WordPress.org

Support

Support » Plugins and Hacks » Bad Behavior WPMU updated

Bad Behavior WPMU updated

Viewing 12 replies - 1 through 12 (of 12 total)
  • Ovidiu
    Participant

    @ovidiu

    thanks!

    Ovidiu
    Participant

    @ovidiu

    hey trey, I tried to leave a comment on your website asking if you have a newer version seeing that BB is at 2.2.1 right now but it seems as if my comment didn’t go through…

    Hm strange that the comment didn’t go through. Never saw one for approval and didn’t see it blocked by Akismet.

    In the next few days I’ll have the updated version out.

    – Trey

    Ovidiu
    Participant

    @ovidiu

    it was very strange – comment went through, then it disapeared and I saw: “-1 Comments” !?

    Tried refreshing but it didn’t help.
    Anyway, thanks for keeping this plugin updated.

    Try leaving another comment and making note of the exact time. That concerns me that it may be keeping others from commenting.

    Thanks
    – Trey

    Ovidiu
    Participant

    @ovidiu

    Sure, check this out: http://screencast.com/t/QQEApoqOp
    And after pressing the post comment button this happens: http://screencast.com/t/UirdQKzIj

    time: a few seconds before the timp stamp of this post 😉

    I’ve uploaded bad-behavior-wpmu-2.2.2 , see here, http://itscblog.tamu.edu/bad-behavior-wpmu-2-2-2-released/

    – Trey

    Ovidiu
    Participant

    @ovidiu

    thanks 🙂

    Ovidiu
    Participant

    @ovidiu

    oh, sorry forgot to ask: did you chat with the guy managing BB? Is there a chance he’ll integrate your multi-site changes into the main version?

    Ovidiu
    Participant

    @ovidiu

    hm, just realized the multi-site issues are listed under the known errors page: http://bad-behavior.ioerror.us/documentation/known-issues/

    Ovidiu
    Participant

    @ovidiu

    found an IP range that needs whitelisting but my comment on BB author’s page is awaiting moderation so I’ll post it here too:

    I think I have found a legitimate service in need of whitelisting.
    My BB log shows 29 similar entries:

    209.85.224.95
    iy-in-f95.1e100.net
    
    2012-02-28 15:47:57
    
    IP address found on http:BL blacklist 
    
    http:BL:
    Suspicious
    Comment Spammer
    Threat level 40
    Age 15 days
    
    POST /?pushpress=hub HTTP/1.1
    User-Agent: AppEngine-Google; (+http://code.google.com/appengine; appid: pshb-service)
    Host: sarcasticu.zice.ro
    Accept-Encoding: gzip
    Connection: close
    
    hub_verify: sync
    hub_topic: http://sarcasticu.zice.ro/wp-cron.php?doing_wp_cron=1330439523
    hub_callback: https://pshb-service.appspot.com/subscriber/492035eb08333b9418be0029c4409b8a7851be67
    hub_mode: subscribe
    hub_verify_token: fa235e7f55db84060d678216fae55e3ebbc76385
    hub_secret: 0yBpHASAtS1kn2Rj1bVdYY--d2vOZevzUHul0xeXjA-ls2PCZLrVHzNcy2YiDkNMdDvqRzfjHTt-oCD4gP33WOM0HvklCcwjEbRgRK7HH4mb83tRJQlmLxPUZ5Ex1rvX

    Now I know it http:BL: lists this IP as suspicious but a whois returns:

    NetRange:       209.85.128.0 - 209.85.255.255
    CIDR:           209.85.128.0/17
    OriginAS:
    NetName:        GOOGLE
    NetHandle:      NET-209-85-128-0-1
    Parent:         NET-209-0-0-0-0
    NetType:        Direct Allocation
    RegDate:        2006-01-13
    Updated:        2012-02-24
    Ref:            http://whois.arin.net/rest/net/NET-209-85-128-0-1
    
    OrgName:        Google Inc.
    OrgId:          GOGL
    Address:        1600 Amphitheatre Parkway
    City:           Mountain View
    StateProv:      CA
    PostalCode:     94043
    Country:        US
    RegDate:        2000-03-30
    Updated:        2011-09-24
    Ref:            http://whois.arin.net/rest/org/GOGL

    So it seems to be indeed a legitimate Google service. For now I have white-listed this IP range but would you please look into this?

    Ovidiu
    Participant

    @ovidiu

    Got an answer from the plugin author. Will post it here so he doesn’t need to respond all over the place:

    Ovidiu, this block is due to your subscription to Project Honey Pot.

    The root cause is that spammers are using Google App Engine to deliver spam, and so legitimate services which also use Google App Engine are affected.

    To which I answered:

    Ah, I understand. I was just worried because this request looked like a perfectly legitimate request.

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Bad Behavior WPMU updated’ is closed to new replies.