Testing out Bad Behavior 2 extension for EE.

Paul Burdick, super amazing programmer and CTO of pMachine makers of ExpressionEngine, has just released an extension for EE that allows us to make use of the much ballyhooed Bad Behavior 2 anti-comment/trackback spam system that was originally developed for WordPress. So, being the popular target of spammers that we tend to be I figured I’d toss it in the system and see what happens.

This means two things: First, I’ve disabled the blacklist module to see how good this new system is. Second, I’ve turned trackbacks back on for SEB (but not the other blogs) as BB2 is supposed to be pretty good at filtering our trackback spam as well as comment/referrer spam.

So if you happen to notice anything funky happening such as you’re suddenly unable to post comments then drop me a note and let me know. If it’s as effective for EE as it appears to be for WordPress and MediaWiki then I’ll leave trackbacks on and be a happy camper. If you want to help test it on your EE site then be sure to go post a comment in the thread on the forums and give Paul any feedback you come up with. Here goes nothing.

19 thoughts on “Testing out Bad Behavior 2 extension for EE.

  1. I’m getting a 403 Forbidden error when I try to trackback you 🙁

    I’m using an older version of Bad Behaviour in generic mode on my site – seems to work well. No complaints from users and my referer spam has divebombed.

  2. I’m running BB2 on a few of my Drupal sites. Unless I hardcode exceptions for users of certain proxies, they are plain out of luck…

  3. OK, trackback errors were due to the ReWrite rule Elwed put into the .htaccess file to block trackback attempts. I forgot about that. I’ve commented it out so it should be working now. Doh!

  4. So it looks like BB2 isn’t very good at blocking trackback spam, Les. I got a bunch within minutes of enabling my trackbacks.

  5. I got a bunch within minutes of enabling my trackbacks.

    I got one within 10 minutes of removing the ReWrite rule in the .htaccess file and there’s been a few more over the evening hours, though nothing on the scale of what it was previously. All told only 5 trackback spams total since turning them back on. Usually I’d end up with 150 to 200 when one of them got past the Blacklist. It’s rather odd, though, that ***Dave and Neil are still getting forbidden errors.

    I’m not currently using the “strict” option on the extension so only getting 5 spams isn’t too bad and I could live with having to clean those up on occasion to have the benefit of allowing trackbacks once more. Now if I can only figure out why legitimate trackbacks are failing.

  6. We’ve gotten another 5 or so trackback spams since i wrote that last reply so I’ve turned on the “strict” option to see if it makes a difference. This means that some folks who are going through a proxy (some ISPs, corporate environments, and anonymizers) might have problems commenting. Again, drop me an email if that ends up being the case.

  7. I’ve turned trackbacks off once again. While the spam that was coming in never hit anything close to the deluge we’ve had in the past—it was mostly one or two spams every hour or so—it was consistent enough to make it annoying.

    Not sure how to judge the extension at this point. It seems like it kept trackback spam to a minimum, but wasn’t able to eliminate it altogether and, unlike the Blacklist, it has no way of adding new spammers to it’s blocking system. In combination with the blacklist it would probably be pretty effective, but the idea was to eliminate the need to maintain a huge blacklist (and SEB’s is quite huge).

    No comment spam to speak of, but that’s never been a big problem with EE so that’s not a surprise.

  8. The template? You mean the layout? That would be me. Though the modified images I’ve been using for Halloween weren’t done by me, I believe those were whipped up by SEB regular Beau Tochs.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.