[AITpro]

Status update:
This htaccess code reduced the number of Spam Registrations from 1,500 per day to 50. So now to figure out how the other 50 Spam Registrations are being performed. 😉

[AITpro]

This jack@$$ is the worst of them, but now I get credit for a new registered member and do not have to deal with anything else. I now love this spammer. Keep on spamming you make me look good. Ha ha ha.

Not Locked 3678 Affekagf vrvivyey i.nst.inctmocu@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.49 49.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
Not Locked 3677 skdiejdbokg ypxridnj bar.r.elbxme@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.59 59.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
Not Locked 3395 Alioizadk qxftzRepgb floo.dbnwk@gmail.com subscriber May 17, 2013 12:53 pm NA 59.60.112.92 92.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php

[AITpro]

What is awesome is this. The spammer registation counts as a new registered member, but the “new member registered” notification in the Activity feed does not display the spammer. Thanks spammers. LOL

[AITpro]

@matt55 – The php errors still continued so it was not due to using Server Protocol. I am not exactly sure what action the spammers are doing in combination with the .htaccess code that is generating the php errors, but for now I just suppressed them by adding an @ symbol infront of strstr below until I can analyze this some more. /buddypress/bp-core/bp-core-template.php code line 864.

if ( !empty( $page_template ) && @strstr( strtolower( $page_template ), strtolower( $component ) ) ) {

[AITpro]

Yep, I downloaded it from github. I have a bunch of customized security things going on so most likely one of the other security measures I have in place is causing the issue/problem. I will figure this out tomorrow when I have some more spare time.

Lately the Spam Registrations were getting way out of control – 1 per minute – so I had to get something in place quick. Yuck.

[AITpro]

@bp-help – I tested your plugin and for whatever reason on my site it prevented good registrations. I will isolate exactly why that is on my particular site.

@matt55 – I did some more research and built on your .htaccess code. A php error was occurring due to using Server Protocol so per jdMorgan “the htaccess Master” 😉 the better condition check is The Request.

Special thanks to jdMorgan a true htaccess Master

# BuddyPress Anti-Spam Registration
RewriteCond %{REQUEST_METHOD} ^POST
# only match the register page URI
RewriteCond %{REQUEST_URI} ^/register/$
# domain referer is better than IP - allows for subdomains
RewriteCond %{HTTP_REFERER} !^.*ait-pro.com.* [OR]
# Blank or single hyphen user-agent spoofers or curl
RewriteCond %{HTTP_USER_AGENT} ^(|-?|curl)$ [OR]
# HTTP request header
RewriteCond %{THE_REQUEST} HTTP/1\.0$
RewriteRule ^(.*)$ /spam-prevention [R=301,L]

[AITpro]

The solution was so simple. Just use good old fashioned manual FTP upgrading methods.

Notes:
1. Deactivating BuddyPress caused a 500 Error and I had to use phpMyAdmin and add the active_plugins db entry back for BuddyPress to bring the site back up.
2. Doing a WP Dashboard upgrade caused a 500 Error.

Successful BuddyPress Upgrade steps:
1. FTP to site and rename the /buddypress folder
2. Upload the new /buddypress folder.
For good measure I resaved all BuddyPress settings just to ensure that everything was actually good to go and no problems. Yeah!

[AITpro]

Ok yeah it is probably just what must be done in my particular case then. I should have stated that better. Something like – if you have tried restoring your previous BuddyPress files and that did not work then try doing a database restore. In my particular case when BuddyPress upgrades do not complete successfully then the only thing that brings that site back up is a database restore.

[AITpro]

You will need to restore your database from a backup.

I am not a BuddyPress support person or BP expert, but I am also experiencing the same issues/problems with BuddyPress upgrades. My general theory on this is that during the database update what is happening is that dependent files are not being installed/copied/added in time/i correct sequence for the database update to complete successfully. I could be totally wrong, but that is what it logically looks like at this point.

Another part of the equation probably has to do with the fact that I have a standard single WordPress installation with BuddyPress and bbPress installed instead of Network/Mulitisite – just a gut instinct/logical guess.

I am a plugin author and need to get a plugin update out for my plugin in regards to the new jQuery in WP 3.6 which is scheduled to be released in a couple of weeks. Once I get that plugin update out then I will get to the bottom of this and post my findings and a complete tutorial on what to do to successfully install a BuddyPress upgrade given all of particular website’s factors. Will post that back here. Thanks