Skip to:
Content
Pages
Categories
Search
Top
Bottom

User called zhanglingjuan114 possible spambot?

  • Avatar of zageek
    zageek
    Participant

    @zageek

    Hi

    I have setup buddpress and I have noticed that I have had 3 users zhanglingjuan113

    zhanglingjuan114 and zhanglingjuan115. I find it strange that this name can be used by 3 different people. Is this a spambot because when I google it I see it comes up with some other buddypress installations.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Yes.

    Avatar of danbpfr
    danbpfr
    Participant

    @chouf1

    hi zageek,

    Since mounth, zhanglingjuan appears with several different ending numbers.

    Personnaly i banned it from 112 to 116 in wp-options ->banned domain’s over 40 days now.

    additionnally, i add some ip’s used by zhang… into the htaccess

    If you can verify in your server log file, you would see that they are offten the same ip’s which are used.

    I also blocked access to all trafic comming from libwww-perl witch brings a lot a lot of brut force tempting.

    A little mail to abuse@gmail…. will not resolve the problem with zhang…., but will stress a bit the giant…. (i believe in the “butterfly effect”) ;-)

    Using wp-spammfree and invisible defender widgets would also help you.

    Of course, daily cleanning in the DB in wp-register and wp-signup tabs

    since 40 days, no zhang… registered on my site.

    Instead some new spammer appeared: firstnamelastname 1961 or any other year, mostly with mail on mysace.info or onlq.com

    spamm is a never ending desease

    Avatar of r-a-y
    r-a-y
    Moderator

    @r-a-y

    I would try to prevent member registration through .htaccess:

    http://wpmututorials.com/how-to/spam-blogs-and-buddypress/

    If not .htaccess, then try WP Hashcash, but I prefer the simplistic method of blocking through .htaccess. This will block most spam signups, but of course you can’t block everything! ;)

    Thanks to Darcy Norman for the original tip!

    Avatar of arezki
    arezki
    Participant

    @arezki

    I installed a plugin called WP-BAN. It is doing a terrific job. In a week it halted about 100 attempts in just 4 days from the list below…. and no more of those… I recommend trying it and use the list below for your list banning.

    htt://*.onlq.com

    http://*.myspacee.info

    http://*.host-a-site.info

    zhanglingjuan*

    87.233.174.250

    174.139.12.106

    Avatar of thealchemist
    thealchemist
    Member

    @thealchemist

    @arezki … so … does this plugin block attempts to sign up? How does it determine if something should be blocked? I looked at the plugin file on WP.org and it isn’t very specific. I can go into my server cpanel and block IPs all day long and I still get tons of spambots. I get user activation keys and blog setups with out a spambot actually doing the compelte process. grrrr.

    Avatar of Hugo
    Hugo
    Moderator

    @hnla

    it’s no solution and pointless running as yet one more plugin, this is simply a Order Allow Deny Apache directive and would be placed in you httpd.config file preferably or in your .htaccess and then list IP or domains to deny. Blocking IPs isn’t something that should be done lightly as it can have repercussions and is only effective on domains if there is one specific troublemaker these spam bots use spoofed domains they will change on the fly so little point trying to block them.

    Preventing spam is a multi faceted approach and the many areas and things that need to be done covered at length on the support forum, you need to use all of them to effectively reduce spam and if possible don’t let people sign up for blogs from the sign up page

Viewing 6 replies - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.