Re: What do your spam signups look like?
I have the same problem but it’s not so much the issue of spammers coming to the site than non-working defense measures.
I have failed to find any reasoning behind the dropping of wp-signup.php and replacing it with /register (what’s the .php file for that btw?) in BuddyPress but that’s the reason for a lot of spam problems.
When you install a number of WP and WPMU anti-spam plugins, they add their own features to the signup page – which in WP and WPMU is wp-signup.php.
Now as it has been pointed out in about all spam-related posts, people even delete that file with no success to the spam issue. This confirms the problem that I believe could reduce the spamming significantly:
– WP and WPMU anti-spam plugins do *not* have any affect on the BuddyPress /register page.
Is it because some hooks are missing? I’m not sure as I’m not that deep into it but I think so.
My request to solve this problem and address the spam issue:
– either BuddyPress will return to use wp-signup.php, or
– makes sure that anything added by plugins to wp-signup.php is also added to whatever page is serving the /register URL.
No matter hashcash, captcha or security question (all nice and working (with wp-signup.php) plugins), they can’t add their stuff to the BuddyPress signup page.
Why I don’t use wp-signup.php manually (like redirect URL to there)? Because it’s a blank page (told to die somewhere in BuddyPress if I remember right).