There is much easier method to add this hack now which I added in August 2009, so before you start with these instructions below, read ALL the posts in this thread first, or jump to the post here:
viewtopic.php?f=7&t=18290&start=30#p67196
-------------------------------------------------------------------------
Read the note above before you start...
I have ported over a php script called Bad Behaviour for use with phpList. It is highly effective at blocking form spam and comment spam.
You can read more about it here:
http://www.bad-behavior.ioerror.us/
If you try it, please post back here with your results (good or bad). If it is as effective as I believe it will be, then I will post a feature request in Mantis to have it included with futur releases.
--------------------------
PORTING GUIDE FOR USING BAD BEHAVIOUR 2 WITH PHPLIST
by Jeff Sherk - May 2008
This guide will help you port Bad Behaviour 2 over for use with phpList.
Please note these versions of each program below that were used for this port and that it was tested on.
phpList v2.10.5 website: http://www.phplist.com/
Bad Behaviour v2.0.16 website: http://www.bad-behavior.ioerror.us/
Although the above versions are the only versions tested, the port is fairly simple, so it should probably work with most versions of either program.
Known issue:
-Database logging is NOT enabled/functioning, which also means there are no stats available. Even if you set the bb2 logging option to 'true', it will just be ignored because I have not setup the functions yet that do the database calls. See the OPTIONAL step at the bottom of the guide for a workaround.
If you are looking for a good free file/text editor to modify and edit your files, I recommend PSPad. Check it out here: http://www.pspad.com/
INSTRUCTIONS
** BEFORE YOU MODIFY ANY FILES, MAKE A COPY OF THE ORIGINAL AND CALL IT SOMETHING LIKE myfile.php.ORIG **
** If you have any problems simply deleted the modified file, and rename myfile.php.ORIG to myfile.php **
(1) DOWNLOAD
Download Bad Behaviour from here:
http://www.bad-behavior.ioerror.us/down ... 2.0.16.zip
(2) UNZIP
Unzip the file.
(3) UPLOAD
Upload the Bad-Behaviour folder and files into your admin directory of your phpList install.
Should end up looking something like this (http://www.yoursite.com/lists/admin/Bad-Behaviour)
(4) MODIFY this file: lists/config/config.php
Find these lines:
- Code: Select all
# notify spam
# when phplist detects a possible spam attack, it can send you a notification about it
# you can check for a while to see if the spam check was correct and if so, set this value
# to 0, if you think the check does it's job correctly.
# it will only send you emails if you have "Does the admin get copies of subscribe, update and unsubscribe messages"
# in the configuration set to true
define('NOTIFY_SPAM',1);
Insert these lines immediately after the above lines:
- Code: Select all
# use Bad Behaviour 2 spam killer
# Bad Behavior is a PHP-based solution for blocking link spam and the robots which deliver it.
# It can block contact form spam, comment spam and (most importantly) newsletter subscription form spam.
# More info here: http://www.bad-behavior.ioerror.us/
# Set this to 0 if you do not want to use this feature
define('USE_BB2',1);
# show debug messages for Bad Behaviour 2 spam killer
# If USE_BB2 is set to 0 then this is not used.
# Set this to 1 if you want to see the debug messages while setting up bb2. Normally this would be set to 0.
# Possible debug messages you will see:
# bb2 not active = USE_BB2 is set to 0
# bb2 enabled = USE_BB2 is set to 1
# insert_head function not defined = If you are viewing a subscribe page and see this message, then
# check the path to bb2-phplist.php and/or make sure the file exists.
# It is normal to see this message when you go to the phpList admin pages.
# insert_head function exists = This means that the function is defined and that it should be working correctly.
# Go to View Source Code in your browser window, and you should see
# the bb2 javascrpt functions that were added to the source code.
define('BB2_DEBUG',0);
# send an email whenever spam is killed by Bad Behaviour 2
# If USE_BB2 is set to 0 then this is not used.
# This is an alternative to logging. If database logging is not available or not setup, then there is no
# way to know if bb2 is actually doing anything (unless you notice a significant drop in spam received).
# Set this to 1 and it will send you an email everytime bb2 kills some spam.
# This is good for testing bb2 to see how effective it is, but if you get a lot of spam you may want to
# turn this off. Set this to 0 if you do not want to receive an email everytime bb2 kills some spam.
define('BB2_SEND_EMAIL',1);
(5) MODIFY this file: lists/index.php
Find these lines:
- Code: Select all
require_once dirname(__FILE__).'/admin/'.$GLOBALS["database_module"];
require_once dirname(__FILE__)."/texts/english.inc";
include_once dirname(__FILE__)."/texts/".$GLOBALS["language_module"];
require_once dirname(__FILE__)."/admin/defaultconfig.inc";
require_once dirname(__FILE__).'/admin/connect.php';
include_once dirname(__FILE__)."/admin/languages.php";
include_once dirname(__FILE__)."/admin/lib.php";
$I18N= new phplist_I18N();
Insert these lines immediately after the above lines:
- Code: Select all
//MOD Bad Behaviour spam killer
if (USE_BB2) {
if (BB2_DEBUG) {
echo "bb2 enabled";
}
require_once dirname(__FILE__) .'/admin/Bad-Behavior/bb2-phplist.php';
} else {
if (BB2_DEBUG) {
echo "bb2 not active";
}
}
//end MOD
(6) MODIFY this file: lists/admin/pagetop.php
Find these lines:
- Code: Select all
<meta name="Author" content="Michiel Dethmers - http://www.phplist.com" />
<meta name="Copyright" content="Michiel Dethmers, Tincan Ltd - http://tincan.co.uk" />
<meta name="Powered-By" content="phplist version <?php echo VERSION?>" />
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $strCharSet?>" />
Insert these lines immediately after the above lines:
- Code: Select all
<!-- MOD Bad Behaviour spam killer -->
<?php
if (function_exists('bb2_insert_head')) {
if (BB2_DEBUG) {
echo ' - insert_head function exists ';
}
bb2_insert_head();
} else {
if (BB2_DEBUG) {
echo ' - insert_head function not defined ';
}
}
?>
<!-- end MOD -->
(7)
COPY this file: lists/admin/Bad-Behaviour/bad-behaviour-generic.php
TO this file: lists/admin/Bad-Behaviour/bb2-phplist.php
(8) MODIFY this file: lists/admin/Bad-Behaviour/bb2-phplist.php
Find this line:
- Code: Select all
return "badbots@ioerror.us"; // You need to change this.
Change the 'badbots@ioerror.us' email address to your email address, something like this:
- Code: Select all
return "myemail@mysite.com"; // You need to change this.
(9) OPTIONAL STEP - This is not required, but since database logging is currently
not working, this will cause bb2 to send you an email when it kills spam, so
that you know it's actually doing something! Although, you will also know that
it's doing something if you see a reduction in the amount of spam you recieve!
MODIFY this file: lists/admin/Bad-Behaviour/bad-behaviour/banned.inc.php
Find these two consecutive lines at the very end of the bb2_display_denial function:
- Code: Select all
<?php
}
Insert the following lines IN BETWEEN the above two lines. Meaning, put the following code after the '<?php' but before the '}':
- Code: Select all
//MOD Bad Behaviour spam killer- Sends you an email when Bad Behaviour kills some spam
if (BB2_SEND_EMAIL) {
$mailmessage = "Bad Behaviour has blocked some spam from phpList.\n";
$mailmessage .= " Support key: ".$support_key."\n";
$mailmessage .= " Error ".$response['response']."\n";
$mailmessage .= " for ".htmlspecialchars($_SERVER['REQUEST_URI'])."\n";
$mailmessage .= " Explanation: ".$response['explanation']."\n";
$mailmessage .= " Logged as: ".$response['log']."\n";
$mailmessageto = bb2_email();
mail($mailmessageto,'phpList- bb2 killed some spam',$mailmessage);
}
//end MOD
(10) To see if everything is working, you probably want to turn ON the bb2 debug messages.
MODIFY this file: lists/config/config.php
Find this line:
- Code: Select all
define ('BB2_DEBUG',0);
Change the 0 to a 1:
- Code: Select all
define ('BB2_DEBUG',1);
Now open your browser and go to one of your newsletter subscribe pages.
If you have BB2_DEBUG turned on, you should see the words "bb2 enabled - function insert_head exists" in the top left corner of your browser window.
Now try to subscribe to your newsletter and make sure the process completes properly.
If everything seems to be working, then you can turn off the BB2_DEBUG messages by changing the 1 back to a zero:
- Code: Select all
define ('BB2_DEBUG',0);
(11) Now just wait and watch your spam get killed!!![/code]