Not signed in ( Sign In)

Categories

Welcome, Guest

Want to take part in these discussions? Sign in if you have an account, or apply for one below

Vanilla 1.1.10 is a product of Lussumo. More Information: Documentation, Community Support.

    •  
      CommentAuthormacmathan
    • CommentTimeOct 11th 2009 edited
     permalink
    I have to admit having made a sidetrip on WordPress for a while before getting so annoyed on performance that I came back to Flatpress :)

    During that time though, I found out about a very interesting solution to block spambots and other troublemakers, and that is Bad Behavior.

    I ported the current version (2.0.29 at time of writing) to Flatpress, and think it won't be too hard to keep it up with the updates. Everyone should be able to with a little php-knowledge :)

    I'll put a mention about it on the wiki as well, and if you're interested just look at my blog for more info: Bad Behavior plugin for flatpress

    As always, use on your own risk, but it seems to work very well for me on two different hosts.

    /David

    [ADDED 17 jan 2010] I have since December 28 had an installation guide for the development branch (2.1) available as well. It's even easier to get working now and performs well for me, but bear in mind that it is still called development and not stable, so there can be issues with a future upgrade.
    •  
      CommentAuthorNoWhereMan
    • CommentTimeOct 11th 2009 edited
     permalink
    sounds veeery nice! great job!
    •  
      CommentAuthorlaborix
    • CommentTimeOct 11th 2009
     permalink
    @macmathan
    Why need I a key from the honeypot? If the request from a client is not ok, then a 403 code ist send. I use Bad Behavior a long time with the "bad-behavior-gerneric.php" as described here:

    Bugs: [SVN][v0.805] Antispam not working [debug patch included]

    Ok, logging isn't supported, but it works without a Honeypot Key like the Wordpress own Bad Behavior Plugin do so. Please, tell me more about the honeypot and which advantage I will get after registering by Honeypot.
    •  
      CommentAuthorNoWhereMan
    • CommentTimeOct 11th 2009
     permalink
    Oh, I forgot about that one :D
    •  
      CommentAuthormacmathan
    • CommentTimeOct 11th 2009
     permalink
    Bad Behavior's basic functionality is to look at the behavior of each visitor and block those that acts strangely in some way. (Explained here)

    Then there is the added layer of protection through using the blocking features from the http:BL part of the honeypot project.

    Posted By: laborix@macmathan
    Why need I a key from the honeypot?


    It's for using the dynamic http:BL-black list function documented at the project honypot site, but in short the key is needed for the DNS-queries on each connecting IP to see if it's a known recent spammer or not.

    I would like to stress that you can use the plugin without the key from project honeypot to catch a lot of bad behaving visitors, but the upside with having a key is that then you will also catch well behaving (in http-exchange protocol terms) agents that connects from IP-numbers that is known for spamming etc.

    The sweet thing about the http:BL part is that the thresholds for 1) how much ill behaviour there has been from one IP and 2) how long time ago that was last seen, is settable in the plugin. So it's possible to customise the level wanted pretty good.

    For me about roughly another 50% malicious bots are catched with the http:BL functionality activated, so it makes sense to use it.

    I suggest anyone wanting to know more about the http:BL functionality to read up on it on the link above. (There's also an API documented for the clarification of it.)

    Posted By: laborixIf the request from a client is not ok, then a 403 code ist send.


    Yes that is how it works out of the box.

    Posted By: laborixOk, logging isn't supported


    Not straight from the box, but you could use my method with a flatfile for logging. It requires a small hack of a core function (to get away from SQL queries), but I have supplied my workaround and it works for basic logging.

    I hope this clears at least some of the questionmarks :)

    /David
    •  
      CommentAuthormacmathan
    • CommentTimeOct 11th 2009
     permalink
    Posted By: laborixI use Bad Behavior a long time with the "bad-behavior-gerneric.php" as described here:

    Bugs: [SVN][v0.805] Antispam not working [debug patch included]


    Uhm, ok... (Makes a note about always search forums before posting)

    I didn't see it on the plugin page on the wiki, so i decided to make a few adjustments to the generic approach and share it with the community. :)
    •  
      CommentAuthorlaborix
    • CommentTimeOct 11th 2009
     permalink
    Posted By: macmathanI hope this clears at least some of the questionmarks :)

    Thanks...

    Posted By: macmathanI didn't see it on the plugin page on the wiki,

    Yes, because it isn't made by myself. All to do is to rename and add the description, nothing more. Simple steps, which every user can do...
    •  
      CommentAuthorbandeezee
    • CommentTimeJan 18th 2010
     permalink
    Thanks for checking. I tried using qspam, but the fact that part of the word gets blocked as well makes it hard for me to use. No disrespect to the creator. I've had someone spamming my comments with links about shemales, but when I put "shemale" in the qspam filter, it blocks "she" and "male" by themselves as well. I need a spam filter that will only block the specific word I put in there or at least let me use that option by putting quotes around the word. I tried deleting "shemale" but it wouldn't save the changes. I could delete the word all the way down to "s" without getting an error, but that was it. Then it got to the point where I replaced the "s" with a blank space and it did work, but now I can't post any comments, so I had to disable it. I know this isn't where I should be posting this, but I wanted to share why I'm not using qspam currently. I might try to reinstall the plugin. Anyway, thanks for your help.
    •  
      CommentAuthorlaborix
    • CommentTimeJan 18th 2010
     permalink
    Posted By: bandeezee... but when I put "shemale" in the qspam filter, it blocks "she" and "male" by themselves as well.

    Sure? Which version of Flatpress do you use?

    Posted By: bandeezeeI tried deleting "shemale" but it wouldn't save the changes.

    Hm,

    take a look in the file called "settings.conf.php". You can find this file in your config directory and open it with an UTF-8 editor. There you can remove the line with "blank space (shemale before)" and then enable qspam again.
    •  
      CommentAuthorbandeezee
    • CommentTimeJan 19th 2010
     permalink
    Ok, I think that worked. It didn't seem to record the blank space (or I can't find it in the settings.conf.php file), but I did find where I can switch the "Block comments containing more than 0 words" to 1 in the settings.conf.php file instead and now I can post. I think me changing it to 0 was the problem. Anybody know if there is a way to make sure quickspam only catches "shemale" and not "she" or "male"? If you want me to post this question in a different thread, please let me know and I'll be more than happy to. Thanks for all your help and thanks to you laborix.
    •  
      CommentAuthorbandeezee
    • CommentTimeJan 19th 2010
     permalink
    btw, I use version .909 of Flatpress, just updated recently (I think that's the latest version).
    •  
      CommentAuthorlaborix
    • CommentTimeJan 19th 2010 edited
     permalink
    Posted By: bandeezee... Anybody know if there is a way to make sure quickspam only catches "shemale" and not "she" or "male"?

    Please try the SVN 281 Update for the qspam plugin. Download and transfer it to /fp-plugins/qspam.

    SCM Repositories - flatpress - plugin.qspam.php

    The SVN 281 was released a few days after .909 of Flatpress. It tried with "she" and "male", all seems ok.

    Edit:

    I forgot to mentioned that you need a second file for the SVN 281 update. Get it here and transfer it to your webspace, where flatpress is installed.

    SCM Repositories - flatpress - comments.php
    •  
      CommentAuthorbandeezee
    • CommentTimeJan 22nd 2010
     permalink
    Perfect, saved the files and uploaded them and it seems to work great. Thanks so much for you help