[pLog-svn] r6192 -inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Mark Wu
markplace at gmail.com
Fri Feb 29 04:01:58 EST 2008
Hi Paul:
I remember we did this before, the plugins and core are seperate in
different repository directories.
The resaon we move the bad behavior to the core is becasue we want it as
part of core ... and deliver it with lifetype official release.
If there are an urgent patch or upgrade of bad behavior, I think we can
release a lifetype hotfix for it.
How do you think?
Mark
_____
From: plog-svn-bounces at devel.lifetype.net
[mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
Sent: Friday, February 29, 2008 4:05 PM
To: LifeType Developer List
Subject: Re: [pLog-svn] r6192
-inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Hello,
Sure. But I am wondering about something slightly different. I am
thinking about when more people have moved to 2.0. I assume that there will
be a period that 1.2 will still be a supported release, but most developers
will be working on 2.0.
If there is a new version of bad behavior, currently we need to do a new
release of LifeType, as the bad behavior plugin is not available separately.
I assume that at some point we will move the bad behavior plugin to the
plugin branch, to make it easier to release new versions of this plugin.
--Paul
On 2/28/08, Mark Wu <markplace at gmail.com> wrote:
Hi Paul:
I think it is okay. Bcasue I always merge the 1.2 branch to trunk in a
certain period . These changes will apply to 2.0-dev very soon.
Regards, Mark
_____
From: plog-svn-bounces at devel.lifetype.net
[mailto:plog-svn-bounces at devel.lifetype.net] On Behalf Of Paul Westbrook
Sent: Friday, February 29, 2008 2:57 PM
To: LifeType Developer List
Subject: Re: [pLog-svn] r6192 -
inplog/branches/lifetype-1.2/plugins/badbehavior: . bad-behavior
Hello,
As development for LifeType 2.0 takes highe priority, will this plugin,
or the LifeType 1.2 version of it, move back to the main plugin subversion
branch? This would allow quick patches to the plugin to be done, with out
having to spin a whole LifeType release.
--Paul
On 2/28/08, pwestbro at devel.lifetype.net <pwestbro at devel.lifetype.net> wrote:
Author: pwestbro
Date: 2008-02-29 01:49:43 -0500 (Fri, 29 Feb 2008)
New Revision: 6192
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
p
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
p
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
Log:
Checked in version 2.0.13 of bad behavior
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
p
===================================================================
---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
p 2008-02-28 10:54:49 UTC (rev 6191)
+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/blacklist.inc.ph
p 2008-02-29 06:49:43 UTC (rev 6192)
@@ -1,113 +1,113 @@
-<?php if (!defined('BB2_CORE')) die('I said no cheating!');
-
-function bb2_blacklist($package) {
-
- // Blacklisted user agents
- // These user agent strings occur at the beginning of the line.
- $bb2_spambots_0 = array(
- "<sc", // XSS exploit attempts
- "8484 Boston Project", // video poker/porn spam
- "adwords", // referrer spam
- "autoemailspider", // spam harvester
- "blogsearchbot-martin", // from honeypot
- "Digger", // spam harvester
- "ecollector", // spam harvester
- "EmailCollector", // spam harvester
- "Email Extractor", // spam harvester
- "Email Siphon", // spam harvester
- "EmailSiphon", // spam harvester
- "grub crawler", // misc comment/email spam
- "HttpProxy", // misc comment/email spam
- "Internet Explorer", // XMLRPC exploits seen
- "Jakarta Commons", // custommised spambots
- "Java 1.", // definitely a spammer
- "Java/1.", // definitely a spammer
- "libwww-perl", // spambot scripts
- "LWP", // spambot scripts
- "Microsoft URL", // spam harvester
- "Missigua", // spam harvester
- "MJ12bot", // crawls MUCH too fast
- "Movable Type", // customised spambots
- "Mozilla ", // malicious software
- "Mozilla/4.0(", // from honeypot
- "Mozilla/4.0+(", // suspicious harvester
- "MSIE", // malicious software
- "NutchCVS", // unidentified robots
- "Nutscrape/", // misc comment spam
- "OmniExplorer", // spam harvester
- "psycheclone", // spam harvester
- "PussyCat ", // misc comment spam
- "PycURL", // misc comment spam
- "Shockwave Flash", // spam harvester
- "TrackBack/", // trackback spam
- "user", // suspicious harvester
- "User Agent: ", // spam harvester
- "User-Agent: ", // spam harvester
- "Wordpress", // malicious software
- "\"", // malicious software
- );
-
- // These user agent strings occur anywhere within the line.
- $bb2_spambots = array(
- "\r", // A really dumb bot
- "; Widows ", // misc comment/email spam
- "a href=", // referrer spam
- "Bad Behavior Test", // Add this to your user-agent to
test BB
- "compatible ; MSIE", // misc comment/email spam
- "compatible-", // misc comment/email spam
- "DTS Agent", // misc comment/email spam
- "Gecko/25", // revisit this in 500 years
- "grub-client", // search engine ignores robots.txt
- "hanzoweb", // very badly behaved crawler
- "Indy Library", // misc comment/email spam
- "larbin at unspecified", // stealth harvesters
- "Murzillo compatible", // comment spam bot
- ".NET CLR 1)", // free poker, etc.
- "POE-Component-Client", // free poker, etc.
- "Turing Machine", // www.anonymizer.com abuse
- "WebaltBot", // spam harvester
- "WISEbot", // spam harvester
- "WISEnutbot", // spam harvester
- "Windows NT 4.0;)", // wikispam bot
- "Windows NT 5.0;)", // wikispam bot
- "Windows NT 5.1;)", // wikispam bot
- "Windows XP 5", // spam harvester
- "\\\\)", // spam harvester
- );
-
- // These are regular expression matches.
- $bb2_spambots_regex = array(
- "/^[A-Z]{10}$/", // misc email spam
- "/^Mozilla...[05]$/i", // fake user agent/email spam
- "/[bcdfghjklmnpqrstvwxz ]{8,}/",
-// "/(;\){1,2}$/", // misc spammers/harvesters
-// "/MSIE.*Windows XP/", // misc comment spam
- );
-
- // Do not edit below this line.
-
- $ua = $package['headers_mixed']['User-Agent'];
-
- foreach ($bb2_spambots_0 as $spambot) {
- $pos = stripos($ua, $spambot);
- if ($pos !== FALSE && $pos == 0) {
- return "17f4e8c8";
- }
- }
-
- foreach ($bb2_spambots as $spambot) {
- if (stripos($ua, $spambot) !== FALSE) {
- return "17f4e8c8";
- }
- }
-
- foreach ($bb2_spambots_regex as $spambot) {
- if (preg_match($spambot, $ua)) {
- return "17f4e8c8";
- }
- }
-
- return FALSE;
-}
-
-?>
+<?php if (!defined('BB2_CORE')) die('I said no cheating!');
+
+function bb2_blacklist($package) {
+
+ // Blacklisted user agents
+ // These user agent strings occur at the beginning of the line.
+ $bb2_spambots_0 = array(
+ "<sc", // XSS exploit attempts
+ "8484 Boston Project", // video poker/porn spam
+ "adwords", // referrer spam
+ "autoemailspider", // spam harvester
+ "blogsearchbot-martin", // from honeypot
+ "Digger", // spam harvester
+ "ecollector", // spam harvester
+ "EmailCollector", // spam harvester
+ "Email Extractor", // spam harvester
+ "Email Siphon", // spam harvester
+ "EmailSiphon", // spam harvester
+ "grub crawler", // misc comment/email spam
+ "HttpProxy", // misc comment/email spam
+ "Internet Explorer", // XMLRPC exploits seen
+ "Jakarta Commons", // custommised spambots
+ "Java 1.", // definitely a spammer
+ "Java/1.", // definitely a spammer
+ "libwww-perl", // spambot scripts
+ "LWP", // spambot scripts
+ "Microsoft URL", // spam harvester
+ "Missigua", // spam harvester
+ "MJ12bot", // crawls MUCH too fast
+ "Movable Type", // customised spambots
+ "Mozilla ", // malicious software
+ "Mozilla/4.0(", // from honeypot
+ "Mozilla/4.0+(", // suspicious harvester
+ "MSIE", // malicious software
+ "NutchCVS", // unidentified robots
+ "Nutscrape/", // misc comment spam
+ "OmniExplorer", // spam harvester
+ "psycheclone", // spam harvester
+ "PussyCat ", // misc comment spam
+ "PycURL", // misc comment spam
+ "Shockwave Flash", // spam harvester
+ "TrackBack/", // trackback spam
+ "user", // suspicious harvester
+ "User Agent: ", // spam harvester
+ "User-Agent: ", // spam harvester
+ "Wordpress", // malicious software
+ "\"", // malicious software
+ );
+
+ // These user agent strings occur anywhere within the line.
+ $bb2_spambots = array(
+ "\r", // A really dumb bot
+ "; Widows ", // misc comment/email spam
+ "a href=", // referrer spam
+ "Bad Behavior Test", // Add this to your user-agent to
test BB
+ "compatible ; MSIE", // misc comment/email spam
+ "compatible-", // misc comment/email spam
+ "DTS Agent", // misc comment/email spam
+ "Gecko/25", // revisit this in 500 years
+ "grub-client", // search engine ignores robots.txt
+ "hanzoweb", // very badly behaved crawler
+ "Indy Library", // misc comment/email spam
+ "larbin at unspecified", // stealth harvesters
+ "Murzillo compatible", // comment spam bot
+ ".NET CLR 1)", // free poker, etc.
+ "POE-Component-Client", // free poker, etc.
+ "Turing Machine", // www.anonymizer.com abuse
+ "WebaltBot", // spam harvester
+ "WISEbot", // spam harvester
+ "WISEnutbot", // spam harvester
+ "Windows NT 4.0;)", // wikispam bot
+ "Windows NT 5.0;)", // wikispam bot
+ "Windows NT 5.1;)", // wikispam bot
+ "Windows XP 5", // spam harvester
+ "\\\\)", // spam harvester
+ );
+
+ // These are regular expression matches.
+ $bb2_spambots_regex = array(
+ "/^[A-Z]{10}$/", // misc email spam
+ "/^Mozilla...[05]$/i", // fake user agent/email spam
+ "/[bcdfghjklmnpqrstvwxz ]{8,}/",
+// "/(;\){1,2}$/", // misc spammers/harvesters
+// "/MSIE.*Windows XP/", // misc comment spam
+ );
+
+ // Do not edit below this line.
+
+ $ua = $package['headers_mixed']['User-Agent'];
+
+ foreach ($bb2_spambots_0 as $spambot) {
+ $pos = strpos($ua, $spambot);
+ if ($pos !== FALSE && $pos == 0) {
+ return "17f4e8c8";
+ }
+ }
+
+ foreach ($bb2_spambots as $spambot) {
+ if (strpos($ua, $spambot) !== FALSE) {
+ return "17f4e8c8";
+ }
+ }
+
+ foreach ($bb2_spambots_regex as $spambot) {
+ if (preg_match($spambot, $ua)) {
+ return "17f4e8c8";
+ }
+ }
+
+ return FALSE;
+}
+
+?>
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
===================================================================
--- plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
2008-02-28 10:54:49 UTC (rev 6191)
+++ plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/msie.inc.php
2008-02-29 06:49:43 UTC (rev 6192)
@@ -1,24 +1,25 @@
-<?php if (!defined('BB2_CORE')) die('I said no cheating!');
-
-// Analyze user agents claiming to be MSIE
-
-function bb2_msie($package)
-{
- if (!array_key_exists('Accept', $package['headers_mixed'])) {
- return "17566707";
- }
-
- // MSIE does NOT send "Windows ME" or "Windows XP" in the user agent
- if (strpos($package['headers_mixed']['User-Agent'], "Windows ME")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows XP")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32") !==
FALSE) {
- return "a1084bad";
- }
-
- // MSIE does NOT send Connection: TE
- if (preg_match('/\bTE\b/i',
$package['headers_mixed']['Connection'])) {
- return "2b90f772";
- }
-
- return false;
-}
-
-?>
+<?php if (!defined('BB2_CORE')) die('I said no cheating!');
+
+// Analyze user agents claiming to be MSIE
+
+function bb2_msie($package)
+{
+ if (!array_key_exists('Accept', $package['headers_mixed'])) {
+ return "17566707";
+ }
+
+ // MSIE does NOT send "Windows ME" or "Windows XP" in the user agent
+ if (strpos($package['headers_mixed']['User-Agent'], "Windows ME")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows XP")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Windows 2000")
!== FALSE || strpos($package['headers_mixed']['User-Agent'], "Win32") !==
FALSE) {
+ return "a1084bad";
+ }
+
+ // MSIE does NOT send Connection: TE but Akamai does
+ // Bypass this test when Akamai detected
+ if (!array_key_exists('Akamai-Origin-Hop',
$package['headers_mixed']) && preg_match('/\bTE\b/i',
$package['headers_mixed']['Connection'])) {
+ return "2b90f772";
+ }
+
+ return false;
+}
+
+?>
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
===================================================================
---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
2008-02-28 10:54:49 UTC (rev 6191)
+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/version.inc.php
2008-02-29 06:49:43 UTC (rev 6192)
@@ -1,3 +1,3 @@
-<?php if (!defined('BB2_CWD')) die("I said no cheating!");
-define('BB2_VERSION', "2.0.11");
-?>
+<?php if (!defined('BB2_CWD')) die("I said no cheating!");
+define('BB2_VERSION', "2.0.13");
+?>
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
p
===================================================================
---
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
p 2008-02-28 10:54:49 UTC (rev 6191)
+++
plog/branches/lifetype-1.2/plugins/badbehavior/bad-behavior/whitelist.inc.ph
p 2008-02-29 06:49:43 UTC (rev 6192)
@@ -1,56 +1,58 @@
-<?php if (!defined('BB2_CORE')) die('I said no cheating!');
-
-function bb2_whitelist($package)
-{
- // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
-
- // Inappropriate whitelisting WILL expose you to spam, or cause Bad
- // Behavior to stop functioning entirely! DO NOT WHITELIST unless
you
- // are 100% CERTAIN that you should.
-
- // IP address ranges use the CIDR format.
-
- // Includes four examples of whitelisting by IP address and
netblock.
- $bb2_whitelist_ip_ranges = array(
- "10.0.0.0/8",
- "172.16.0.0/12",
- "192.168.0.0/16",
-// "127.0.0.1",
- );
-
- // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
-
- // Inappropriate whitelisting WILL expose you to spam, or cause Bad
- // Behavior to stop functioning entirely! DO NOT WHITELIST unless
you
- // are 100% CERTAIN that you should.
-
- // You should not whitelist search engines by user agent. Use the IP
- // netblock for the search engine instead. See
http://whois.arin.net/
- // to locate the netblocks for an IP.
-
- // User agents are matched by exact match only.
-
- // Includes one example of whitelisting by user agent.
- // All are commented out.
- $bb2_whitelist_user_agents = array(
- // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
It's me, let me in",
- );
-
- // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
-
- // Do not edit below this line
-
- if (!empty($bb2_whitelist_ip_ranges)) {
- foreach ($bb2_whitelist_ip_ranges as $range) {
- if (match_cidr($package['ip'], $range)) return true;
- }
- }
- if (!empty($bb2_whitelist_user_agents)) {
- foreach ($bb2_whitelist_user_agents as $user_agent) {
- if (!strcmp($package['headers_mixed']['User-Agent'],
$user_agent)) return true;
- }
- }
- return false;
-}
-
-?>
+<?php if (!defined('BB2_CORE')) die('I said no cheating!');
+
+function bb2_whitelist($package)
+{
+ // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
+
+ // Inappropriate whitelisting WILL expose you to spam, or cause Bad
+ // Behavior to stop functioning entirely! DO NOT WHITELIST unless
you
+ // are 100% CERTAIN that you should.
+
+ // IP address ranges use the CIDR format.
+
+ // Includes four examples of whitelisting by IP address and
netblock.
+ $bb2_whitelist_ip_ranges = array(
+ "64.191.203.34/32", // Digg whitelisted as of 2.0.12
+ "208.67.217.130/32", // Digg whitelisted as of 2.0.12
+ "10.0.0.0/8",
+ "172.16.0.0/12",
+ "192.168.0.0/16",
+// "127.0.0.1",
+ );
+
+ // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
+
+ // Inappropriate whitelisting WILL expose you to spam, or cause Bad
+ // Behavior to stop functioning entirely! DO NOT WHITELIST unless
you
+ // are 100% CERTAIN that you should.
+
+ // You should not whitelist search engines by user agent. Use the IP
+ // netblock for the search engine instead. See
http://whois.arin.net/
+ // to locate the netblocks for an IP.
+
+ // User agents are matched by exact match only.
+
+ // Includes one example of whitelisting by user agent.
+ // All are commented out.
+ $bb2_whitelist_user_agents = array(
+ // "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)
It's me, let me in",
+ );
+
+ // DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER! DANGER!
+
+ // Do not edit below this line
+
+ if (!empty($bb2_whitelist_ip_ranges)) {
+ foreach ($bb2_whitelist_ip_ranges as $range) {
+ if (match_cidr($package['ip'], $range)) return true;
+ }
+ }
+ if (!empty($bb2_whitelist_user_agents)) {
+ foreach ($bb2_whitelist_user_agents as $user_agent) {
+ if (!strcmp($package['headers_mixed']['User-Agent'],
$user_agent)) return true;
+ }
+ }
+ return false;
+}
+
+?>
Modified:
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
===================================================================
---
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
2008-02-28 10:54:49 UTC (rev 6191)
+++
plog/branches/lifetype-1.2/plugins/badbehavior/pluginbadbehavior.class.php
2008-02-29 06:49:43 UTC (rev 6192)
@@ -20,7 +20,7 @@
$this->desc = "Bad Behavior for LifeType";
$this->author = "The Lifetype Project";
$this->db =& Db::getDb();
- $this->version = "20071205";
+ $this->version = "20080228";
$config =& Config::getConfig();
$prefix = Db::getPrefix();
_______________________________________________
pLog-svn mailing list
pLog-svn at devel.lifetype.net
http://limedaley.com/mailman/listinfo/plog-svn
_______________________________________________
pLog-svn mailing list
pLog-svn at devel.lifetype.net
http://limedaley.com/mailman/listinfo/plog-svn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://limedaley.com/pipermail/plog-svn/attachments/20080229/3328b26c/attachment-0001.htm
More information about the pLog-svn
mailing list