[pLog-svn] r4521 -
plugins/branches/lifetype-1.1/badbehavior/bad-behavior
Paul Westbrook
paul at westbrooks.org
Thu Jan 11 01:45:05 GMT 2007
Hello,
I didn't realize that it had been commented out in the previous
release. I can un-comment those lines and re-add your comment.
--Paul
On Jan 10, 2007, at 5:42 PM, Jon Daley wrote:
> Yes - it was commented in 2.0.8 as well. I had uncommented it
> since at fast times, I think it would be useful. I am not sure why
> he killed it altogether, after he discovered 5 seconds was annoying.
>
> On Wed, 10 Jan 2007, Paul Westbrook wrote:
>
>> Hello,
>> I did. The author commented this check all together from his
>> distribution.
>>
>> --Paul
>>
>>
>> On Jan 10, 2007, at 4:39 PM, Jon Daley wrote:
>>
>>> Did you mean to remove my uncommented 1 second timeout check? I
>>> haven't seen any false positives with it, and I'll bet it gets
>>> some spammers.
>>> On Mon, 8 Jan 2007, pwestbro at devel.lifetype.net wrote:
>>>> Author: pwestbro
>>>> Date: 2007-01-08 17:46:00 +0000 (Mon, 08 Jan 2007)
>>>> New Revision: 4521
>>>> Modified:
>>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> blacklist.inc.php
>>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> common_tests.inc.php
>>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> post.inc.php
>>>> plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> version.inc.php
>>>> Log:
>>>> Integrated Bad Behavior 2.0.9 into the bad behavior plugin
>>>> Modified: plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> blacklist.inc.php
>>>> ===================================================================
>>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> blacklist.inc.php 2007-01-05 18:32:33 UTC (rev 4520)
>>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> blacklist.inc.php 2007-01-08 17:46:00 UTC (rev 4521)
>>>> @@ -31,9 +31,11 @@
>>>> "Mozilla/4.0(", // from honeypot
>>>> "Mozilla/4.0+(", // suspicious harvester
>>>> "MSIE", // malicious software
>>>> + "NutchCVS", // unidentified robots
>>>> "OmniExplorer", // spam harvester
>>>> + "psycheclone", // spam harvester
>>>> "PussyCat ", // misc comment spam
>>>> - "psycheclone", // spam harvester
>>>> + "PycURL", // misc comment spam
>>>> "Shockwave Flash", // spam harvester
>>>> "User Agent: ", // spam harvester
>>>> "User-Agent: ", // spam harvester
>>>> Modified: plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> common_tests.inc.php
>>>> ===================================================================
>>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> common_tests.inc.php 2007-01-05 18:32:33 UTC (rev 4520)
>>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> common_tests.inc.php 2007-01-08 17:46:00 UTC (rev 4521)
>>>> @@ -29,15 +29,18 @@
>>>> }
>>>>
>>>> // Broken spambots send URLs with various invalid characters
>>>> - if (strpos($package['request_uri'], "#") !== FALSE || strpos
>>>> ($package['headers_mixed']['Referer'], "#") !== FALSE) {
>>>> + // Some broken browsers send the #vector in the referer field :(
>>>> + // if (strpos($package['request_uri'], "#") !== FALSE || strpos
>>>> ($package['headers_mixed']['Referer'], "#") !== FALSE) {
>>>> + if (strpos($package['request_uri'], "#") !== FALSE) {
>>>> return "dfd9b1ad";
>>>> }
>>>>
>>>> // Range: field exists and begins with 0
>>>> // Real user-agents do not start ranges at 0
>>>> // NOTE: this blocks the whois.sc bot. No big loss.
>>>> + // Exceptions: MT (not fixable); LJ (refuses to fix; may be
>>>> + // blocked again in the future)
>>>> if (array_key_exists('Range', $package['headers_mixed']) &&
>>>> strpos($package['headers_mixed']['Range'], "=0-") !== FALSE) {
>>>> - // LifeType mod: jondaley: LiveJournal uses
>>>> URI::Fetch for OpenID checking
>>>> if (strncmp($ua, "MovableType", 11) && strncmp($ua,
>>>> "URI::Fetch", 10)) {
>>>> return "7ad04a8a";
>>>> }
>>>> @@ -49,7 +52,10 @@
>>>> }
>>>>
>>>> // Lowercase via is used by open proxies/referrer spammers
>>>> - if (array_key_exists('via', $package['headers'])) {
>>>> + // Exceptions: Clearswift uses lowercase via (refuses to fix;
>>>> + // may be blocked again in the future)
>>>> + if (array_key_exists('via', $package['headers']) &&
>>>> + !strstr($package['headers']['via'],'Clearswift Web Policy
>>>> Engine')) {
>>>> return "9c9e4979";
>>>> }
>>>> Modified: plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> post.inc.php
>>>> ===================================================================
>>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> post.inc.php 2007-01-05 18:32:33 UTC (rev 4520)
>>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> post.inc.php 2007-01-08 17:46:00 UTC (rev 4521)
>>>> @@ -42,10 +42,9 @@
>>>>
>>>> if ($screener > 0) {
>>>> // Posting too fast? 5 sec
>>>> - // LifeType mod by jondaley: catch 1 second posts
>>>> // FIXME: even 5 sec is too intrusive
>>>> - if ($screener + 1 > time())
>>>> - return "408d7e72";
>>>> + // if ($screener + 5 > time())
>>>> + // return "408d7e72";
>>>> // Posting too slow? 48 hr
>>>> // LifeType mod by jondaley: since pages can be cached,
>>>> // the cookie might not be updated
>>>> @@ -64,10 +63,10 @@
>>>>
>>>> // Screen for user agent changes
>>>> // User connected previously with blank user agent
>>>> - $q = bb2_db_query("SELECT `ip` FROM " . $settings
>>>> ['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip`
>>>> = '" . $screener[1] . "') AND `user_agent` != '" . $package
>>>> ['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() .
>>>> "', INTERVAL 5 MINUTE)");
>>>> +// $q = bb2_db_query("SELECT `ip` FROM " . $settings
>>>> ['log_table'] . " WHERE (`ip` = '" . $package['ip'] . "' OR `ip`
>>>> = '" . $screener[1] . "') AND `user_agent` != '" . $package
>>>> ['user_agent'] . "' AND `date` > DATE_SUB('" . bb2_db_date() .
>>>> "', INTERVAL 5 MINUTE)");
>>>> // Damnit, too many ways for this to fail :(
>>>> - if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
>>>> - return "799165c2";
>>>> +// if ($q !== FALSE && $q != NULL && bb2_db_num_rows($q) > 0)
>>>> +// return "799165c2";
>>>> }
>>>>
>>>> return false;
>>>> Modified: plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> version.inc.php
>>>> ===================================================================
>>>> --- plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> version.inc.php 2007-01-05 18:32:33 UTC (rev 4520)
>>>> +++ plugins/branches/lifetype-1.1/badbehavior/bad-behavior/
>>>> version.inc.php 2007-01-08 17:46:00 UTC (rev 4521)
>>>> @@ -1,3 +1,3 @@
>>>> <?php if (!defined('BB2_CWD')) die("I said no cheating!");
>>>> -define('BB2_VERSION', "2.0.8");
>>>> +define('BB2_VERSION', "2.0.9");
>>>> ?>
>>>> _______________________________________________
>>>> pLog-svn mailing list
>>>> pLog-svn at devel.lifetype.net
>>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>> --
>>> Jon Daley
>>> http://jon.limedaley.com/
>>> What good is it for a man to gain the whole world, yet forfeit
>>> his soul?
>>> -- Jesus Christ
>>> _______________________________________________
>>> pLog-svn mailing list
>>> pLog-svn at devel.lifetype.net
>>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>>
>> --
>> Paul Westbrook
>> paul at westbrooks.org
>> <http://www.westbrooks.org>
>>
>>
>> _______________________________________________
>> pLog-svn mailing list
>> pLog-svn at devel.lifetype.net
>> http://devel.lifetype.net/mailman/listinfo/plog-svn
>
> --
> Jon Daley
> http://jon.limedaley.com/
>
> If you don't know the truth, you will believe anything.
> -- Eric Simmons
> _______________________________________________
> pLog-svn mailing list
> pLog-svn at devel.lifetype.net
> http://devel.lifetype.net/mailman/listinfo/plog-svn
--
Paul Westbrook
paul at westbrooks.org
<http://www.westbrooks.org>
More information about the pLog-svn
mailing list