99108183b8b 2009-02-01T14:25:25-08:00 2009-02-01T14:25:25-08:00 * Bad Behavior attempted to pass IPv6 addresses, in an incorrect format, to blacklists which are not themselves ready to handle IPv6 addresses. On Mac OS X, this also caused users on localhost to be blocked, since it uses the IPv6 address for localhost, even without another IPv6 network connection. A workaround has been placed to disable checking IPv6 addresses until the various blacklists are able to accept IPv6 addresses. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> fe46a55181be44b12c6883dbf884b972697dd940 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 20a850f39c9ad0e26e6f65ae0063b4d9d662b9cd Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/747d599a4d6aceb1f874c76a274213b7ad380c1d 747d599a4d6aceb1f874c76a274213b7ad380c1d 2008-12-20T14:38:13-08:00 2008-12-20T14:38:13-08:00 * A logic error in the http:BL handling caused some legitimate users to be blocked while spammers were allowed through. This error has been fixed. The spammers are now blocked while the potentially legitimate users are allowed. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 962f9e6a7ec581697892e1a6938f7e8956df3ec0 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com bab4abfea3e714935fd1bec1724334cb396f1090 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/20a850f39c9ad0e26e6f65ae0063b4d9d662b9cd 20a850f39c9ad0e26e6f65ae0063b4d9d662b9cd 2008-10-02T17:08:27-07:00 2008-10-02T17:08:27-07:00 * Due to a bug in the Amazon Kindle Basic Web service, Kindle users are unable to browse more than one page of a Bad Behavior protected site. Amazon has been notified of the problem. This release provides a temporary workaround which will allow Kindle users to view your site. * One additional email address harvester has been identified and blocked. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 459959a3e22acba41548857b5926fa49ac56d3d7 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 3a588618c46ee6d971519fcfd80633b19c8bdb1a Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/bab4abfea3e714935fd1bec1724334cb396f1090 bab4abfea3e714935fd1bec1724334cb396f1090 2008-08-27T20:03:35-07:00 2008-08-27T20:03:35-07:00 * A PHP OpenID library was being blocked. It is now permitted. This should resolve OpenID issues for a wide variety of sites. Please contact me if you continue to have OpenID trouble. (Thanks to Christian Höltje for the patch.) * A new Google search crawler for mobile content was inadvertently blocked. It is now permitted. * Several harmless PHP notices have been suppressed. (Thanks to Amilcar Lucas, webmaster of KDevelop.org for the patch.) by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 4bffb7923f8843ac76fb3ca02f5ef15a6f8d7f36 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com d9ca41044226882f072f41f7673df50ee77905b1 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/3a588618c46ee6d971519fcfd80633b19c8bdb1a 3a588618c46ee6d971519fcfd80633b19c8bdb1a 2008-08-27T19:56:28-07:00 2008-08-27T19:56:28-07:00 * Two logic errors in version 2.0.21 which generated PHP warnings on some server configurations have been fixed. (See the comments on the 2.0.21 release announcement for further details.) * POST requests are no longer accepted from off-site URLs. A POST request must originate from the same site as the URL to which the form data is being sent. This prevents spammers from posting to your site from scraped copies of your content which reside at other sites such as splogs. (One of the two logic errors was preventing this new feature from working.) * One additional email harvester has been identified and blocked by user agent. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 427ce11e806a08781ac6965ef7597ffa11d1288e Mario Oyorzabal Salgado tuxsoul@tuxsoul.com fe0bab8efc7378e6d67e3db158d40c3d8bef910e Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/d9ca41044226882f072f41f7673df50ee77905b1 d9ca41044226882f072f41f7673df50ee77905b1 2008-08-27T19:53:07-07:00 2008-08-27T19:53:07-07:00 * Users who specified the Ukrainian language in their browser settings were mistakenly blocked. This issue has been fixed. * Bad Behavior now incorporates data on harvesters and comment spammers compiled by Project Honey Pot and published through its http:BL service. In order to enable this feature, you must obtain an http:BL access key and provide this key to Bad Behavior in its settings. While the http:BL settings can be fine-tuned to block or allow requests based on the threat level and age of a harvester or comment spammer record, the default settings have been extensively tested and found to block virtually all spammers known to http:BL while allowing all legitimate users, even those that http:BL may have classified as suspicious. This feature obsoletes any other http:BL plugins you may have, and they can be removed. * The Majestic-12 search engine crawler was mistakenly blocked. This block has been removed and a block placed for a malicious bot which pretends to be the Majestic-12 crawler. * The bot used by Attributor, a service which looks for copyright infringement and sends takedown notices, has been identified and blocked. * Several additional spambots have been identified and blocked by user agent. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> c370fbc22288e5d3331ec6538cafc5a082a7c04c Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 1bc78deacfb16b3e159be2ef220e410bb990e57b Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/fe0bab8efc7378e6d67e3db158d40c3d8bef910e fe0bab8efc7378e6d67e3db158d40c3d8bef910e 2008-08-27T19:45:19-07:00 2008-08-27T19:45:19-07:00 * The “Show Blocked” option in the WordPress management page did not do anything. It has been fixed. * A security issue was identified in the new management page for WordPress which would have allowed an attacker to compromise the site administrator’s PC through cross-site scripting or malicious code injection. This issue has been fixed. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> c501176b3322cf7eff9cb9f6ef7715eba5e9ae1a Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 377c505daeb22539ee89095886a6e35fc707172d Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/1bc78deacfb16b3e159be2ef220e410bb990e57b 1bc78deacfb16b3e159be2ef220e410bb990e57b 2008-08-27T17:41:21-07:00 2008-08-27T17:41:21-07:00 * The test for the spambot identified in version 2.0.18 was not functioning correctly. The test has been fixed. * A new administration page has been added for WordPress which allows for browsing through the Bad Behavior log. Click Manage > Bad Behavior to view the log files. This feature will be expanded in the future based on user feedback. WordPress version 1.5 or higher is required. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> a4a57503cc74746bbb9b0184b9f082afa92ef562 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 624867af7becaa4c08eea493fb2779f750af4997 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/377c505daeb22539ee89095886a6e35fc707172d 377c505daeb22539ee89095886a6e35fc707172d 2008-08-27T17:29:41-07:00 2008-08-27T17:29:41-07:00 * Some proxy server products by Clearswift were blocked by Bad Behavior due to an odd header this proxy server uses. This issue has been fixed and all Clearswift products should be able to access Bad Behavior-protected sites. * A new spambot and a malicious bot targeting Coppermine Photo Gallery have been identified and blocked. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 2527f01f02df504af60a526bcdd9ff03802eeb03 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 98c51af5de134e0a46ab67c515270e51061cfb96 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/624867af7becaa4c08eea493fb2779f750af4997 624867af7becaa4c08eea493fb2779f750af4997 2008-08-27T17:08:40-07:00 2008-08-27T17:08:40-07:00 * Some code specific to WordPress was moved out of the Bad Behavior core. * Some variables in the screener were initialized to prevent spurious PHP notices. * The LifeType code was updated to the latest version provided by its developers. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> cfe7a193fa0d2c76606bec6c359f6783c1d62f2d Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 54a47c9226dac2d90db8cf6d97f17baa5aa706db Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/98c51af5de134e0a46ab67c515270e51061cfb96 98c51af5de134e0a46ab67c515270e51061cfb96 2008-08-27T17:04:01-07:00 2008-08-27T17:04:01-07:00 * An option was added in version 2.0.15 to disable Bad Behavior’s logging feature entirely. However, the feature failed to work on certain web server configurations. This release should fix the issue. Disabling logging may result in additional spam being received on your site. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 6126a09af9c4b38e2fc3bc9c6e7bebd8a7409ead Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 155ee4ad44ad08108b7ace0f52ea83fc5a07dc79 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/54a47c9226dac2d90db8cf6d97f17baa5aa706db 54a47c9226dac2d90db8cf6d97f17baa5aa706db 2008-08-27T16:57:45-07:00 2008-08-27T16:57:45-07:00 * An option has been added to disable Bad Behavior’s logging feature entirely. The logging functionality, while it allows Bad Behavior to block more spam in certain cases, can degrade performance on certain high-traffic sites as well as poorly configured web servers and very low capacity servers such as some VPSs. Disabling logging may result in additional spam being received on your site. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 1e1876eec3700283ebc2ecc965ff45401519c7ed Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 01fbe9cf3e5c78ca97fc15b1a5979cda6115a759 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/155ee4ad44ad08108b7ace0f52ea83fc5a07dc79 155ee4ad44ad08108b7ace0f52ea83fc5a07dc79 2008-08-27T16:50:13-07:00 2008-08-27T16:50:13-07:00 * Shockwave Flash has been removed from the blacklist, since software that uses Bad Behavior (WordPress 2.5 and later) now includes Flash animations which access the software backend. Since some email harvesters use Shockwave Flash as a user-agent string, this may result in additional email spam being received if email addresses are exposed on your site. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 4626f4daad5cfffe76857c44976483d921b29ac5 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 51661a94b03d9ec924879ee79b348d6b9171f9a4 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/01fbe9cf3e5c78ca97fc15b1a5979cda6115a759 01fbe9cf3e5c78ca97fc15b1a5979cda6115a759 2008-08-27T16:45:22-07:00 2008-08-27T16:45:22-07:00 * A bit of code relating to MediaWiki has been disabled. This code attempted to measure Bad Behavior’s run time and insert it into wiki pages as an HTML comment while they were being rendered. This code inadvertently inserted blank lines into the output and has been disabled until it can be fixed. * MediaWiki users receiving fatal errors regarding wfQuery did not install the extension properly and should consult the installation directions and/or the README.txt file. * A bug in Bad Behavior’s user agent blacklist code caused blacklist matches to become case-insensitive, when they should have been case-sensitive. Among other things, this caused pingbacks and trackbacks sent from WordPress blogs to fail. This has been fixed. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> f0c88c086fb82add346edd7f06cf9be1cad5acc4 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com 23ba22417d46190cf57937f926b1829cf55ea16b Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/51661a94b03d9ec924879ee79b348d6b9171f9a4 51661a94b03d9ec924879ee79b348d6b9171f9a4 2008-08-27T16:35:32-07:00 2008-08-27T16:35:32-07:00 * IP addresses for the digg.com service have been added to Bad Behavior’s internal whitelist. Upon submitting a story to digg.com, it attempts to load the submitted URL using the PEAR HTTP_Request class, but with a fake HTTP user agent, causing Bad Behavior to block the requests. This problem was reported to digg and the company has failed to respond or to resolve the problem. The IP addresses have been whitelisted due to user demand. If you use digg, please let them know that this is not acceptable to you. * Users deploying Bad Behavior with Akamai Dynamic Site Accelerator, Dynamic Site Accelerator Enterprise, or Web Application Accelerator found that Internet Explorer users were being blocked by Bad Behavior. This issue was traced to Akamai’s use of the HTTP/1.1 transfer coding feature in its proxy servers. This issue has been fixed. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> f99b9020e8d9bda780b73470b2c763b06abdaa29 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com affd5f4cb368307281d8ae1e734407492c9a1efd Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/23ba22417d46190cf57937f926b1829cf55ea16b 23ba22417d46190cf57937f926b1829cf55ea16b 2008-08-27T16:26:23-07:00 2008-08-27T16:26:23-07:00 * All users should update to Bad Behavior 2.0.11 immediately to prevent being blocked from your own site. * A third party blacklist which Bad Behavior queries recently began sending false positives for any IP address queried, causing everyone using Bad Behavior to be blocked. This issue is fixed in Bad Behavior 2.0.11. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> aede56e7efa5abe39ff70de12caa59d6b75a2990 Mario Oyorzabal Salgado tuxsoul@tuxsoul.com Mario Oyorzabal Salgado tuxsoul@tuxsoul.com http://github.com/tuxsoul/bad-behavior/commit/affd5f4cb368307281d8ae1e734407492c9a1efd affd5f4cb368307281d8ae1e734407492c9a1efd 2008-08-27T16:07:00-07:00 2008-08-27T16:07:00-07:00 * Bad Behavior 2.0.10 fixed a bug which caused a failure to block any spam on sites using PHP 5.2.0 or later. by Michael Hampton in http://www.bad-behavior.ioerror.us/ Signed-off-by: Mario Oyorzabal Salgado <tuxsoul@tuxsoul.com> 548caa2ceccdf51167222db275b6e658b6dc2e3c Mario Oyorzabal Salgado tuxsoul@tuxsoul.com