[pLog-svn] r4521 -
plugins/branches/lifetype-1.1/badbehavior/bad-behavior
Jon Daley
plogworld at jon.limedaley.com
Thu Jan 11 01:42:48 GMT 2007
Yes - it was commented in 2.0.8 as well. I had uncommented it
since at fast times, I think it would be useful. I am not sure why he
killed it altogether, after he discovered 5 seconds was annoying.
On Wed, 10 Jan 2007, Paul Westbrook wrote:
> Hello,
> I did. The author commented this check all together from his distribution.
>
> --Paul
>
>
> On Jan 10, 2007, at 4:39 PM, Jon Daley wrote:
>
>> Did you mean to remove my uncommented 1 second timeout check? I
>> haven't seen any false positives with it, and I'll bet it gets some
>> spammers.
>>
>> On Mon, 8 Jan 2007, pwestbro at devel.lifetype.net wrote:
>>
>>> Author: pwestbro
>>> Date: 2007-01-08 17:46:00 +0000 (Mon, 08 Jan 2007)
>>> New Revision: 4521
>>>
>>> Modified:
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/blacklist.inc.php
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/common_tests.inc.php
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/post.inc.php
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/version.inc.php
>>> Log:
>>> Integrated Bad Behavior 2.0.9 into the bad behavior plugin
>>>
>>>
>>> Modified:
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/blacklist.inc.php
>>> ===================================================================
>>> ---
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/blacklist.inc.php
>>> 2007-01-05 18:32:33 UTC (rev 4520)
>>> +++
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/blacklist.inc.php
>>> 2007-01-08 17:46:00 UTC (rev 4521)
>>> @@ -31,9 +31,11 @@
>>> "Mozilla/4.0(", // from honeypot
>>> "Mozilla/4.0+(", // suspicious harvester
>>> "MSIE", // malicious software
>>> + "NutchCVS", // unidentified robots
>>> "OmniExplorer", // spam harvester
>>> + "psycheclone", // spam harvester
>>> "PussyCat ", // misc comment spam
>>> - "psycheclone", // spam harvester
>>> + "PycURL", // misc comment spam
>>> "Shockwave Flash", // spam harvester
>>> "User Agent: ", // spam harvester
>>> "User-Agent: ", // spam harvester
>>>
>>> Modified:
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/common_tests.inc.php
>>> ===================================================================
>>> ---
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/common_tests.inc.php
>>> 2007-01-05 18:32:33 UTC (rev 4520)
>>> +++
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/common_tests.inc.php
>>> 2007-01-08 17:46:00 UTC (rev 4521)
>>> @@ -29,15 +29,18 @@
>>> }
>>>
>>> // Broken spambots send URLs with various invalid characters
>>> - if (strpos($package['request_uri'], "#") !== FALSE ||
>>> strpos($package['headers_mixed']['Referer'], "#") !== FALSE) {
>>> + // Some broken browsers send the #vector in the referer field :(
>>> + // if (strpos($package['request_uri'], "#") !== FALSE ||
>>> strpos($package['headers_mixed']['Referer'], "#") !== FALSE) {
>>> + if (strpos($package['request_uri'], "#") !== FALSE) {
>>> return "dfd9b1ad";
>>> }
>>>
>>> // Range: field exists and begins with 0
>>> // Real user-agents do not start ranges at 0
>>> // NOTE: this blocks the whois.sc bot. No big loss.
>>> + // Exceptions: MT (not fixable); LJ (refuses to fix; may be
>>> + // blocked again in the future)
>>> if (array_key_exists('Range', $package['headers_mixed']) &&
>>> strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) {
>>> - // LifeType mod: jondaley: LiveJournal uses URI::Fetch for
>>> OpenID checking
>>> if (strncmp($ua, "MovableType", 11) && strncmp($ua,
>>> "URI::Fetch", 10)) {
>>> return "7ad04a8a";
>>> }
>>> @@ -49,7 +52,10 @@
>>> }
>>>
>>> // Lowercase via is used by open proxies/referrer spammers
>>> - if (array_key_exists('via', $package['headers'])) {
>>> + // Exceptions: Clearswift uses lowercase via (refuses to fix;
>>> + // may be blocked again in the future)
>>> + if (array_key_exists('via', $package['headers']) &&
>>> + !strstr($package['headers']['via'],'Clearswift Web Policy
>>> Engine')) {
>>> return "9c9e4979";
>>> }
>>>
>>>
>>> Modified:
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/post.inc.php
>>> ===================================================================
>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/post.inc.php
>>> 2007-01-05 18:32:33 UTC (rev 4520)
>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/post.inc.php
>>> 2007-01-08 17:46:00 UTC (rev 4521)
>>> @@ -42,10 +42,9 @@
>>>
>>> if ($screener > 0) {
>>> // Posting too fast? 5 sec
>>> - // LifeType mod by jondaley: catch 1 second posts
>>> // FIXME: even 5 sec is too intrusive
>>> - if ($screener + 1 > time())
>>> - return "408d7e72";
>>> + // if ($screener + 5 > time())
>>> + // return "408d7e72";
>>> // Posting too slow? 48 hr
>>> // LifeType mod by jondaley: since pages can be cached,
>>> // the cookie might not be updated
>>> @@ -64,10 +63,10 @@
>>>
>>> // Screen for user agent changes
>>> // User connected previously with blank user agent
>>> - $q = bb2_db_query("SELECT `ip` FROM " .
>>> $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip`
>>> = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent']
>>> . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
>>> +// $q = bb2_db_query("SELECT `ip` FROM " .
>>> $settings['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip`
>>> = '" . $screener[1] . "') AND `user_agent` != '" . $package['user_agent']
>>> . "' AND `date` > DATE_SUB('" . bb2_db_date() . "', INTERVAL 5 MINUTE)");
>>> // Damnit, too many ways for this to fail :(
>>> - if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
>>> - return "799165c2";
>>> +// if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
>>> +// return "799165c2";
>>> }
>>>
>>> return false;
>>>
>>> Modified:
>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/version.inc.php
>>> ===================================================================
>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/version.inc.php
>>> 2007-01-05 18:32:33 UTC (rev 4520)
>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/version.inc.php
>>> 2007-01-08 17:46:00 UTC (rev 4521)
>>> @@ -1,3 +1,3 @@
>>> <?php if (!defined('BB2_CWD')) die("I said no cheating!");
>>> -define('BB2_VERSION', "2.0.8");
>>> +define('BB2_VERSION', "2.0.9");
>>> ?>
>>>
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>>
>>
>> --
>> Jon Daley
>> http://jon.limedaley.com/
>>
>> What good is it for a man to gain the whole world, yet forfeit his soul?
>> -- Jesus Christ
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> --
> Paul Westbrook
> paul at westbrooks.org
> <http://www.westbrooks.org>
>
>
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Jon Daley
http://jon.limedaley.com/
If you don't know the truth, you will believe anything.
-- Eric Simmons
More information about the pLog-svn
mailing list