On Tuesday 14 October 2008 13:11, csnyder wrote: > Just looked at Bad Behavior, and it looks like an excellent tool to > add to the kit. >
hey. that looks interesting too. But it sounds http://www.bad-behavior.ioerror.us/documentation/how-it-works/ like it is just looking at HTTP headers? if you are running Apache is maybe better handled by mod_security http://www.onlamp.com/pub/a/apache/2003/11/26/mod_security.html which does that and a whole lot more, with less overhead because it never gets to the request processing phase. If you are a hosting provider and have untrusted web apps running on it, it has to be recommended. It will deny not only spam bots but most w0rms and brute force attacks (false positives being a problem here as well though) OTOH if you don't have root, then BB would be a good line of defense. > But really, how primitive are your spamming bots if they can't deliver > a plausible set of HTTP headers? most of them are very stupid and have "Perl/LWP" in the User-Agent header for instance. They are no more advanced than they have to be. Sam _______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
