BuddyPress.org

Just another little update: To me it seems that there are two different spam-signups (at least )

The ones, that come in through the registration-form

I could handle those with all the tipps (for me this worked best):

– change the slug

– additional-fields

– change some text on the registration-page

– change footer-text

– SI-Captcha didn’t really work, so I used the modified invitation-code-plugin mentioned before

– wp-ban did help, too (often wasn’t really needed – just left it there in case…)

– changing/deleting wp-signup.php (which led me to this connected issue/question: https://buddypress.org/forums/topic/wp-signupphp-redirects-to-registration-slug-why)

The ones, that don’t seem to use the registration-form or wp-signup.php at all

– never had this problem before, so it hit me… Further described here with a open question for me: https://buddypress.org/forums/topic/is-there-a-backdoor-in-wpmubuddypress

– This morning I found out, that I had deactivated the hashcash-plugin because I had comment-issues (didn’t come through anymore). I think the spam-flood came after deactivating it. Right now I have activated it again (just for signups) and no spam came in for a couple hours now (even with deactivated wp-ban, without captcha or invitation-plugin, wp-signup.php still there)

So far my forther journey with this issue