Bad Behavior 2.0.27
June 10th, 2009 by Michael Hampton
Bad Behavior 2.0.27 has been released. It is a maintenance release and is recommended for all users.
MediaWiki and WordPress users who have not updated in the last year or so should take note of special upgrade instructions below.
Who should upgrade?
All users should upgrade to take advantage of improved spam detection. Users who have an IPv6-enabled web site should upgrade to resolve problems relating to resolution of IPv6 addresses.
What’s new?
New in this release (since 2.0.26):
- A particularly nasty trackback spammer advertising various drugs has been blocked in this release.
- A check for a certain type of referrer spam had been broken and has been fixed.
- Bad Behavior attempted to pass IPv6 addresses, in an incorrect format, to blacklists which are not themselves ready to handle IPv6 addresses. On Mac OS X, this also caused users on localhost to be blocked, since it uses the IPv6 address for localhost, even without another IPv6 network connection. A workaround was placed in version 2.0.26 to disable checking IPv6 addresses until the various blacklists are able to accept IPv6 addresses. The workaround was not coded correctly and has been corrected in this release.
- A harmless PHP notice has been suppressed.
Support
With the economy the way it is, I’ve had to spend the past few months on projects which pay the bills, with Bad Behavior on the back burner. If Bad Behavior has helped you, please make a financial contribution toward further development. Your contribution ensures that I can prioritize Bad Behavior development and make more frequent and timely releases.
Download
Special Upgrade Instructions
Users of MediaWiki and WordPress upgrading from version 2.0.20 or earlier should follow these special directions (from 2.0.21 or later, upgrade normally):
For MediaWiki: Before installing this version of Bad Behavior, manually remove (e.g. using FTP or ssh) any old versions you may have, including the lines added to LocalSettings.php. Then install the new version fresh, following the installation instructions for MediaWiki.
For WordPress: If updating to this version through the automatic updater fails, manually remove (e.g. using FTP or ssh) any old versions you may have installed. Then upload and install the new version fresh, following the installation instructions for WordPress. After doing so, future automatic updates should proceed normally.
For other platforms: No changes to your upgrade procedures should be necessary.
Jonathan Lundell Says
There’s a typo in core.inc.php. Line 114 should have delimiters in the search pattern, thus:
$_SERVER['REMOTE_ADDR'] = preg_replace(“/^::ffff:/”, “”, $_SERVER['REMOTE_ADDR']);
Jun 10th, 2009 at 10:53 pm
Palma | Buddha Trance Says
I got errors after upgrading, but correcting the typo as indicated above by Jonathan, made it work. Thank you for this great plugin!
Jun 10th, 2009 at 11:24 pm
B W Says
I tried the fix above, but I’m still getting an error message:
Warning: preg_replace() [function.preg-replace]: No ending delimiter ‘^’ found in /hsphere/local/home/bcwalker/carolinashealthcarelaw.com/blog/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php on line 114
Jun 11th, 2009 at 1:00 am
Jason Says
Same error B W reports.
Jun 11th, 2009 at 1:26 am
Holly Says
Getting the following errors. I changed my actual username to “username” cause I felt like it.
Warning: preg_replace() [function.preg-replace]: No ending delimiter ‘^’ found in /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php on line 114
Warning: Cannot modify header information – headers already sent by (output started at /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php:114) in /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/screener.inc.php on line 8
Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent (output started at /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php:114) in /home/username/public_html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121
Jun 11th, 2009 at 1:52 am
David P. Says
Huge error message with new update!
Warning: Cannot modify header information – headers already sent by (output started at /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php:114) in /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/screener.inc.php on line 8
Warning: session_start() [function.session-start]: Cannot send session cache limiter – headers already sent (output started at /home/username/public_html/wp-content/plugins/bad-behavior/bad-behavior/core.inc.php:114) in /home/username/public_html/wp-content/plugins/wordpress-automatic-upgrade/wordpress-automatic-upgrade.php on line 121
Jun 11th, 2009 at 2:44 am
TerminalDigit Says
Jonathan Lundell’s fix worked for me. Thanks.
Jun 11th, 2009 at 2:53 am
Michael Hampton Says
Thanks for the reports, everyone. I’ll get a fixed package out shortly.
Jun 11th, 2009 at 3:28 am
Jonathan Lundell Says
The fix should work. If it doesn’t, double-check your work.
If you paste my fix into your file, check the quotes; the comment system here decided to make the quotes smart, and that will never do. You’re just adding a slash as the first and last characters of the first string.
I’ll see if I can persuade the comment system to do a pre:
$_SERVER['REMOTE_ADDR'] = preg_replace(”/^::ffff:/”, “”, $_SERVER['REMOTE_ADDR']);
If you don’t succeed, be patient; I’m sure we’ll see a 2.0.28 or equivalent shortly.
Jun 11th, 2009 at 3:33 am
Jonathan Lundell Says
Ships in the night….
Jun 11th, 2009 at 3:33 am
Michael Hampton Says
A 2.0.28 tagged version is now in the repository and should be showing up for update within 15 minutes. I’ll make an official post soon.
Jun 11th, 2009 at 3:39 am