Tempus Fugit

Mark Jaquith's personal blog

Bad, Bad Spambots

The Bad Behavior plugin for WordPress is an altogether novel way of blocking spambots. In the past, plugins have only looked at factors like the content of the spam submission, the IP of the sender. But what if the content doesn’t contain any “spammy” words and the IP isn’t on any blacklists? What if the bot fetches the entry page before leaving a comment, and scrapes the form for any “hidden values” you may have set? At that point, you have very little to go on.

The problem is that you are not considering enough factors.

Bad Behavior works its magic at “the door,” before spam bots can even try to post a comment or a trackback. It works by looking at the user agent (not a novel approach, but useful, nonetheless) as well as by looking at the HTTP headers. As it turns out, spam bots do a really poor job of hiding their identity in the HTTP headers. They do stupid stuff like changing their user agent to an Internet Explorer agent, but neglecting to send the headers that IE sends.

Bad Behavior was designed and built by watching actual spambots which harvested email addresses, posted comment spam, and used fake referrers. By logging their entire HTTP requests and comparing them to HTTP requests of legitimate users, it is possible to detect most spambots.

IO ERROR: Bad Behavior

So how well does it work? Let’s just say that Spam Karma 2 is getting very, very bored. Take a look at the footer on my site and see how many access attempts it has thwarted. And the great thing is that Bad Behavior works much more quickly than Spam Karma, taking literally 1 to 3 hundredths of a second.

If you have a WordPress 1.5.x blog, look no further than Bad Behavior + Spam Karma 2.

Comments

  2. Here you go:

    function bb_block_count($echo=1) {
	global $wpdb;
	$bb_count = $wpdb->get_var("SELECT COUNT(`id`) FROM `bad_behavior_log` WHERE `http_response` = '403'");
	if ($echo) {
		echo $bb_count;
		return;
	} else {
		return $bb_count;	
	}
}

    Stick that in an existing plugin… I have a misc.php plugin I use for random stuff like that. Use it like this to echo: <?php bb_block_count(); ?>

    Edit: Try copying it again if it didn’t work before

  3. I created the misc.php file and put it in my plugins directory. Then I get this output error:

    Fatal error: Call to undefined function: bb_block_count() in /home/whatsbruin/www/www/wordpress/wp-content/themes/whatsbruin-standard/footer.php on line 21

  5. You can also use the /my-hacks.php file (but enable it in your WP Options » Miscellaneous page); that’s what it is for — little miscellaneous hacks which are too small or varied for a plugin. They also run faster in /my-hacks.php as well.

Trackbacks

  5. Stop comment spam before it starts by trapping and blocking spambots before they have a chance to post comments. Bad Behavior Stats 1.6 Ajay D’Souza Display number of blocked access attempts by the Bad Behavior Plugin. (Original mysql function by Mark Jaquith ). Go to Options >> BBStats to configure. Batch Categories .91 Stephanie Booth Mass alter the post categories in one go. Requires code tweaking for 1.5+ compatibility. Blank Target Comments