Skip to:
Content
Pages
Categories
Search
Top
Bottom

Forum Replies Created

Viewing 8 replies - 1 through 8 (of 8 total)

  • ride2719
    Participant

    @ride2719

    I’m hoping that this is my final post on this thread. I found a plugin called BuddyPress Security Check that, so far, has stopped the spam registrations. Thanks to Shea Bunge for the plugin. This may be one of those short-lived fixes where the spammers figure it out eventually, but it’s working right now.


    ride2719
    Participant

    @ride2719

    OOPS… My last post was INCORRECT (there doesn’t seem to be a way to delete posts). I thought it was working to use a required xProfile field, but it just took longer to get going. The spam registrations started up again and I had to disable registrations.

    SO, I’m still looking for help on how to diagnose the problem, or a work around for fixing it.

    Can I re-install BuddyPress and/or bbPress without losing my settings?

    Thanks, Rick.


    ride2719
    Participant

    @ride2719

    I beleive I have successfully worked around the problem. The solution is as simple as adding a required profile field (xProfile). Evidently, the malicious registration process is fooled by the presence of a require field that it does not expect.

    Of course, this may only be a short-lived solution, and it may not prevent all automated registration engines out there, but it has solved my problem for the time being.

    Thanks to all who gave me hints on how to handle this.

    Rick.


    ride2719
    Participant

    @ride2719

    Thanks shanebp for sticking with me.

    You missed the post where I explained the problem when registrations continued even when I disabled them (about 3 posts up from this one). Basically, there were thousands of pending registrations (i.e. with unconfirmed emails) that were slowly being completed by the malicious registration process. I did not want to simply delete them directly from the data base since that always carries some risk if you don’t use the API’s. I found plugin “unconfirmed” which enable me to view and delete them. Once deleted, the registrations stopped.

    Also, thanks for your idea about the keys and salts. I don’t think that’s a problem since I have deleted all of the automated users AND all of the pending registrations. All of the automated registrations will have to be done again. Unless there is a reason I haven’t thought of, I’d rather not inconvenience my valid users.

    Thanks again, Rick.


    ride2719
    Participant

    @ride2719

    OK, here’s a followup on my trying to find the source of the automated registrations.

    — I disabled bbPress on the network plugins page.
    — I renamed the following directories:
    wp-content/plugins/bbpress
    wp-content/plugins/buddypress/bp-forums
    wp-content/plugins/gd-bbpress-attachments
    — enable registrations from the network admin settings

    And… the automatic registrations CONTINUE.

    — disable registrations (network admin) and the automatic reg stops

    SO, it’s beginning to look like it is not bbPress. PLEASE ADVISE:

    • Do you agree? Or is there some other possibility that will implicate bbPress?
    • What other possibilities are there for by-passing registration protocols?

    ride2719
    Participant

    @ride2719

    Here’s a followup on my progress in stopping the automated registrations. It turns out that my side issue (see my first post) was very important. I found a plugin called “unconfirmed” that gives you limited access to the user records with unconfirmed emails, including the ability to delete them. I had 7100 unconfirmed registrations. The plugin is not fully implemented, so I had to delete them about 20 at a time. (I figured I was not likely to find anything better, so I bit the bullet and deleted 300 groups of records.) Once deleted, the registrations stopped.

    So here’s the analysis: there were thousands of pending registrations. For whatever reason, the automaton that started the registration process either could not respond to the email, or was designed to respond to the emails slowly.

    So, now I have some time to diagnose the solution to the problem without the fear of my data base being flooded with crap.

    Next I’ll try to disable bbPress to see if it’s the problem, but I really don’t want to delete it as I already have several forums configured. I’ll see if I can disable it without deleting it and then turn registrations back on at the network admin level to see if they start up again.


    ride2719
    Participant

    @ride2719

    Thanks, aces, for your question. Actually I had seen this post before I started this thread, but when I tried the link given in that post, access to index.php was forbidden. I’m assuming if I can’t get to it (with an active admin account logged in) then it’s unlikely that someone else could successfully execute that URL. Please let me know if I am wrong about that.


    ride2719
    Participant

    @ride2719

    Follow up comments:

    I am using the theme Prose (child of Genesis) from Studio Press if that matters.

    I would be willing, as a stop-gap measure to manually register people, but the spam registrations are bypassing the “registration is disabled” setting.

    Rick.

Viewing 8 replies - 1 through 8 (of 8 total)
Skip to toolbar