Skip to:
Content
Pages
Categories
Search
Top
Bottom

Forum Replies Created

Viewing 9 replies - 1 through 9 (of 9 total)

  • AITpro
    Participant

    @aitpro

    Status update:
    This htaccess code reduced the number of Spam Registrations from 1,500 per day to 50. So now to figure out how the other 50 Spam Registrations are being performed. 😉


    AITpro
    Participant

    @aitpro

    This jack@$$ is the worst of them, but now I get credit for a new registered member and do not have to deal with anything else. I now love this spammer. Keep on spamming you make me look good. Ha ha ha.

    Not Locked 3678 Affekagf vrvivyey i.nst.inctmocu@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.49 49.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
    Not Locked 3677 skdiejdbokg ypxridnj bar.r.elbxme@gmail.com subscriber May 17, 2013 12:51 pm NA 59.60.112.59 59.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php
    Not Locked 3395 Alioizadk qxftzRepgb floo.dbnwk@gmail.com subscriber May 17, 2013 12:53 pm NA 59.60.112.92 92.112.60.59.broad.pt.fj.dynamic.163data.com.cn /wp-login.php


    AITpro
    Participant

    @aitpro

    What is awesome is this. The spammer registation counts as a new registered member, but the “new member registered” notification in the Activity feed does not display the spammer. Thanks spammers. LOL


    AITpro
    Participant

    @aitpro

    @matt55 – The php errors still continued so it was not due to using Server Protocol. I am not exactly sure what action the spammers are doing in combination with the .htaccess code that is generating the php errors, but for now I just suppressed them by adding an @ symbol infront of strstr below until I can analyze this some more. /buddypress/bp-core/bp-core-template.php code line 864.

    if ( !empty( $page_template ) && @strstr( strtolower( $page_template ), strtolower( $component ) ) ) {

    AITpro
    Participant

    @aitpro

    Yep, I downloaded it from github. I have a bunch of customized security things going on so most likely one of the other security measures I have in place is causing the issue/problem. I will figure this out tomorrow when I have some more spare time.

    Lately the Spam Registrations were getting way out of control – 1 per minute – so I had to get something in place quick. Yuck.


    AITpro
    Participant

    @aitpro

    @bp-help – I tested your plugin and for whatever reason on my site it prevented good registrations. I will isolate exactly why that is on my particular site.


    @matt55
    – I did some more research and built on your .htaccess code. A php error was occurring due to using Server Protocol so per jdMorgan “the htaccess Master” 😉 the better condition check is The Request.

    Special thanks to jdMorgan a true htaccess Master

    # BuddyPress Anti-Spam Registration
    RewriteCond %{REQUEST_METHOD} ^POST
    # only match the register page URI
    RewriteCond %{REQUEST_URI} ^/register/$
    # domain referer is better than IP - allows for subdomains
    RewriteCond %{HTTP_REFERER} !^.*ait-pro.com.* [OR]
    # Blank or single hyphen user-agent spoofers or curl
    RewriteCond %{HTTP_USER_AGENT} ^(|-?|curl)$ [OR]
    # HTTP request header
    RewriteCond %{THE_REQUEST} HTTP/1\.0$
    RewriteRule ^(.*)$ /spam-prevention [R=301,L]

    AITpro
    Participant

    @aitpro

    The solution was so simple. Just use good old fashioned manual FTP upgrading methods.

    Notes:
    1. Deactivating BuddyPress caused a 500 Error and I had to use phpMyAdmin and add the active_plugins db entry back for BuddyPress to bring the site back up.
    2. Doing a WP Dashboard upgrade caused a 500 Error.

    Successful BuddyPress Upgrade steps:
    1. FTP to site and rename the /buddypress folder
    2. Upload the new /buddypress folder.
    For good measure I resaved all BuddyPress settings just to ensure that everything was actually good to go and no problems. Yeah!


    AITpro
    Participant

    @aitpro

    Ok yeah it is probably just what must be done in my particular case then. I should have stated that better. Something like – if you have tried restoring your previous BuddyPress files and that did not work then try doing a database restore. In my particular case when BuddyPress upgrades do not complete successfully then the only thing that brings that site back up is a database restore.


    AITpro
    Participant

    @aitpro

    You will need to restore your database from a backup.

    I am not a BuddyPress support person or BP expert, but I am also experiencing the same issues/problems with BuddyPress upgrades. My general theory on this is that during the database update what is happening is that dependent files are not being installed/copied/added in time/i correct sequence for the database update to complete successfully. I could be totally wrong, but that is what it logically looks like at this point.

    Another part of the equation probably has to do with the fact that I have a standard single WordPress installation with BuddyPress and bbPress installed instead of Network/Mulitisite – just a gut instinct/logical guess.

    I am a plugin author and need to get a plugin update out for my plugin in regards to the new jQuery in WP 3.6 which is scheduled to be released in a couple of weeks. Once I get that plugin update out then I will get to the bottom of this and post my findings and a complete tutorial on what to do to successfully install a BuddyPress upgrade given all of particular website’s factors. Will post that back here. Thanks

Viewing 9 replies - 1 through 9 (of 9 total)
Skip to toolbar