I recently encountered two issues with BYB that I should bring to your attention.

First: I was using the unrelated "Write Metadata" plugin in order to add the photo metadata in the site to IPTC tags in the image files themselves.  When I did an operation on this, it generated a lot of server activity, and BYB blocked it under its flood protection policies, which broke the operation that I was trying to complete.  This happened despite that flood protection was explicitly turned off.  The way that I worked around this was to turn flood protection on and set the number to like a million billion requests per minute, and that made it work properly.  I have since found the setting to whitelist my own IP address, but this is still a bug.

Second: I am not able to turn the BYB plugin off, which I tried to do in order to get around the flood protection.  When I went to deactivate it, I got an error message, and then when I reloaded the page, it was still active.

Here are my environment details:
Piwigo 16.1.0 Check for upgrade
Installed on 12 July 2024, 1 year 5 months 1 week 5 days ago
Operating system: Linux (container)
PHP: 8.2.29 (Show info) [2025-12-25 15:56:09]
MySQL: 8.0.41-0ubuntu0.22.04.1 [2025-12-25 15:56:09]
Graphics Library: External ImageMagick 6.9.11-60
Cache size 29631.78 Mo   calculated 1 month ago Refresh

Last edited by SchuminWeb (2025-12-26 00:57:12)

SchuminWeb wrote:

I recently encountered two issues with BYB that I should bring to your attention.

First: I was using the unrelated "Write Metadata" plugin in order to add the photo metadata in the site to IPTC tags in the image files themselves.  When I did an operation on this, it generated a lot of server activity, and BYB blocked it under its flood protection policies, which broke the operation that I was trying to complete.  This happened despite that flood protection was explicitly turned off.  The way that I worked around this was to turn flood protection on and set the number to like a million billion requests per minute, and that made it work properly.  I have since found the setting to whitelist my own IP address, but this is still a bug.

Second: I am not able to turn the BYB plugin off, which I tried to do in order to get around the flood protection.  When I went to deactivate it, I got an error message, and then when I reloaded the page, it was still active.

Here are my environment details:
Piwigo 16.1.0 Check for upgrade
Installed on 12 July 2024, 1 year 5 months 1 week 5 days ago
Operating system: Linux (container)
PHP: 8.2.29 (Show info) [2025-12-25 15:56:09]
MySQL: 8.0.41-0ubuntu0.22.04.1 [2025-12-25 15:56:09]
Graphics Library: External ImageMagick 6.9.11-60
Cache size 29631.78 Mo   calculated 1 month ago Refresh

Hi SchuminWeb,

thanks for the detailed report and the environment information.

1) “Write Metadata” triggering a block
“Write Metadata” performs a very intensive batch operation (often via webservice/AJAX calls) and can generate traffic patterns that look like automated scanning or abuse. In that situation, BYB may react and block requests to protect the gallery. This is not a defect in the sense of “Flood OFF doesn’t work”, but rather a side effect of running a high-frequency bulk task.

2) Deactivating BYB shows an error / plugin stays active
This can happen if your current IP ends up in BYB’s temporary ban list during that batch run. Piwigo’s deactivation request is then rejected, and Piwigo only shows a generic “an error occurred” message. You are not locked out of your gallery; the admin area remains accessible. Removing the IP from the ban list (or whitelisting it) immediately restores normal deactivation behavior.

Planned improvement (next update)
To make this smoother for admin/batch workflows, I will adjust BYB so that logged-in admin operations (including bulk tools like metadata writing) are excluded from protection enforcement. That way, these maintenance tasks won’t be interrupted and you won’t run into deactivation issues during such operations.

Best workaround right now: whitelist your own admin IP before running metadata/bulk tools.

Best regards
Olaf (BYB | Block You Bots)

Programming it to ignore logged-in user actions is a good solution. Looking forward to when that update comes down.

I'm not sure, but still want to mention this:

I was sure I disabled the News Ticker under settings, but after automatic upgrade from 2.0.0 to 2.0.1 it was enabled again.

Thanks Olaf for your quick follow-up ;-)

PS .. it would be nice if the Feedback & Bug Report part already contains the correct (Piwigo and BYB) version used by the system. Of course you need to be able to change ... but nice if it already knows from which environment you send this.

(corrected typo)

Last edited by matthys (2025-12-27 16:34:30)

It's true that I noticed that the news ticker had started scrolling from right to left instead of left to right after the update. This is truly outrageous behavior on BYB's part, and I don't know how I can continue to use it after such a lack of respect for the user. (Just kidding: I wanted to say: thanks again to Olaf for his availability.)

Hi Piwigo community,

Quick summary of the most important changes:

- Upgrade-safe settings: Your enabled/disabled options will no longer be overwritten during updates.
- Bot limits: Default limits and saved limits are merged correctly (saved values always win).
- Version issue fixed: The plugin version is now updated correctly in the Piwigo database again.
- Feedback & Bug Report: Prefilled fields work reliably, values are kept on errors, and system details (Piwigo/BYB/PHP/URL) are sent automatically.
- smaller changes and improvements to bot detection have been added

Best regards,
Olaf – BYB | Block You Bots

Last edited by Schneider-Fotografie (2025-12-28 16:57:30)

I have some questions about 2.0.2 as well but maybe I just do not understand.

Under the Whitelist Tab the note says "Aliases are handled automatically etc".
Not sure what this mean. I had bingbot blocked, which I didn't understand why.
So I added this in the User-Agent Whitelist part, so it would not be blocked.
Now, after 2.0.2, I have it twice in the Allowed bot access settings as:
bingbot
Bingbot

Which, or course, are the same.

I also do not understand this setting.
It's under Allowed bot access settings and you can enable it and you can set Daily Limit.
So, does Enable mean allow bot access, or enable Daily Limit, or both?
And why would you allow it (bot access), as the same name is also in the Blocked User-Agents Label under Bot List Tab?

But as I said, maybe I just do not understand (sorry).

Last edited by matthys (2025-12-29 19:26:00)