glFusion Wiki

Site Tools


glfusion:bb2

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
glfusion:bb2 [2010/02/01 20:12]
glfusion:bb2 [2016/09/13 19:45] (current)
Line 1: Line 1:
 +====== Bad Behavior2 Plugin ======
  
 +Bad Behavior complements other link spam solutions by acting as a gatekeeper, preventing spammers from ever delivering their junk, and in many cases, from ever reading your site in the first place. This keeps your site’s load down, makes your site logs cleaner, and can help prevent denial of service conditions caused by spammers. (quoted from http://​bad-behavior.ioerror.us/​) ​
 +
 +Bad Behavior can take advantage of the [[https://​www.projecthoneypot.org/​services_overview.php|Project Honey Pot - HTTP Black List]] service, which will block known malicious sites. You will need to create an account and obtain a set of keys to configure below.
 +
 +===== Configuration Options =====
 +
 +The Bad Behavior configuration options are located under **Command & Control -> Spam / Bot Protect**.
 +
 +^Option^Description ^
 +|BB2 Enabled|Set this to true to enable Bad Behavior 2 plugin protection. |
 +|Enable Automatic Banning|If set to true, IPs will be automatically banned if they fail the CAPTCHA entry 5 times, or if a post fails the Cross Site Forgery Check. IPs will be banned for 24 hours.|
 +|Display Stats|Enabling this option will add a blurb to your web site footer advertising Bad Behavior'​s presence and the number of recently blocked requests. Sites receiving more than 1,000 visitors per day should leave this option disabled as it is database intensive. This option is not available or has no effect when logging is not in use.|
 +|Strict Checking|Bad Behavior operates in two blocking modes: normal and strict. When strict mode is enabled, some additional checks for buggy software which have been spam sources are enabled, but occasional legitimate users using the same software (usually corporate or government users using very old software) may be blocked as well. It is up to you whether you want to have the government reading your blog, or keep away more spammers.|
 +|Verbose Logging|Turning on verbose mode causes all HTTP requests to be logged. When verbose mode is off, only blocked requests and a few suspicious (but permitted) requests are logged. Verbose mode is off by default. Using verbose mode is not recommended as it can significantly slow down your site; it exists to capture data from live spammers which are not being blocked.|
 +|Logging Enabled|You can disable logging entirely, but this is not recommended since it may cause additional spam to get through.|
 +|HTTP BlackList Key|Bad Behavior is capable of using data from the [[http://​www.projecthoneypot.org/​httpbl_api.php|http:​BL service]] provided by Project Honey Pot to screen requests. This is purely optional; however if you wish to use it, you must sign up for the service and obtain an API key. To disable http:BL use, remove the API key from your settings.|
 +|http:BL Threat Level|This number provides a measure of how suspicious an IP address is, based on activity observed at Project Honey Pot. Bad Behavior will block requests with a threat level equal or higher to this setting. Project Honey Pot has more information on this parameter.|
 +|http:BL Maximum Age|This is the number of days since suspicious activity was last observed from an IP address by Project Honey Pot. Bad Behavior will block requests with a maximum age equal to or less than this setting. Project Honey Pot (http://​www.projecthoneypot.org/​threat_info.php) has more information on this parameter.|
 +|Allow Offsite Forms|Bad Behavior normally prevents your site from receiving data posted from forms on other web sites. This prevents spammers from, e.g., using a Google cached version of your web site to send you spam. However, some web applications such as OpenID require that your site be able to receive form data in this way.|
 +|EU Cookie|Enable this option to alter Bad Behavior'​s cookie handling to conform to 2012 EU cookie regulations. |
 +
 +
 +
 +
 +===== Searching =====
 +
 +Users in the Bad Behavior2 Admin group can search the Bad Behavior2 logs. Simply go to glFusion'​s search page and enter your search terms. Select “Bad Behavior2” from the “Type” drop-down menu if you only want to perform a search on the Bad Behavior2 logs. 
 +
 +The search function will search for IP addresses and it also searches through the entire HTTP request that the offender used to access the site.
 + 
 +
 +=====Site Statistics Integration=====
 +Bad Behavior2 also displays a section in your site's statistics. In addition to the total number of blocked requests, it also displays a list of the most common misbehaviors. These statistics are only visible to members of the 'Bad Behavior2 Admin' group. ​
 +===== Stats Block =====
 +
 +The Bad Behavior 2 plugin provides a '​Block'​ function so you can include a stats block on your site. The function name is phpblock_bad_behavior2_stats(). ​
 +
 +
 +===== Whitelisting IP Addresses =====
 +
 +You can add whitelist entries to Bad Behavior to allow a specific IP address or blocks of IP addresses by adding them to public_html/​bad_behavior2/​bad-behavior/​whitelist.inc.php.