Register Members List Search Today's Posts Mark Forums Read

Reply
 
Mod Options
vB Bad Behavior (vB4) Details »
vB Bad Behavior (vB4)
Mod Version: 1.0.14, by Eric (Coder/Designer) Eric is offline
Developer Last Online: Jun 2018 I like it Show Printable Version Email this Page

vB Version: 4.x.x Rating: (25 votes - 4.92 average) Installs: 204
Released: 05 Apr 2011 Last Update: 22 Sep 2015 Downloads: 1035
Supported DB Changes Uses Plugins Additional Files Re-usable Code Translations External Content  

/**
* vB Bad Behavior is free software; you can redistribute it and/or modify it under
* the terms of the GNU Lesser General Public License as published by the Free
* Software Foundation; either version 3 of the License, or (at your option) any
* later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT ANY
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A
* PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details.
*/


What is vB Bad Behavior?
This is an integration of the Bad Behavior software with vBulletin.

What is Bad Behavior?
Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it. Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site's load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers.

Visit http://bad-behavior.ioerror.us/ for more.

Features
For more information on the features of Bad Behavior (and subsequently this mod) please go to Bad Behavior's site:

http://bad-behavior.ioerror.us/documentation/benefits/

For features related to the mod itself, please take a look at the screenshots.

This mod should work with vB 4.x, it was tested on 4.1.2/4.1.3. Screenshots are from vB 3.x, but it should still look relatively the same with vB4.

Installation
1. Extract the contents of the zip file.
2. Upload the contents of the `upload` folder to your forum root.
3. Enter your AdminCP and go to Plugins & Products > Manage Products > [Add/Import Product]
4. Import the product using the `product-vb_badbehavior.xml` file.
5. Configure the mod in AdminCP -> Settings -> Options -> vB Bad Behavior Options

Upgrading

vB Bad Behavior
In many cases, all you'll need to do to upgrade is follow the installation instructions above.

The only difference, will be you'll need to allow the files to overwrite. Also, when re-importing the product file, you'll need to set "Allow Overwrite" to "Yes".

Bad Behavior
Bad Behavior's files are at `/includes/bad-behavior/`. If you wish to update manually go to:

http://bad-behavior.ioerror.us/download/

And download the latest development version. Extract the zip, and upload the contents of `bad-behavior` to `/includes/bad-behavior/` allowing the files to overwrite.

Versions
The current version of Bad Behavior this mod is using is: v2.2.16
The current version of Bad Behavior (development) is: v2.2.16

Changelog
Version 1.0.14, 09/22/2015
  • Bad Behavior upgraded to 2.2.16

Version 1.0.13, 04/23/2013
  • Bad Behavior upgraded to 2.2.14

Version 1.0.12, 12/21/2012 -- Released: 02/05/2013
  • Bad Behavior upgraded to 2.2.13
  • Added some more ranges to whitelist.ini

Version 1.0.10, 09/09/2012
  • Bad Behavior upgraded to 2.2.10

Version 1.0.9, 06/17/2012
  • Bad Behavior upgraded to 2.2.7

Version 1.0.8, 06/12/2012
  • Bad Behavior upgraded to 2.2.6
  • New Setting: EU Cookie

Version 1.0.7, 05/04/2012
  • Bad Behavior upgraded to 2.2.3
  • Cron/Scheduled Task for automatic log pruning added.

Version 1.0.6, 01/04/2012
  • Bad Behavior upgraded to 2.1.15

Version 1.0.5, 05/26/2011
  • Added option for bypassing users/members.
  • If the visitor is a user, and is in usergroup 5, 6, or 7 (admin/mod/super mod) - Bad Behavior is bypassed.
  • Modified bad-behavior core to check for Google Web Preview
    • file edited: /includes/bad-behavior/core.inc.php
  • Added a link beside the IP address in the log for WhoIs.

Version 1.0.4, 04/28/2011
  • Bad Behavior upgraded to 2.1.13 (fixes search engine block issues)
  • Added Paypal/Paypal IPN IP address to the whitelist.
  • Added payment gateway file names to the whitelist.

Version 1.0.3, 04/21/2011
  • Fix #1: Pruning log doesn't work.
  • Fix #3: POST more than two days after GET (added support for BB's javascript)
  • Fix #5: Cannot modify header information error (suppressed error in BB's function)
  • Implemented #6: Filter per key (new admincp option to list keys not to be shown in log)
  • Implemented #9: Show link to member profile (if userid is found in headers, link to profile)

Version 1.0.2, 04/10/2011
  • Updated /includes/functions_vb_badbehavior.php to:
    • disable Reverse Proxy if Reverse Proxy Addresses are empty
    • distinguish SQL queries using "SET", for example: SET @@session.wait_timeout = 90 - which is used by BB
    • set "offsite_forms" to false by default, as it's not really needed in vB IMHO, and it can cause problems with certain setups
    • cleaned up the bb2_read_settings() function and fixed a typo in one of the vbulletin options calls
  • Updated /includes/whitelist.ini to include the following GOOGLE ranges:
    • 74.125.0.0/16
    • 216.239.32.0/19
    • 209.85.128.0/17
    • 66.102.0.0/20
  • Updated /admincp/vb_badbehavior.php
    • Log pruning was pruning all logs, despite what was entered for number of days

Version 1.0.1, 04/06/2011
  • Bad Behavior upgraded to 2.1.12
  • Changed files:
    • /includes/bad-behavior/core.inc.php
    • /includes/bad-behavior/searchengine.inc.php
  • "Verbose" admin option now set to "No" by default.

Version 1.0.0, 04/05/2011
  • Initial release.


Screenshots
Screenshots can now be seen at: http://www.secondversion.com/images/vb/vb_badbehavior/

I was running out of room for attachments here on vB.org


Development

https://github.com/ericsizemore/vb_b...ree/master/vb4


Only those who "Mark As Installed" will receive support for this modification.

Download Now

Only licensed members can download files, Click Here for more information.

Show Your Support

  • To receive notifications regarding updates -> Click to Mark as Installed.
  • If you like this modification support the author by donating.
  • This modification may not be copied, reproduced or published elsewhere without author's permission.
Similar Mod
Mod Developer Type Replies Last Post
Integration with vBulletin vB Bad Behavior Eric vBulletin 3.8 Add-ons 329 12 Sep 2017 02:14
Integration with vBulletin Project HoneyPot HTTP Blacklist Addon ( with Bad Behavior integration) TheSupportForum Modification Graveyard 51 09 Apr 2011 13:59
Integration with vBulletin Bad Behavior Integration SemperFideles vBulletin 4.x Add-ons 45 06 Apr 2011 01:27

  #46  
Old 27 May 2011, 10:49
BadgerDog BadgerDog is offline
 
Join Date: Oct 2006
Real name: Doug
Thanks for the update ...

I can't find where the "option" in the AdminCP exists to set the usergroup exception for 5,6,7?

Also, I assume the IE6 thing is handled somewhere? I ask because my logs now show a specific user ID who has been having trouble (Usergroup 9) because he's stuck with IE6 and the log shows.

HTTP Response: 403
Explanation: You do not have permission to access this server.
Log Message: Request contained a malicious JavaScript or SQL injection attack
Of course that's not true for him, but how do I get the mod to not bother checking him and his IE6?

My apologies if I've misunderstood how to do this, or have missed something obvious.

Thanks again... great add-on and I previously donated directly with PayPal ...

Regards,
Doug
Reply With Quote
  #47  
Old 27 May 2011, 11:08
Eric's Avatar
Eric Eric is offline
 
Join Date: May 2006
Real name: Eric
Originally Posted by BadgerDog View Post
Thanks for the update ...

I can't find where the "option" in the AdminCP exists to set the usergroup exception for 5,6,7?

Also, I assume the IE6 thing is handled somewhere? I ask because my logs now show a specific user ID who has been having trouble (Usergroup 9) because he's stuck with IE6 and the log shows.



Of course that's not true for him, but how do I get the mod to not bother checking him and his IE6?

My apologies if I've misunderstood how to do this, or have missed something obvious.

Thanks again... great add-on and I previously donated directly with PayPal ...

Regards,
Doug
I have not heard back from error10 yet, so no go on the IE6 yet.

Usergroups 5,6,7 are hardcoded to be excepted. You wouldn't want to block them Otherwise, you can set the option to "yes" for all other usergroups.
__________________
My modifications

Please do not contact me for support via PM or E-Mail unless I've asked you to do so. Otherwise, your message will be ignored/deleted.
Reply With Quote
  #48  
Old 27 May 2011, 11:17
BadgerDog BadgerDog is offline
 
Join Date: Oct 2006
Real name: Doug
Originally Posted by Eric View Post
I have not heard back from error10 yet, so no go on the IE6 yet.

Usergroups 5,6,7 are hardcoded to be excepted. You wouldn't want to block them Otherwise, you can set the option to "yes" for all other usergroups.

Thanks ... understood ..

I changed the single instance hard coded line in the XML to add the other two usergroups we needed:


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Regards,
Doug
Reply With Quote
  #49  
Old 28 May 2011, 15:02
S3Ponline S3Ponline is offline
 
Join Date: May 2010
This looks incredible.

I registered to HoneyPot, but I don’t know where to get the API

Also, which 404 does it send to? Can I edit it so that it provides a link to our email service?

EDIT:

Also how much drain have you noticed from connection speeds?
Reply With Quote
  #50  
Old 28 May 2011, 19:24
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Originally Posted by S3Ponline View Post
Also how much drain have you noticed from connection speeds?
BB greatly speeds up my site. If you mean delay from connecting to project honeypot: i think that you can manually submit user agents to PH. In that case there is no drain at all. But that feature has not been added yet. See here:
http://trac.assembla.com/vb-bad-behavior/ticket/11
Reply With Quote
  #51  
Old 30 May 2011, 16:11
S3Ponline S3Ponline is offline
 
Join Date: May 2010
Warning: Cannot modify header information - headers already sent by (output started at [path]/includes/class_core.php:5417) in [path]/includes/bad-behavior/screener.inc.php on line 8

I get this warning
Reply With Quote
  #52  
Old 07 Jun 2011, 09:45
viper357's Avatar
viper357 viper357 is offline
 
Join Date: Dec 2006
Badgerdog, did this solve the IE6 problem? I'm still getting registered users blocked even though the mod is set to bypass registered users in the admin panel.
Originally Posted by BadgerDog View Post
Thanks ... understood ..

I changed the single instance hard coded line in the XML to add the other two usergroups we needed:


Block Disabled:      (Update License Status)  
Suspended or Unlicensed Members Cannot View Code.

Regards,
Doug
__________________
Marine Aquariums
Reply With Quote
  #53  
Old 07 Jun 2011, 11:09
BadgerDog BadgerDog is offline
 
Join Date: Oct 2006
Real name: Doug
Originally Posted by viper357 View Post
Badgerdog, did this solve the IE6 problem? I'm still getting registered users blocked even though the mod is set to bypass registered users in the admin panel.
Well, by deduction, since I haven't had any complaints from registered members who I know are using IE6, I assume it's working fine ....

Regards,
Doug
Reply With Quote
  #54  
Old 07 Jun 2011, 11:21
viper357's Avatar
viper357 viper357 is offline
 
Join Date: Dec 2006
Ok, thanks.
__________________
Marine Aquariums
Reply With Quote
  #55  
Old 07 Jun 2011, 11:45
BadgerDog BadgerDog is offline
 
Join Date: Oct 2006
Real name: Doug
Originally Posted by viper357 View Post
Ok, thanks.
You're welcome ...

One thing I don't find is working is the Log Filter Keys function. For example, we added the key "00000000" to the list in the AdminCP options, yet those entries still show up in the logs.

Regards,
Doug
Reply With Quote
  #56  
Old 08 Jun 2011, 22:10
CK CK is offline
 
Join Date: Dec 2007
Real name: http://xenforo.com/
Can someone give "fire & forget" settings.

I want this to run on non-members, I would prefer nothing too aggressive, I want only obvious spammers to be blocked and I certainly do not want to miss out on legitimate crawlers, what would you guys suggest?
Reply With Quote
  #57  
Old 08 Jun 2011, 22:31
CK CK is offline
 
Join Date: Dec 2007
Real name: http://xenforo.com/
Operating mode - no
Logging - yes
Verb - no
http:BL - on with key @ level 25
Reverse proxy - no
Members - no
Reply With Quote
  #58  
Old 13 Jun 2011, 21:10
evilTone evilTone is offline
 
Join Date: Apr 2004
Originally Posted by BadgerDog View Post
since I haven't had any complaints from registered members who I know are using IE6, I assume it's working fine
the exempt users from checks is fine, but an unregistered user with IE6 cant view the site or access the register page unless im missing something
Reply With Quote
  #59  
Old 14 Jun 2011, 10:57
BadgerDog BadgerDog is offline
 
Join Date: Oct 2006
Real name: Doug
Originally Posted by evilTone View Post
the exempt users from checks is fine, but an unregistered user with IE6 cant view the site or access the register page unless im missing something
Ahhh... I understand now ..

That's possible, but I don't know what could be done about htat, except for the author of this mod to check for IE6 browsers and let them through.

Regards,
Doug
Reply With Quote
  #60  
Old 14 Jun 2011, 17:04
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
You can whitelist ie6 if you want, but unless your forum is aimed at government employees, I would not see a reason to do so.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Mod Options

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


New To Site? Need Help?

All times are GMT. The time now is 02:30.

Layout Options | Width: Wide Color: