Skip to:
Content
Pages
Categories
Search
Top
Bottom

Search Results for 'spam'

Viewing 25 results - 1 through 25 (of 2,806 total)
  • Author
    Search Results
  • #191021
    Avatar of danbp
    danbp
    Moderator

    @ryanjhale,

    wp roles and bp capacities are two diffrent things.
    bp_moderate has a specific usage applied to the site admin only. If you read what is written in bp-core-caps.php, you’ll see this comment at line 200

    
     * Temporary implementation of 'bp_moderate' cap.
     *
     * In BuddyPress 1.6, the 'bp_moderate' cap was introduced. In order to
     * enforce that bp_current_user_can( 'bp_moderate' ) always returns true for
     * Administrators, we must manually add the 'bp_moderate' cap to the list of
     * user caps for Admins.
     *
     * Note that this level of enforcement is only necessary in the case of
     * non-Multisite. This is because WordPress automatically assigns every
     * capability - and thus 'bp_moderate' - to Super Admins on a Multisite
     * installation. See {@link WP_User::has_cap()}.
     *
     * This implementation of 'bp_moderate' is temporary, until BuddyPress properly
     * matches caps to roles and stores them in the database. Plugin authors: Do
     * not use this function.

    BuddyPress groups moderators are not authorized to enter the admin dashboard or the group admin on frontend. Group moderators can only delete, move and spam group activities or topics. If the group has a forum, they wil have the same capacities.

    If you want a user to be able to access the admin dashboard, you can give him an editor role (which is a wp role).

    If you want to allow him access to the group admin on the front-end, you promote him to group admin. This setting doesn’t allow that user to enter the site admin. He’s only a group admin (with a wp role of subscriber, by default) and not a site admin (admin or super-admin (MS) ).

    #190961
    Avatar of xprt007
    xprt007
    Participant

    Hi

    The index.php file is clean, …

    I used the plugin “Change DB Prefix” which enables a db prefix table change & in wp-config.php with a click. Good since the db has 175 tables :( … ;), thi sbeing a community site with a number of functions.

    I added BuddyPress-Honeypot, … but does it not matter it seems to have had no changes since 2012?

    I temporarily disabled Wanguard to see if the 2 steps above + existing antispam plugins can handle this. Will then see about the .htaccess issue tomorrow etc.

    Many thanks & kind regards

    #190926
    Avatar of xprt007
    xprt007
    Participant

    Hi

    Thank you for all the responses.

    Well, the issue of spam registrations & comments with the above mentioned plugins in addition to SI CAPTCHA Anti-Spam, Wordfence Security (?), etc had worked for months & was manageable, occasionally getting something in sometimes after weeks. I also blocked all IPs of spammers who would tried to login, etc.

    A few days ago, though I started getting a barrage of bot-registrations + groups with bogus content created. New registrations would come in as soon as I deleted some.

    Since it was late in the night in the middle of a very busy period, I thought someone probably getting similar issues could mention some quick solution I could find the following day.

    It was not my first time in the forum. Some of the above solutions were found through searching the forum, which i agree should be the first step.

    So far – in addition to the above plugins I first added JP User Registration Blacklist, WP-SpamShield and also reluctantly disabled user group creation. (Is there a plugin that enables moderation of user created groups, allowing the moderator to approve user created groups?)

    That stopped the group creation, but spam registrations continued coming. So like recommended above, installed Wanguard, though this being a small site which currently gets in very little income, it is not yet worth paying for it. I hope the free wanguard account can work for a while.
    That since yesterday only let in one or 2 registrations by some criminals, this being one of them – details shown by some plugin:

    Benutzername: clairmcconnan

    E-Mail: synfhongegizi@mail.ru

    Angezeigter Name: Claire McConnan

    Vorname: Claire

    Nachname: McConnan
    ….
    IP Address : 107.181.70.207
    Reverse DNS : 107.181.70.207
    Reverse DNS IP : 107.181.70.207
    Reverse DNS Authenticity : [Possibly Forged]
    Proxy Info : No Proxy
    Proxy Data : 107.181.70.207
    Proxy Status : FALSE
    HTTP_ACCEPT_LANGUAGE : en

    Names & emails suggest they mostly originate from Russia.

    danbp suggested using .htaccess to block Ru-based submissions. I will look into BUT – on an unrelated Drupal-based site, I ever had a much more serious attack, with as many 25,000 attempted login/post attempts a day(!), which were blocked by the Drupal mollom plugin BUT that constantly filled some DB table, probably logging visits/attempts, to several 100MBs a day, causing me problems with the webhost. Source of attacks was Russia, ukraine, China & Poland.

    The only solution that worked was adding literally several 10,000 lines of complete IP(blocks(?)s from those countries I got from some site to the .htaccess that blocked them out. Only that helped.

    Later on, though – months on, the web host removed that .htaccess file, because my site account was supposedly overusing server resources. I am not sure that had anything to do with the IP address lines in the .htaccess file, but the good thing is that a similar attack has not happened again.

    An .htaccess solution that only involves naming a country ( … ^(.*).ru/(.*) …) & not its thousands of IPs would of course be great & preferable, but I will do a search & see. My site does not need a single Russian & so can do without the country.

    Ultimately, for the time being – what I would need is a functioning free solution until the currently small site can pay for itself, later on. This particular site had not had anything similar in over a year, assuming Wanguard cannot be used …

    Anyway, thank you all.

    #190696
    Avatar of danbp
    danbp
    Moderator

    Over 170 topics are tagged with “spam” on this forum.

    http://buddypress.org/support/tag/spam/

    #190694
    Avatar of Hugo
    Hugo
    Moderator

    @xprt007 What else have you tried before asking this question here?

    #1 would have been searching the forum archives for possible solutions from past threads (one of great benefits of forums are ever increasing db of information and help derived from questions & replies)

    #2 would be to check the WP plugin repo searching one something like ‘spam’

    In addition to danbp’s advice try installing Wanguard which seems to do a fairly good job along with perhaps a simple registration submission question – believe something called ‘BP-humanity’ might work.

    btw I edited your topic title to remove ‘urgent help’ that’s not considered an appropriate phrase to enter on subject titles :)

    #190319
    Avatar of danbp
    danbp
    Moderator

    @xprt007,

    my 3 word recommendation: disallow group creation !
    And prevent your users, if they need a group, that they have to ask you to create it for them.

    A good pratice to avoid spam, is to use another table prefix as the default wp_table_name. Bots really like this prefix to rape databases. :evil:

    Aside you can also try to stop some spambots via htaccess.
    Search on the web for more information on how you can do this.

    Here 2 lines you can add to htaccess to block some russian spambots (without any waranty)

    RewriteCond %{HTTP_REFERER}  ^(.*).ru/(.*)
    RewriteRule ^.*$   -   [F]
    #190057
    Avatar of xprt007
    xprt007
    Participant

    Hi

    I am having problem with users mostly from Russia, with outlook, hotmail & gmail accounts permanently remotely creating groups where they post content, without them even being on the site as site counter shows + an increasing number of remote registrations, which of course I delete, but would be better o have them blocked.

    I have spam control (aksimet – free, bad behavior), but it only seems to work for post/page comments.
    Currently so much of these groups being created. How can I stop this?

    Any help would be very much appreciated.

    #189631
    Avatar of henrywright
    henrywright
    Moderator

    The best way to debug this if you’re sure only certain individuals are affected is to find out what’s different about them:

    • What role are they?
    • Are they activated members?
    • Are they marked as a spammer?
    • Do they have any friends?
    • Anything else?

    Some (maybe all) of these won’t be related but with something like this when there isn’t much info to go on, the only way to debug is trial and error.

    #189029
    Avatar of danbp
    danbp
    Moderator

    @donalyza,

    if you use phpmyadmin, you can easily export the 3 tables related to groups from site 1 and import them in site 2. phpMyadmin has natively import/export tools and avoids you to use an extra plugin to generate CSV or sql formated files.

    xxx_bp_groups
    xxx_bp_groups_groupmeta
    xxx_bp_groups_members

    xxx is the prefix you entered during the wp install. By default it is wp, but it is recommended to use another one. Spambots are too much in love with wp_ prefix. You’re warned ! :d

    #188916
    Avatar of bitpath
    bitpath
    Participant

    Hi,
    I am resetting a buddypress site and constantly clean spammers and bloggers out. On the site/members page, I cannot seem to find where the extra members are being listed. It is a multisite, and it seems to be counting members I have deleted. They are not listed but do show up in the (count) of members on that page, leading to an inconsistency between the number of members and those listed.
    I’ve tried cleaning out the user meta, activity and activity meta, ran an optimizer tool as well as the buddypress optimization tools and I can’t seem to see where this count is coming from or how to easily delete out the meta and activity for users no longer members of the site.
    Is there a database script or tool I can use that will delete all meta and activity out for members deleted from the site so it does not cause confusion when somebody else uses those usernames? The site is https://bitpad.net
    thank you!

    Avatar of JJNW
    JJNW
    Participant

    I really really would love to set this page as RANDOM, every page load.

    First, it keeps people from owning first position, and 2nd, it would deter spammers owning the first page and/or top position.

    ANY advise, how to, etc. would be sincerely appreciated.

    THANKS!

    #188834

    In reply to: Activate component

    Avatar of bp-help
    bp-help
    Participant

    @sam01389
    Activate component? Not entirely sure what you mean. A user registers on the site then they are sent an email which may or may not go into that users spam folder depending on the server after which they are instructed to click the activation link in that email. If your users are not receiving this email after registration then you may want to check your servers error logs and report back.

    #188517
    Avatar of john
    john
    Participant

    Comments from non-members are displaying on the front end and I verified it’s still recording activity for guest comments correctly in the DB, but the user’s name and avatar are no longer appearing on the front end on buddypress 2.0.2.

    Plugin hasn’t been updated since last March so I’m not sure if its author has lost interest. I went through the code and don’t know the buddypress core well enough to figure out what’s going on (or rather, what’s not going on).

    Any help would be much appreciated, as I’ve found allowing guest comments and featuring them in the activity feed has helped to increase member signup rates significantly.

    https://wordpress.org/plugins/bp-include-non-member-comments/

    bp-include-non-member-comments.php

    /* Only load the BuddyPress plugin functions if BuddyPress is loaded and initialized. */
    function bp_include_non_member_comments_init() {
    require( dirname( __FILE__ ) . '/bp-include-non-member-comments-bp-functions.php' );

    add_action( 'comment_post', 'bp_blogs_record_nonmember_comment', 8, 2 );

    add_action('wp_set_comment_status', 'bp_blogs_record_nonmember_comment_approved', 8, 2 );
    add_filter( 'bp_activity_content_filter', 'bp_nonmember_comment_content', 10, 4 );
    }
    add_action( 'bp_init', 'bp_include_non_member_comments_init' );

    bp-include-non-member-comments-bp-functions.php

    function bp_blogs_record_nonmember_comment_approved( $comment_id, $comment_status ) {
    if ( $comment_status = 'approve' )
    bp_blogs_record_nonmember_comment( $comment_id, 1 );
    }

    function bp_blogs_record_nonmember_comment( $comment_id, $is_approved ) {
    global $wpdb, $bp;

    if ( !$is_approved )
    return false;

    $comment = get_comment($comment_id);

    if ( empty( $comment ) ) {
    return;
    }

    /* Thanks, Andrius! */
    if ( $comment->comment_approved == 'spam' )
    return false;

    if ( email_exists( $comment->comment_author_email ) )
    return false;

    $comment->post = get_post( $comment->comment_post_ID );

    /* If this is a password protected post, don't record the comment */
    if ( !empty( $post->post_password ) )
    return false;

    if ( (int)get_blog_option( $comment->blog_id, 'blog_public' ) || !bp_core_is_multisite() ) {
    /* Record in activity streams */
    $comment_link = get_permalink( $comment->comment_post_ID ) . '#comment-' . $comment_id;

    $activity_action = sprintf( __( '%s commented on the blog post %s', 'buddypress' ), 'comment_author_url . '">' . $comment->comment_author . '', '' . $comment->post->post_title . '' );

    $activity_content = $comment->comment_content;

    /* Record this in activity streams */
    bp_blogs_record_activity( array(
    'user_id' => false,
    'action' => apply_filters( 'bp_blogs_activity_new_comment_action', $activity_action, $comment, $comment, $comment_link ),
    'content' => apply_filters( 'bp_blogs_activity_new_comment_content', $activity_content, $comment, $comment, $comment_link ),
    'primary_link' => apply_filters( 'bp_blogs_activity_new_comment_primary_link', $comment_link, $comment, $comment ),
    'type' => 'new_blog_comment',
    'item_id' => $wpdb->blogid,
    'secondary_item_id' => $comment_id,
    'recorded_time' => $comment->comment_date_gmt
    ) );
    }

    return $comment;
    }

    /* For BP < 1.2 */
    function bp_blogs_record_nonmember_comment_old( $comment_id, $is_approved ) {
    global $wpdb, $bp;

    if ( !$is_approved )
    return false;

    $comment = get_comment($comment_id);
    $comment->post = get_post( $comment->comment_post_ID );

    /* If this is a password protected post, don't record the comment */
    if ( !empty( $post->post_password ) )
    return false;

    $recorded_comment = new BP_Blogs_Comment;
    $recorded_comment->user_id = $user_id;
    $recorded_comment->blog_id = $wpdb->blogid;
    $recorded_comment->comment_id = $comment_id;
    $recorded_comment->comment_post_id = $comment->comment_post_ID;
    $recorded_comment->date_created = strtotime( $comment->comment_date );

    $recorded_commment_id = $recorded_comment->save();

    bp_blogs_update_blogmeta( $recorded_comment->blog_id, 'last_activity', time() );

    if ( (int)get_blog_option( $recorded_comment->blog_id, 'blog_public' ) ) {
    /* Record in activity streams */
    $comment_link = bp_post_get_permalink( $comment->post, $recorded_comment->blog_id );
    $activity_content = sprintf( __( '%s commented on the blog post %s', 'buddypress' ), 'comment_author_url . '">' . $comment->comment_author . '', 'comment_ID . '">' . $comment->post->post_title . '' );
    $activity_content .= '

    ' . bp_create_excerpt( $comment->comment_content ) . '

    ';

    /* Record this in activity streams */
    bp_blogs_record_activity( array(
    'user_id' => $recorded_comment->user_id,
    'content' => apply_filters( 'bp_blogs_activity_new_comment', $activity_content, comment, recorded_comment, $comment_link ),
    'primary_link' => apply_filters( 'bp_blogs_activity_new_comment_primary_link', $comment_link, comment, recorded_comment ),
    'component_action' => 'new_blog_comment',
    'item_id' => $comment_id,
    'secondary_item_id' => $recorded_comment->blog_id,
    'recorded_time' => $recorded_comment->date_created
    ) );
    }

    return $recorded_comment;
    }

    function bp_nonmember_comment_content( $content ) {
    global $bp;

    if ( $bp->loggedin_user->id != 0 )
    return $content;

    /* Todo: Add patch to core that makes these buttons not appear for user_id=0 */
    $content = preg_replace( "|(View).*?Delete</span>|", '$1</span>', $content ); // for bp-default 1.2+
    $content = preg_replace( "|<span class=\"activity-delete-link.+?</span>|", '', $content ); // for bp-classic

    return $content;
    }

    #188510

    In reply to: Register CSS Style

    Avatar of Jencina
    Jencina
    Participant

    I’m sorry I can’t do that.

    I’m my register.php page there are two <div . <div id="my-custom-registration"> and <div class="register-section" id="basic-details-section"> :

    Mod Edit// tinypic link removed as too spammy and using re-directs to other sites.

    I’m trying to do that in CSS with “#my-custom-registration” and “#register-section”, but no luck.

    Sorry for my ignorance

    #188502
    Avatar of Jencina
    Jencina
    Participant

    My registration page is very ugly, like this:
    Mod Edit// tinypic link removed as too spammy and using re-directs to other sites.

    And I wan’t create a pretty form, like this:
    Mod Edit// tinypic link removed as too spammy and using re-directs to other sites.

    I haven’t much idea about CSS, can anyone help me??

    Thanks

    #186508
    Avatar of shanebp
    shanebp
    Moderator

    You’re looking at a symptom, not the problem.
    If users are marked as spammers, then activity comments will be marked as spam.
    So that part is working properly.

    The real question is, why are users being marked as spammers?

    To show comments regardless of spam flag, try this in the activity-loop.php template:
    if ( bp_has_activities( bp_ajax_querystring( 'activity' ) . '&spam=false' ) ) :

    #186507
    Avatar of milosnikolic
    milosnikolic
    Participant

    Ok I found it… After changing 2 default settings for spam from ham_only to false it works and shows everything now.

    But I can’t figure out why they are marked as spammers in the first place after the 2.0 update.

    #186505
    Avatar of milosnikolic
    milosnikolic
    Participant

    Ok here I found this:
    “Added new “hide_spam” parameter to the entire Activity template loop stack; defaults to true, except if specific activity items have been requested (for backpat reasons).”

    I found “hide_spam” in 3 files in buddypress but it’s already set to false? How can I disable this option?

    Is it here in bp-activity-template.php:

    // If a user is a spammer, their activity items will have been automatically marked as spam. Skip these.
    if ( $comment->is_spam )
    continue;

    $user_ids[] = $comment->user_id;

    or here

    @type string|bool $spam Spam status. ‘ham_only’, ‘spam_only’, or false
    * to show all activity regardless of spam status. Default: ‘ham_only’.

    #186502
    Avatar of milosnikolic
    milosnikolic
    Participant

    Yes I thought so but one of the first things I tried is to disable all plugins except Buddypress and it was still happening. I tried it again now – bbpress error is for something else it seems, as users still get marked for spam even when it’s disabled.

    #186494
    Avatar of milosnikolic
    milosnikolic
    Participant

    Yes it was a typo, I meant “is_spam”. Yes I tried switching and the same thing is happening, it’s not for all users, but most have the problem. When I mark for spam/unmark in the users list their old activity shows up (when they were marked for spam, and it’s reset to 0 in the table), but as soon as they log in and try to post it goes back to marking their activity as 1 in is_spam column, and not showing anything (and not giving them access to bbpress forum also).

    #186493
    Avatar of shanebp
    shanebp
    Moderator

    Then the problem is in those files.
    There is no column ‘spam’, the column name is ‘is_spam’.

    If you switch themes to a WP theme like 2013, do you still get those errors?

    #186490
    Avatar of milosnikolic
    milosnikolic
    Participant

    In phperrorlog I get this error:

    WordPress database error Unknown column ‘spam’ in ‘where clause’ for query SELECT ID FROM lb_users WHERE ID=1 AND spam != 1 made by require(‘wp-blog-header.php’), require_once(‘wp-includes/template-loader.php’), include(‘/themes/Cinematix/bbpress.php’), get_sidebar, locate_template, load_template, require_once(‘/themes/Cinematix/sidebar.php’), dynamic_sidebar, call_user_func_array, WP_Widget->display_callback

    #186487
    Avatar of milosnikolic
    milosnikolic
    Participant

    Yes I’m using a custom Buddypress theme (Cinematix) but it’s updated to the newest version and no one else has that problem. bp-custom.php doesn’t exist. I tried switching the theme also and same thing is happening.

    Is there a way to disable buddypress flagging users for spam, so that is_table field isn’t being set to 1?

    Avatar of milosnikolic
    milosnikolic
    Participant

    After upgrading to 2.0 (and 2.0.2 now) some users have been marked as spammers and their activity is not showing up at all in the activity feed. I don’t have Askimet or any other security plugin enabled, actually I tried disabling everything except BP and it still persists. I can fix it by marking the user manually for spam in the user list, then unmarking them, but it happens again if they try to post.

    I noticed an entry in the bp_activity table “is_spam” field is set to 1 for those users. Is there a way to disable this spam filtering totally? As my site is private and registrations are closed anyway…

    #185602

    In reply to: No Activation eMail

    Avatar of henrywright
    henrywright
    Moderator

    Hi @pietro_sferrino

    A couple of things to try:

    • Check your spam email folder
    • Check with your hosting company that their mail server is set up and working
Viewing 25 results - 1 through 25 (of 2,806 total)