Joomla anti-spam

Thursday, 05 April 2007

 

TeachMeJoomla has ported Michael Hampton's BadBehavior to a Joomla system mambot.

The BadBehavior scripts monitors the way your site is accessed, blocking spam bots, harvesting bots, and any user agent (browser) that doesn't obey robots.txt standard. The script has more blocking rules for known spammer IP addresses and typical spammer access patterns.

Read more about BB at its home page 

... and further read this document for instructions and download 

To update your Joomla! sites, please remove the old bot, then download and install the latest version. After this step is completed access and reload your frontpage to make the "first run" message go away.

Update[Apr 23 2008]: the latest bot uses BB 2.0.15 code.

Update[Jan 22 2008]: the latest bot uses BB 2.0.12 code.

New in this release (since 2.0.11):

  • IP addresses for the digg.com service have been added to Bad Behavior’s internal whitelist. Upon submitting a story to digg.com, it attempts to load the submitted URL using the PEAR HTTP_Request class, but with a fake HTTP user agent, causing Bad Behavior to block the requests. This problem was reported to digg and the company has failed to respond or to resolve the problem. The IP addresses have been whitelisted due to user demand. If you use digg, please let them know that this is not acceptable to you.
  • Users deploying Bad Behavior with Akamai Dynamic Site Accelerator, Dynamic Site Accelerator Enterprise, or Web Application Accelerator found that Internet Explorer users were being blocked by Bad Behavior. This issue was traced to Akamai’s use of the HTTP/1.1 transfer coding feature in its proxy servers. This issue has been fixed.

 

Update: the latest bot uses BB 2.0.11 code.

New in 2.0.11: 

The updated bot fixes some critical errors, including the bug that breaks POST forms submission.

Documentation

 This mambot is a Joomla  .zip install file. Use your administration->Installer->mambots menu to install this extension.

All you have to do after this step is completed is go to Mambots->Site Mambots Menu and publish the "Bad Behavior v2 mambot" bot (it's a system mambot)

Next, you should click "Site->Preview in new window"  in your admin. You should get a first install message that will dissapear when refreshing the page.

At this point the mambot is up and running, and has created the #__bb2_log database table to hold access statistics 

Configuration 

Strict mode parameter - please review BadBehavior Documentation for this

Verbose parameter - choose whether to  log full statistics, or log only blocked HTTP requests. We recommend turning verbose mode off, as it would collect large amounts of data. It is only useful for debugging, in our opinion
 

Database install flag - This parameter holds the database table install status. You should never alter this parameter. If you set this to "Not completed", the #__bb2_log table will be dropped (wiped away) and recreated again.

This may seem odd, why would we have a parameter we're not allowed to configure? Well, because Joomla does not allow SQL in mambot install packages, we worked around this by having the bot check this special param, and if the param is set to 'Not completed' the bot runs the necessary SQL to create the log table. 

This does not affect system performance, and allows us to have a functional BadBehavior script. If we didn't use this parameter technique we would have to write a Joomla Component just for the log table creation.

What's the log table good for?

The log table holds HTTP requests. TeachMeJoomla  will shortly release a module that shows the blocked spammer hosts  statistics.

The "#__"  in table name stands for Your Joomla Global configuration MySQL Database Prefix (usually "jos_")

You can use a Mysql administration tool (like PHPMyAdmin) to manage the records in this table 

Download 

Here's the latest BadBehavior Bot download.

BB2_bot (BadBehavior 2.0.15) for Joomla! 

Older releases:

BB2_bot (BadBehavior 2.0.12) for Joomla!

BB2_bot (BadBehavior 2.0.11) for Joomla!

BB2_bot (BadBehavior 2.0.10) for Joomla!  

Please link to this HTML page instead of linking directly to the zip file. This helps us get more Internet visibility and (hopefully) some advertising cents to support our future work.

Thank You 

Support 

We provide this bot on an "as is" and "no warranty" basis. Please access our forums or leave comments and questions  on this article if you have a hard time using our BB2 Joomla port. 

BadBehavior credits go to Michael Hampton .

Joomla port (bb2_bot)  brought to you by Tudor from TeachMeJoomla(the very page you're looking at). 



Add this page to your favorite Social Bookmarking websites
Reddit! Del.icio.us! StumbleUpon! Yahoo! Swik!



Comments (53)
RSS comments
1. Thanks06-04-2007 06:58

Just a quick note to say thanks for providing this port to Joomla!.

2. Thank you from: Crack Google SEO Search06-04-2007 21:05

A little plug and a BIG THANKS to you for this port. 
 
Crack Google provides search engine tips for google. 
Our readers could use this product for their websites. 
Please let me know if you want to publish an article for us on our site, we will be happy to help out. 
 
Thank you, 
 
 
Crack Google

3. Warning messages07-04-2007 22:34

Hi! 
 
After instalation bot and logout i've warning messages 
 
BB2_bot was installed. You only get this message once, at the first run. Enjoy! 
 
Please refresh this page to clear this message 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/mambots/system/bad-behavior/screener.inc.php on line 8 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/index.php on line 250 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/index.php on line 251 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/index.php on line 252 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/index.php on line 253 
 
Warning: Cannot modify header information - headers already sent by (output started at /srv/www/htdocs/mambots/system/bad-behavior/bad-behavior-joomla.php:196) in /srv/www/htdocs/index.php on line 254 
 
I hope so thats don't some security hole in Joomla.  
 
I used joomla 1.0.12 
apache2-prefork-2.0.49-27.26 
apache2-mod_fastcgi-2.4.0-243.1 
apache2-2.0.49-27.26 
apache2-mod_php4-4.3.4-43.31 
apache2-mod_python-3.1.3-37.6 
apache2-mod_perl-1.99_12_20040302-38.1

4. @Chris07-04-2007 23:13

Don't worry, those are harmless warnings, because the plugin outputs this one-time message before Joomla! expects. If you had your error reporting set to simple(in Administration->Global Configuration->Server), you would never have seen the warnings.

5. @Chris09-04-2007 15:13
tamirzzz

Hi, 
 
 
how can you tell it is not blocking 'legal' http requests? 
 
Tnx a lot for the work done!

6. @Chris09-04-2007 15:40
Tudor

Hi, please go to the BB2 homepage and read more about how it works.

7. bb2 logs17-04-2007 13:19

Hiya, 
 
We've installed this on our site but it seems to be blocking legitmate surfers. The bb2_log shows the ip address etc but to be perfectly honest, I do not understand what the logs are telling me. Can anyone help me understand what the logs mean?

8. 403 error message18-04-2007 06:22

I get the following message below when activated - any ideas why? 
 
Error 403 
We're sorry, but we could not fulfill your request for / on this server. 
 
An invalid request was received from your browser. This may be caused by a malfunctioning proxy server or browser privacy software. 
 
Your technical support key is: 5198-ae63-45b3-5e30 
 
You can use this key to fix this problem yourself. 
 
If you are unable to fix the problem yourself, please contact info at hackneyindependent.org and be sure to provide the technical support key shown above.

9. www.hackneyindependent.org18-04-2007 08:50

oh okay... 
 
read this page below 
 
http://www.bad-behavior.ioerror.us/2005/09/30/what-to-do-when-bad-behavior-blocks-you-or-your-friends/ 
 
hmm... not sure if I can be be bothered to deal with this if the first person I test in on - Me! - falls at the first hurdle! 
 
:grin

10. Project Honey Pot14-05-2007 20:42

I have no skills with php nor mysql but i am really upset about comment spammers at my forum... 
 
I was looking for a solution and found Bad Bevaiour for Joomla!: 
http://extensions.joomla.org/component/option,com_mtree/task,viewlink/link_id,2081/Itemid,35/ 
 
It works pretty fine but its database is not up to date so a few spammers get my forums. 
 
I did continue my search and found Project Honey Pot: 
http://www.projecthoneypot.org 
 
Obviously, it looks like a final solution but i have not experiencie to code a bot for joomla. 
 
Finally, totally freak with the spam, I decided to try including some lines to my INDEX.PHP and amazing it works. 
 
I copy and paste the lines i put at the very top of my index.php in order to pray for help to get those lines into a proper structure for a mambot: 
---------- 
// My http:BL key 
$apikey = 'YOUshouldPUTyourOWNkeyHERE'; 
 
// IP to test : your visitor's 
$ip = $_SERVER['REMOTE_ADDR']; 
 
// build the lookup DNS query 
// Example : for '127.9.1.2' you should query 'abcdefghijkl.2.1.9.127.dnsbl.httpbl.org' 
$lookup = $apikey . '.' . implode('.', array_reverse(explode ('.', $ip ))) . '.dnsbl.httpbl.org'; 
 
// check query response 
$result = explode( '.', gethostbyname($lookup)); 
 
if ($result[0] == 127) { 
// query successful ! 
$activity = $result[1]; 
$threat = $result[2]; 
$type = $result[3]; 
 
if ($type & 0) $typemeaning .= 'Search Engine, '; 
if ($type & 1) $typemeaning .= 'Suspicious, '; 
if ($type & 2) { 
$typemeaning .= 'Harvester, '; 
$kurl="http://www.inosanchez.com/stopspam.php"; 
header("location:$kurl"); } 
if ($type & 4) { 
$typemeaning .= 'Comment Spammer, '; 
$kurl="http://www.inosanchez.com/stopspam.php"; 
header("location:$kurl"); } 
$typemeaning = trim($typemeaning,', '); 

---------- 
The only thing you need is a Honey Pot Key, don't worry it is free, and you can get it from: 
http://www.projecthoneypot.org/httpbl.php 
 
Those lines are working great but i'm totally sure they should not be placed like i did nor where i did. 
 
Any guides or help to make a bridge of Honey Pot with Joomla! will be really apreciatted. 
 
Thanks in advance for your help.

11. Project Honey Pot15-05-2007 14:57
temptemp

i am having this problem using awardspace. it seems to work find using site preview but afterwards viewing the homepage says there's an error and there's a problem using a error document to handle it.

12. nice work16-05-2007 05:33

thanks a lot 
 
i clicked on ur google ads :D

13. Errors after install BB2 bot on Joomla 112-06-2007 13:33

Hi hope you can help I get these errors when viewing an article on my Joomnla site after activating the BB2 bot 
 
Warning: stripos() expects parameter 1 to be string, NULL given in /home/mysite/public_html/includes/compat.php50x.php on line 105 
 
Warning: Cannot modify header information - headers already sent by (output started at /home/mysite/public_html/includes/compat.php50x.php:105) in /home/mysite/public_html/mambots/system/bad-behavior/screener.inc.php on line 8 
 
Notice: SSI.php was unable to load a session! This may cause problems with logout and other functions - please make sure SSI.php is included before *anything* else in all your scripts! in /home/mysite/public_html/forums/SSI.php on line 160 
 
Any ideas? 
 
Thanks

14. problem13-06-2007 20:26
Wizard

Hi i installed this mambot. and it gives me problems.  
i installed it in a test site that nobody knows yet except me. and when i want to test it it gives me.  
 
Error 400 
 
We're sorry, but we could not fulfill your request for /joomla/ on this server. 
 
An invalid request was received. This may be caused by a malfunctioning proxy server or browser privacy software. If you are using a proxy server, bypass the proxy server or contact your proxy server administrator. 
 
Your technical support key is: 5248-2a48-a52f-0448 
 
You can use this key to fix this problem yourself. 
 
i dont run a proxy and all and im the only person that views it so there is somekind of problem in the script or so? i use firefox no idea where to look what might block it.

15. You Really got me!03-07-2007 10:00

At first run ! The page produce garbage! and I am really shock! almost panick! :grin  
 
But then I read the readable msg that say something like you only got this msg once!  
 
Whoaaaa! what a relief! I thought your plugin really messed up my system!  
 
Anyway thanks for the great plugin! I am having problems with these spammer using my tell a friend modules as well as registration. 
 
Hopefully this plugin will reduce if not eliminate the problems 
 
thanks again 
 
ronn

16. just say...03-07-2007 19:19

I really wish it work, but it doen't not seem work out for me. so i just uninstall it. please give some advices. here is my website: http://daitangkinhvietnam.org and the message: 
Error 403 
We're sorry, but we could not fulfill your request for / on this server. 
 
An invalid request was received from your browser. This may be caused by a  
malfunctioning proxy server or browser privacy software. 
 
Your technical support key is: 456a-6ba9-45b3-5e30 
 
You can use this key to fix this problem yourself. 
 
If you are unable to fix the problem yourself, please contact daitangkinhvietnam at yahoo.com and be sure to provide the technical support key shown above.

17. staying informed04-07-2007 13:49

Hi, 
 
WOW, what a great mambot! 
I'd like to stay updated when your module to see stats will be available. 
But I can't find any place to write my email. 
So keep me informed please!!

18. PHP Notice: Undefined variable: screener07-07-2007 08:34
Rob

PHP Notice: Undefined variable: screener1 in /.../mambots/system/bad-behavior/post.inc.php on line 39

19. Change Verbose parameter23-08-2007 11:45

Silly question but how do you change the Verbose parameter?

20. thanks30-08-2007 16:24

this mambot work well, thank you.. :)

21. Restricted access18-10-2007 02:12

I installed this on my Joomla RC3 install and I get "Restricted access" Help!

22. Wrong Joomla18-10-2007 16:21

@24: the bot only works for Joomla version < 1.5. 
Did you even bother to read 2 lines of documentation?

23. Joomla 1.5CR320-10-2007 17:14

What documentation would you be referring to? I found the link on a Joomla 1.5 extension list. 
 
http://extensions.joomla-org.com/

24. Great Tool!21-10-2007 13:36

I got this bot spamming all my comment boxes, it gets on my nerves. I use the same akocomment as urs and everyday I had to delete 200-300 comments.. 
 
:) I wonder how thing tool will work :) eager to find out

25. Documentation Link22-10-2007 05:19
Kazcor

Thanks for porting :)  
Did not manage to find the proper documentation first, so here it is for everyone else: 
http://www.bad-behavior.ioerror.us/2006/07/04/bad-behavior-2/ 
 
Cheers

26. Does Bad Behavior protect phone numbers?25-10-2007 12:22

Does Bad Behavior protect phone numbers on a site from being harvested by bots? 
 
In fact, doesn't BB protect all content on a Joomla site from being harvested by undesirable bots?

27. Restricted Access08-11-2007 03:06

Please help !!! 
i've already installed....but when i want to try... 
my homepage sais RESTRICTED ACCESS... 
what should i do???? 
 
Joomla! [ 1.0.11 Stable ]

28. home page12-11-2007 15:40
benji

Hello 
Looks like the home page for bad-behaviour aint working 
http://www.homelandstupidity.us/software/bad-behavior/

29. The Goofy Express18-11-2007 16:41


it's workin for me :S

30. If you have FTP access but can't get in08-12-2007 18:47

This is how I crassly got the update to work, as in my case the "official" route -- i.e. going into the Joomla Admin menu, uninstall BB2 mambot and reinstall the updated version (and don't forget to re-publish it...) -- didn't work, due to the 403s I got smacked with. 
 
This is (was) my case: I still had access via FTP, but couldn't delete the /bad-behavior/ plugin folder inside /mambots/system/ (i.e. because all its files were set to nobody/nobody ownership by Joomla, so I couldn't kill it on my remote host). What I did was rename the /bad-behavior folder to an arbitary other name, e.g. TRASHME, as well as the two BB2 plugins that reside "loose" inside the /mambots/system/ folder (i.e. bb2_bot.php and bb2_bot.xml) which effectively disables BB2. 
 
Then, log into Joomla/Admin (yay!) and to be sure "uninstall" the BB2 mambot, then upload and install the updated file... Done! Of course, those "old" renamed files still need to be deleted, but your sysadmin (i.e., your hosting tech support) should be able to manually delete them with their high-level system privileges, overriding the nobody/nobody (or www/www in some cases) owner/group ownership rights. 
 
All in all - problem solved, thanks for the fast turn-around update for the Joomla community!

31. Blocked my sites09-12-2007 23:18

This took down 10 of my sites for days. It blocked all the forms. Argh!

32. Where do I download badbehavior10-12-2007 11:06

I'm looking for the download link -- but can't find it. Also I see a logon form -- but no register link.  
 
 
????? Rowby

33. Nevermind -- I found the link10-12-2007 11:09

I see the link now and have downloaded badbehavior. 
 
Thanks!

34. PHP Error Messages on Post10-12-2007 12:41

Hi, 
 
I get this error message whenever I post on the forum or a private message: 
PHP Notice: Undefined variable: screener2 in ***\mambots\system\bad-behavior\post.inc.php on line 39 
 
After a short look at the code (and I am in no way a php expert) I've seen that screener2 is used to take some data from the post. 
 
Any idea what's this problem and how can it be solved? 
 
P.S. 
I've seen someone complaining about screener1 several comments a go. 
What was the issue?

35. PHP Error Messages on Post - second part10-12-2007 12:52

ok, I was checking it up a bit, and it looks like this error is happening on all posts. 
 
The problem with forum posts and PM is that I also get a blank page... :x

36. still 403 message15-12-2007 14:22

Just uninstalled the buggy 2.010 bot and downloaded/installed the 2.011. Argh, i still get the 403 message on my regular Windows desktop. However on a second linux pc, the site is working ?? 
What could be the problem here. Would somehouw my regular PC (on the same network and behind the same router/firewall as the linuxPC) be blacklisted. Using no static IP-adress for the desktop. 
Please Help !!

37. pardon my dust15-12-2007 15:00

stupid me: i reread the 403 message (after reading it many many times) and went over the settings for the firewall again (after so many times). During testing i even tried to disable the firewall all together but then my browser didn't work at all. Finally i found an option for stealth mode browsing and, hey let's disable that --> It works !!! Now i can use the mambot and still browse the sites on my desktop. 
(I also had problemss on viewing teachmejoomla.net and dutchjoomla.org with that particular firewallsetting) 
 
Lesson learned : RTFM. (read the f*ing manual) 
Michael and Tudor : thanks for the work.

38. Update to 2.0.12 bad-behavior ....21-01-2008 12:24

Hi bad-behavior have a new release you can check please: 
http://www.bad-behavior.ioerror.us/2008/01/18/bad-behavior-2012/ 
 
Greeting's

39. New Version?22-01-2008 09:46

I have just made a small contribution via PayPal towards the next version of this plugin, in the hope it might bring it about a little sooner. 
 
TIA

40. New Version!22-01-2008 11:19

Anyone who would like a version utilising the recently released 2.0.12 version: Simply overwrite the files inside the installation zip with the identically named ones in the newer, official BB distribution.

41. Update to 2.0.13 ....27-01-2008 22:53

Hi bad-beahavior release new version 2.0.13, please can you update the mambot ... 
 
More info: 
http://www.bad-behavior.ioerror.us/2008/01/27/bad-behavior-2013/ 
 
Greeting's :)

42. spam block with ease28-01-2008 03:49

I like this bot. tx anyway

43. blacklist with ip-range01-02-2008 19:42

Hi, Great bot! Works fine, but have a question: 
I would like to blacklist a single (or range) ip-addresses like you can do in the whitelist.inc.php. 
Any suggestions? 
Thanx!

44. Joomla 1.521-02-2008 16:10

Will there be a version for Joomla 1.5? 
I love this program and will not build another Joomla site without it. But I like to build 1.5 sites! 
 
greetings 
Patrick

45. Joomla 1.5 native18-04-2008 09:27

Hi and thanks for your highly appreciated mambot, I wonder if you are going to develop it for the new version of Joomla, it would be great!!

46. Joomla 1.5 native14-05-2008 03:52

A small problem after installing this on a Joomla 1.5.2 site. When I try to upload pictures they fail at about 90% of the upload. :? Turn off your module and they upload OK. :sigh

47. Strict mode parameter16-05-2008 09:55

You write, "Strict mode parameter - please review BadBehavior Documentation for this", but I don't find anything in the documentation about this. Can you please show me where it is?

48. Thank you04-06-2008 07:58

Fantastic component, we were having real problems with spammers attacking our www.betgizmo.com website. Almost immediately after install our stats reported just real customers again.

49. Active or not?10-06-2008 09:14

I have installed the plugin and get the message: succesful installed. 
 
Where can I found: Next, you should click "Site->Preview in new window" in your admin. You should get a first install message that will dissapear when refreshing the page. 
 
There's nothing to see in the front or backend... 
 
Kind regards

50. Access Restricted10-06-2008 19:22

Please, skip my previous message, I installed an older version... Stupid. 
 
New issue with BadBehavior v2.0.15 mambot is that I receive immediately the message 'Access Restricted' 
 
This message is on the front and backend! There was only one solution to get the access back: rename the .php file with FTP ! 
 
What's wrong?

51. Re: Strict mode07-07-2008 14:56

You're right, strict mode isn't documented. This is my oversight. In brief, it enables some checks which block even more spammers by ensuring strict conformance to the HTTP specification but which, in practice, may block actual human beings (typically those in large corporate networks and developing countries).

52. Errors - help please getting spammed11-07-2008 03:00

How can I get this to work, I get the errors 
 
Warning: stripos() expects parameter 1 to be string, NULL given in /home/mydomain/public_html/includes/compat.php50x.php on line 105 
 
.... 
 
Warning: Cannot modify header information - headers already sent by (output started at /home/mydomain/public_html/includes/compat.php50x.php:105) in /home/mydomain/public_html/mambots/system/bad-behavior/screener.inc.php on line 8 
 
Warning: Cannot modify header information - headers already sent by (output started at /home/mydomain/public_html/includes/compat.php50x.php:105) in /home/mydomain/public_html/includes/joomla.php on line 1463 
 
I tried to load it a few times as others have said it only shows once but it shows all teh time. 
 
Using J1.0.15 
Sobi 2.8.6 (several clones) 
Joomsef 2.2.6 
and others...

53. Restricted Access - I'm screwed14-07-2008 02:02

installed the bot. clicked on it to see config parameters. Paged refreshed with a 'restricted access' message. Cannont get to my site's front end or back end.  
 
Any help would be appreciated.

Write Comment
  • Please keep the topic of messages relevant to the subject of the article.
  • Please don't use comments to plug your web site. Links are rel='nofollow'-ed
  • Please refresh the page if you're having trouble with the security image code
Name:
E-mail
Homepage
Title:
Comment:

:) :grin ;) 8) :p
:roll :eek :upset :zzz :sigh
:? :cry :( :x
Code:* Code

Powered by AkoComment Tweaked Special Edition v.1.4.2

Last Updated ( Wednesday, 23 April 2008 )
 
Post and Bid on Joomla/PHP projects! Join EUFreelance.com for free!

Newsletter

Subscribe to TeachMeJoomla's newsletter
Name:
Email:


Joomla books

Auto tags

joomla spam

joomla anti spam

joomla antispam

joomla contact spam

spam joomla

antispam joomla

joomla anti-spam

anti spam joomla

joomla bug spam

bb2_log

Bad Behavior joomla

bad behaviour joomla

joomla registration spam

spam joomla contact

joomla contact us spam