Bab-behavior not behaving?

For a while now I have been running Bad-behavior for a while now and I must admit I have never really noticed a major slow down in the number of spam registrations/entries. This is primarily because it is blindingly easy to fix whatever issue the plugin might find with your headers.

It does use some third party website like the project honeypot, but those has the down side of slowing this website at every page load.

I need to refine it to only check on certain pages, (like comments and signup), while having it turned off for other pages. I mean, realistically I couldn't care less if a spammer is reading the front page, (as long as they don't do anything else naughty).

So, I have turned it off for a while, this will help me to check 2 things.

- First how much faster is the site, (if at all!), and how much more spam I get. We, (the bots and I :)), are currently disabling no less than 500 to 1000 accounts a day!, so if the numbers get much higher than that then I will know that bad-behavior was helping in a way.

- Secondly, I have metrics to check the speed of the site, so I can compare how much faster it will be.

I will leave it like that for a week or so and then compare everything again...

If any of you have some kind of experience with Bad-behavior, (or if you know how to fine tune it to work faster/smoother/better).

07h45 - 8/13/2011 - comments {2} - post comment

Weathering the spam storm

Just a quick note to let you know that we have been under a larger than usual spam attack over the last 2-3 days.
The spam bot is still doing its job, (and doing it rather well I think ), but it is taking a bit longer than usual, (only because of the volume of spam).

So please bear with me, (and the bot), for a few days, I am sure they will move on as soon as they realise that their garbage is not allowed to remain here. I will probably remove all 'new' weblog from the frontpage, just to make sure that they won't pollute the site any more than they do already.

Also remember to report any weblog that you feel is not appropriate or if it should be removed. A vast amount of older weblogs are not flagged as spam simply because the spam bot is still running in ‘cautious’ mode, (as some of you are all too aware).

06h50 - 7/14/2011 - comments {0} - post comment

Ruthless Spam checking bot

08h59 - 12/8/2010 - comments {0} - post comment

Google Gmail is for spammers only

21h13 - 7/11/2009 - comments {2} - post comment

is GMail only for spammers?

06h58 - 11/22/2008 - comments {4} - post comment

Turned bad-behavior back on

I had to turn the bad behavior plugin back on, (it has been off for 6 months now), as some moron does not seem to get the point.
I have deleted around 70 spam blogs, (I must admit, it took me about 10 seconds to do them all), but he/she is not giving up.
So I have tightened some of the site restrictions a bit to block access to the the site.

One of his little friend has also been testing the site security so I thought it would be a good time to raise the fence a little.

This is not a foolproof method but as our friend seems to be an amateur, so I don't think I need to take drastic actions just yet.

I never really understood the point of what they are doing, advertisers are not fooled, like any good blog host we are not fooled, google/yahoo are not fooled, so what is the point?

Anyways ... what this really means to 99% of you, is that you should not notice anything different.

But, as always, let me know if you have any problems.

And, remember, report any blog you think is dubious, I look into all the requests that are sent... and take appropriate actions :)

F.

10h26 - 11/15/2008 - comments {0} - post comment

Now protecting all the email addresses.

As  some of you know, it is possible to actually have your email address on your templates, (the flag <m;ail%>), but unfortunately this was been abused by some unscrupulous bots that go around harvesting those email addresses.
It was also a problem for the profile page, (mine for example would should you my email address).
But now I have added a protection for all email addresses, I am using a captcha from http://www.captcha.net/.

As JournalHome is getting busier and busier, (slowly but surely), I am having to spend a lot of my time dealing with various abuses like email harvesting. I think no one will really mind this small change as it should mean a lot less spam. And also, for the life of me I cannot see why anyone would want to leave their email addresses unprotected.

So now in your email links, (on your templates), simply put a normal link and I will replace it with something a lot stronger.

06h47 - 8/31/2007 - comments {1} - post comment

Turned strong Captcha on.

 As some of you might have noticed we have all been receiving a fair amount of spam lately. So I had to turn the more stringent captcha that should hopefully make our friendly spammers life a lot more difficult.

I will leave it turned on for the next few days until they move on. I do understand that it is not nice to have to enter such complex images/text but in the long run you will agree that it is for the better. 

I am going around deleting most of the obvious spam comments but there will still be one or two left to delete.

Let me know if you come across any problems or if you think I should protect any other pages.

On slightly separate note, the statistics page has been turned back on and is counting everything as usual again. Sadly this means that the stats for the last few days are off a little, (especially yesterday and parts of today). Everything should be 100% by tomorrow GMT.

FFMG

12h19 - 8/29/2007 - comments {0} - post comment

Disabled the stats page for a short while.

Hi,

Someone, (or something), is trying to get be clever with the statistic page so I have disabled it for now.

All the stats are still been recorded as expected, we are still counting everything as per normal. I only disabled the page that displays the stats until they get tired of hitting it.

FFMG

21h50 - 8/23/2007 - comments {2} - post comment

Stopping bad behavior

As you know, I am always on the lookout for ways of securing your blogs, (and the whole site as well), and preventing comment/trackback spam from happening.

I found a great site, http://www.bad-behavior.ioerror.us/, that offers a great script to monitor spammers bad behaviors. I had to make some small changes to their script so it works on the whole site.
Robots that are blocked are taken to a page telling them what the problem might have been, (just in case they feel that it is not fair).

As you can see on the stats menu, (menu on the left hand site), a few bad guys have already been stopped. Time will tell how well the system will work.

For the time been those few bots been blocked are still included in the stats, but I will remove them in a while, (but I don't think that it will make much difference to the overall numbers really).

As always, let me know if you see something odd.

FFMG

12h02 - 7/30/2007 - comments {0} - post comment

Closing down the hatch

I have had to increase the security a little bit as some wise guy found a loophole in the system.

I hope this does not affect anybody, and if it does please let me know and I will find a way around it.

On a lighter note, I have upgraded the account of 20 users; they can now edit their own templates, (and to answer the question I was asked, yes, it is free ).

And another reminder about the newsletter, you can opt-out of it at any time, (in your profile).

I am still waiting for some entries for a 'featured' blog, don’t make me choose one!.

FFMG

10h54 - 3/9/2007 - comments {2} - post comment

The ever growing list of banned emails addresses...

I have updated the list of banned email addresses.

Lately some robot has been creating numerous accounts and creating 10 posts, (in the hope that I would then allow editing of their templates). For the record, this process is manual, so adding 10 entries does not mean that you can edit your template :)

The list now has about 300 servers that are banned.

If you think that I added an account incorrectly or that someone else should added to the list please let me know.

The full list is on the forum.

http://www.journalhome.com/forum/viewtopic.php?t=152

Thanks

FFMG

10h24 - 12/17/2006 - comments {3} - post comment

Report a naughty blog.

I have added the option to report a blog.

So if you see a weblog with questionable content, (illegal or whatever), then you can just fill in the form and report it. I will then look into it right away, (well as soon as I can really).

This will help me to make sure that JournalHome remain free of illegal activities, because lets face it, I cannot be everywhere.

As you can see all the blogs with the toolbar will have that option but you can report any blog, all you need to do is fill in more details.

The link to report a blog is http://www.journalhome.com/report.php

Please let me know if you see anything wrong or if you think that I missed an option.

As an aside, been reported does not mean that I will automatically close/remove the blog, if you don't like something that was written then it is tough cookie, I will only close sites that are blatantly spamming JournalHome or that can potentially hurt our servers, (and of course if I am told to do so by a Judge in the jurisdiction of the servers).

FFMG

13h46 - 11/13/2006 - comments {0} - post comment

Keeping the bad guys away

If every hour a burglar turned up at your house and rattled the locks on the doors and windows to see if he could get in, you might consider moving to a safer neighbourhood.

I was looking at a very interesting article on the BBCwebsite about the way hackers operate.

As some of you might know it is a constant battle to keepmost hackers away from your blogs. The irony is that I am having to learn sometricks that were most definitely not taught at university :).

Anyway the folks at the BBC set-up some form of trap, youcan read the whole article here. http://news.bbc.co.uk/2/hi/technology/5414502.stm

To cut a long story short this article tells you howimportant it is to protect your computer, make sure that you have the latestsecurity software installed.

It is also very important to have a firewall installed; youwill be amazed to know how many of you are running unprotected computers.

If you have any questions, feel free to ask me and I will behappy to help you.

FFMG

16h37 - 10/9/2006 - comments {0} - post comment

JournalHome.com has created this blog for the purpose of keeping members and visitors up to date with JournalHome.com site information.
The easiest way to stay up to date is by using the RSS/XML feed.
Place this URL within your rss aggregator and it will automatically update itself whenever a new journal entry is published.