Way back in the dark ages (well, 2007), Paul Burdick wrote an extension to use Bad Behavior spam blocking on an Expression Engine website. Since then, many things have happened—Expression Engine 2 was released, I got married and moved to Oregon—and many things have not—the apocalypse, an EE2 version of Bad Behavior. I decided it was high time to remedy that last item.
I have been using Low’s excellent NoSpam add-on for years and still recommend it highly. However, it has it’s limitations. The biggest issue for me is that it does not block spam submissions to SAEF forms. Additionally, it doesn’t do its filtering until after the form is submitted, meaning that all that spam traffic is putting additional load on your poor server.
Bad Behavior is an open-source script that has been around for a long time and is well-respected. It works differently than Akismet or other popular anti-spam scripts, in that it prevents spammers from accessing your website at all. The Bad Behavior script runs at the beginning of page load and checks a variety of data about the request to identify spammers. If it decides a particular request is suspicious, it immediately stops Expression Engine from processing the rest of the page and displays a simple error message. As a general rule, Bad Behavior attempts to never block legitimate users, even if that means the occasional spammer does get through. Therefore, you may want to run Low NoSpam or another comment-spam filter as a second line of defense.
Generally, you can just upload and activate the extension to be protected. There are settings you can tweak to fine-tune the way Bad Behavior works, but doing so is not necessary. Optionally, it will also check requests against Project Honey Pot’s http:BL, a blacklist of known spammers. To use that feature, you will need to sign up for an API key and enter it on the extension settings page.
The settings page also displays detailed logs for the past week (which is as long as Bad Behavior stores log data). This can be useful in resolving false-positives.
Installation
Download and unzip the extension. Upload the “vz_bad_behavior” folder to your /system/expression_engine/third_party/ folder. Finally, enable the extension in your control panel. You can change some settings if you want, but there is usually no need to.
Visit the VZ Bad Behavior repo on GitHub
P.S. If you appreciate the decrease in spam you see after installing this extension, don’t thank me. It only took me a couple hours to put this together. Thank Michael Hampton, the developer of the Bad Behavior library. Even better: make a donation to support its development.
Comments:
Ibn Saeed on June 8, 2011 at 6:49pm#1
Hello
I have one question, will this work with Safecracker ?
http://expressionengine.com/downloads/details/safecracker/
EliVZ on June 8, 2011 at 6:53pm#2
Bad Behavior works before Expression Engine starts generating the page, so spammers won’t be able to see your website at all. So it keeps them from spamming SafeCracker, FreeForm, EE contact forms, etc.
Michael Fraase on June 9, 2011 at 9:20pm#3
Installed the extension and enabled it. Appears to be working. Added the Project Honeypot API key and received the following errors:
A PHP Error was encountered
Severity: Notice
Message: Undefined index: log_table
Filename: vz_bad_behavior/ext.vz_bad_behavior.php
Line Number: 96
A Database Error Occurred
Error Number: 1064
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘WHERE `key` NOT LIKE ‘00000000’’ at line 1
SELECT * FROM WHERE `key` NOT LIKE ‘00000000’
Filename: third_party/vz_bad_behavior/ext.vz_bad_behavior.php
Line Number: 96
EliVZ on June 10, 2011 at 1:48am#4
Michael- Sorry about that. I just uploaded a new version to GitHub that should fix the bug. You might need to disable and re-enable the extension for it to take effect.
Mark Collins on August 18, 2011 at 8:04pm#5
Thank you kindly sir :)
Christian Engelhardt on December 14, 2011 at 1:08am#6
Is it possible to exclude a post address? We are running an extension using a post address /index.php/?ACT=31 to post back variables. The posting app is hosted on a different IP and my variables get never posted with your extension. It does do a good job preventing spam…
EliVZ on December 14, 2011 at 1:25am#7
Christian,
Do you have the “Allow off-site posting to forms” box checked in settings? By default, direct posting from other IPs is disabled, as that is how most comment spam is generated, but checking that box should enable it. Let me know if you already have that set and it still isn’t working.
Paul Hachmang on November 3, 2012 at 2:21pm#8
Hi There,
I’m having trouble blocking spam on our website, installed reCAPTCHA, Honeypot EE plugin, This one, Added the http:BL key, but spam messages are still coming in and since we are unable to block them through the email we have to log in to the admin panel and block them there, which is a lot of work.
Have any solution perhaps?
Tobin Rogers on December 14, 2012 at 6:41am#9
I’m also running into a ton of spam on a couple of sites. Does this work in a MojoMotor form? If so, how would I properly install it? Thanks for any help.
Eli Van Zoeren on December 14, 2012 at 7:14pm#10
Tobin- No, MojoMotor requires a different extension format than ExpressionEngine. I’m sure Bad Behavior could be adapted to it, but as far as I know it hasn’t been done so far.
Tobin Rogers on December 15, 2012 at 6:44am#11
Thanks, Eli. Do you know of any other possibilities for MojoMotor? I’m currently regretting the decision of using it.
EliVZ on December 16, 2012 at 12:48am#12
Do you mean other possibilities for spam-blocking on MojoMotor? No, I have never used MM and don’t know what is available for it. Sorry. Or it you mean another possibility for a CMS to use instead, I would suggest you take a look at Statamic. That’s what I’ve been using recently for small projects and it’s quite nice.
saddas on February 2, 2013 at 8:26pm#13
asdddddddddddddd
erik on June 6, 2013 at 3:04pm#14
I’m using EE 2.3.1, I put vz_bad_behavior into ../system/expressionengine/third_party and it’s not showing up in the extensions panel so I can’t enable it. Do I need to upgrade my EE version or what’s going on?
EliVZ on June 7, 2013 at 10:09am#15
Did you upload the folder *inside* the download? You might have uploaded the outside folder (with README) in it, which would keep EE from seeing it.