A couple of days I added Bad Behavior to a few pages on this site. It’s a set of PHP scripts that can be used to block evil bots from your site, such as those which harvest email addresses or send trackback, comment and referral spam.
If you’re using WordPress, or a variety of other PHP-based content management tools, installing Bad Behaviour is very simple, and it can work to its full effect. Unfortunately it doesn’t have full support for Movable Type, so though you can get it working you can’t take full advantage of all of its features.
If you want to get it working in an MT installation, here’s how to do it:
First of all, ensure that your files are being output as PHP documents – consult the MT manual or Google for instructions about this. Upload the Bad Behavior files somewhere, then, in each template, except those on the System and Modules tabs, add this code at the very top of each:
<?php require_once("/path/to/bad-behavior/bad-behavior-generic.php"); ?>
Replace ‘/path/to/bad-behavior/’ with the path to where you uploaded Bad Behavior. Once you’ve modified your templates, rebuild.
You’ll be pleased to know this is much easier. Upload Bad Behavior somewhere, and then paste the above code into the very top of the ‘Dynamic Site Bootstrapper’ template – you don’t need to do each template individually (unless you have a mix of statically and dynamically published files, in which case you will have to do it for all the statically published files).
So far, Bad Behavior has blocked 80 bot accesses – it returns a HTTP 412, or ‘Precondition Failed’ failed error to the client if it has blocked it. I certainly haven’t noticed as much referral spam lately.