hey trey, I tried to leave a comment on your website asking if you have a newer version seeing that BB is at 2.2.1 right now but it seems as if my comment didn’t go through…
Hm strange that the comment didn’t go through. Never saw one for approval and didn’t see it blocked by Akismet.
In the next few days I’ll have the updated version out.
– Trey
it was very strange – comment went through, then it disapeared and I saw: “-1 Comments” !?
Tried refreshing but it didn’t help.
Anyway, thanks for keeping this plugin updated.
Try leaving another comment and making note of the exact time. That concerns me that it may be keeping others from commenting.
Thanks
– Trey
Sure, check this out: http://screencast.com/t/QQEApoqOp
And after pressing the post comment button this happens: http://screencast.com/t/UirdQKzIj
time: a few seconds before the timp stamp of this post 😉
oh, sorry forgot to ask: did you chat with the guy managing BB? Is there a chance he’ll integrate your multi-site changes into the main version?
hm, just realized the multi-site issues are listed under the known errors page: http://bad-behavior.ioerror.us/documentation/known-issues/
found an IP range that needs whitelisting but my comment on BB author’s page is awaiting moderation so I’ll post it here too:
I think I have found a legitimate service in need of whitelisting.
My BB log shows 29 similar entries:
209.85.224.95
iy-in-f95.1e100.net
2012-02-28 15:47:57
IP address found on http:BL blacklist
http:BL:
Suspicious
Comment Spammer
Threat level 40
Age 15 days
POST /?pushpress=hub HTTP/1.1
User-Agent: AppEngine-Google; (+http://code.google.com/appengine; appid: pshb-service)
Host: sarcasticu.zice.ro
Accept-Encoding: gzip
Connection: close
hub_verify: sync
hub_topic: http://sarcasticu.zice.ro/wp-cron.php?doing_wp_cron=1330439523
hub_callback: https://pshb-service.appspot.com/subscriber/492035eb08333b9418be0029c4409b8a7851be67
hub_mode: subscribe
hub_verify_token: fa235e7f55db84060d678216fae55e3ebbc76385
hub_secret: 0yBpHASAtS1kn2Rj1bVdYY--d2vOZevzUHul0xeXjA-ls2PCZLrVHzNcy2YiDkNMdDvqRzfjHTt-oCD4gP33WOM0HvklCcwjEbRgRK7HH4mb83tRJQlmLxPUZ5Ex1rvX
Now I know it http:BL: lists this IP as suspicious but a whois returns:
NetRange: 209.85.128.0 - 209.85.255.255
CIDR: 209.85.128.0/17
OriginAS:
NetName: GOOGLE
NetHandle: NET-209-85-128-0-1
Parent: NET-209-0-0-0-0
NetType: Direct Allocation
RegDate: 2006-01-13
Updated: 2012-02-24
Ref: http://whois.arin.net/rest/net/NET-209-85-128-0-1
OrgName: Google Inc.
OrgId: GOGL
Address: 1600 Amphitheatre Parkway
City: Mountain View
StateProv: CA
PostalCode: 94043
Country: US
RegDate: 2000-03-30
Updated: 2011-09-24
Ref: http://whois.arin.net/rest/org/GOGL
So it seems to be indeed a legitimate Google service. For now I have white-listed this IP range but would you please look into this?
Got an answer from the plugin author. Will post it here so he doesn’t need to respond all over the place:
Ovidiu, this block is due to your subscription to Project Honey Pot.
The root cause is that spammers are using Google App Engine to deliver spam, and so legitimate services which also use Google App Engine are affected.
To which I answered:
Ah, I understand. I was just worried because this request looked like a perfectly legitimate request.
