Forum Replies Created
-
Status update:
This htaccess code reduced the number of Spam Registrations from 1,500 per day to 50. So now to figure out how the other 50 Spam Registrations are being performed. 😉This jack@$$ is the worst of them, but now I get credit for a new registered member and do not have to deal with anything else. I now love this spammer. Keep on spamming you make me look good. Ha ha ha.
Not Locked 3678 Affekagf vrvivyey i.nst.inctmocu@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.49 49.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
Not Locked 3677 skdiejdbokg ypxridnj bar.r.elbxme@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.59 59.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
Not Locked 3395 Alioizadk qxftzRepgb floo.dbnwk@gmail.com subscriber May 17, 2013 12:53 pm NA 59.60.112.92 92.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.phpWhat is awesome is this. The spammer registation counts as a new registered member, but the “new member registered” notification in the Activity feed does not display the spammer. Thanks spammers. LOL
@matt55 – The php errors still continued so it was not due to using Server Protocol. I am not exactly sure what action the spammers are doing in combination with the .htaccess code that is generating the php errors, but for now I just suppressed them by adding an @ symbol infront of strstr below until I can analyze this some more. /buddypress/bp-core/bp-core-template.php code line 864.
if ( !empty( $page_template ) && @strstr( strtolower( $page_template ), strtolower( $component ) ) ) {
Yep, I downloaded it from github. I have a bunch of customized security things going on so most likely one of the other security measures I have in place is causing the issue/problem. I will figure this out tomorrow when I have some more spare time.
Lately the Spam Registrations were getting way out of control – 1 per minute – so I had to get something in place quick. Yuck.
@bp-help – I tested your plugin and for whatever reason on my site it prevented good registrations. I will isolate exactly why that is on my particular site.
@matt55 – I did some more research and built on your .htaccess code. A php error was occurring due to using Server Protocol so per jdMorgan “the htaccess Master” 😉 the better condition check is The Request.Special thanks to jdMorgan a true htaccess Master
# BuddyPress Anti-Spam Registration RewriteCond %{REQUEST_METHOD} ^POST # only match the register page URI RewriteCond %{REQUEST_URI} ^/register/$ # domain referer is better than IP - allows for subdomains RewriteCond %{HTTP_REFERER} !^.*ait-pro.com.* [OR] # Blank or single hyphen user-agent spoofers or curl RewriteCond %{HTTP_USER_AGENT} ^(|-?|curl)$ [OR] # HTTP request header RewriteCond %{THE_REQUEST} HTTP/1\.0$ RewriteRule ^(.*)$ /spam-prevention [R=301,L]
The solution was so simple. Just use good old fashioned manual FTP upgrading methods.
Notes:
1. Deactivating BuddyPress caused a 500 Error and I had to use phpMyAdmin and add the active_plugins db entry back for BuddyPress to bring the site back up.
2. Doing a WP Dashboard upgrade caused a 500 Error.Successful BuddyPress Upgrade steps:
1. FTP to site and rename the /buddypress folder
2. Upload the new /buddypress folder.
For good measure I resaved all BuddyPress settings just to ensure that everything was actually good to go and no problems. Yeah!Ok yeah it is probably just what must be done in my particular case then. I should have stated that better. Something like – if you have tried restoring your previous BuddyPress files and that did not work then try doing a database restore. In my particular case when BuddyPress upgrades do not complete successfully then the only thing that brings that site back up is a database restore.
You will need to restore your database from a backup.
I am not a BuddyPress support person or BP expert, but I am also experiencing the same issues/problems with BuddyPress upgrades. My general theory on this is that during the database update what is happening is that dependent files are not being installed/copied/added in time/i correct sequence for the database update to complete successfully. I could be totally wrong, but that is what it logically looks like at this point.
Another part of the equation probably has to do with the fact that I have a standard single WordPress installation with BuddyPress and bbPress installed instead of Network/Mulitisite – just a gut instinct/logical guess.
I am a plugin author and need to get a plugin update out for my plugin in regards to the new jQuery in WP 3.6 which is scheduled to be released in a couple of weeks. Once I get that plugin update out then I will get to the bottom of this and post my findings and a complete tutorial on what to do to successfully install a BuddyPress upgrade given all of particular website’s factors. Will post that back here. Thanks