BuddyPress.org

I’m getting about 50 spam registrations a day on one client site since the start of this week.

We’ve modified the register slug, changed text on the register page, deleted the wp-signup.php file, and implemented the following in our .htaccess file:

# BEGIN ANTISPAMBLOG REGISTRATION

RewriteCond %{REQUEST_METHOD} POST

RewriteCond %{REQUEST_URI} .join-lorem*

RewriteCond %{HTTP_REFERER} !.*mydomain.com.* [OR]

RewriteCond %{HTTP_USER_AGENT} ^$

RewriteRule (.*) http://mydomain.com/spam-prevention [R=301,L]

# END ANTISPAMBLOG REGISTRATION

Still the spammers are getting through.

Turning off blog creation / new user registration is not an option… otherwise, there would be no point in trying to offer a blog platform / social community.

Asking users to wait until their application to join is approved, or asking them to fill in additional fields at signup will just hamper the chances of them signing up and using the site.

Anyone have any suggestions?

I don’t want to tell clients: “we’ll build on BuddyPress for you, but you might have to remove 100s of spam blogs every week”

Note: the problem is worse than just the backlinks they create, it also reflects badly on the professionalism / appearance of your site, as their spam posts show up in activity streams, in aggregators (such as showing recent site wide posts and so on).

This is a serious problem.

Note: a lot of these registrations come from a small number of IP addresses, is there anyway to block certain IP addresses from registering?