BuddyPress.org

für ä’biräbitzeli drischnure…

Did you show into the comments or posts on the different blogs ? There are sometimes strange links that can appeal to spammers. Some long post with many links inside or many Viagra words. You see what i mean…

I recently did such a search and find some on my “trusted members” blogs.

let’s continue this thread over here ~ https://buddypress.org/forums/topic/how-to-control-spam-registration/page/2

and did you try that recommendation regarding bbpress?

Good call Windhamdavid.

@ peter-anselmo

Ah thanks for clarification I had thought is_site_admin() was a WP function, my mistake. So having a BP reliant plugin activated but not Buddypress throwing this error makes sense.

On a sidenote did I not read Andy mentioning that there is a method that is supposed to ensure BP plugins cannot error in this fashion if BP disabled? Are they not supposed to perform a check first to determine if BP is functioning.

I am having the same problem as well.

~ also might want to make sure and check the NO setting under “Allow blog administrators to add new users to their blog via the Users->Add New page. ” in wp-admin/wpmu-options.php “Admin > Site Options”

posted my temp fix for the dups – and i haven’t seen any on my site since the change

https://buddypress.org/forums/topic/external-group-blogs-bug#post-40090

I’ve already answered this question.

If you have a spammer with admin access on a blog, they can add new users to that blog. They are then new users in the system since WPMU shares a global users table. So essentially once a spammer has a blog they can get others in.

This is simply the way WPMU works, and if I try and change that, people shout and scream at me. The reality is, if you want to use WordPress MU and BuddyPress along with it, you are going to have to manage this somehow. Otherwise, just use standard WordPress since it doesn’t have these issues.

I don’t quite understand these spam posts since I’ve run ten to twelve mu sites for several (4+) years with no splog/smap exploits (knock on wood) and some of them are outdated installs with very little protection. If buddypress is in fact, the culprit, perhaps it’s related to the registration in bbpress if you have forums installed? @micheal ~ perhaps you should try removing register.php from the buddypress/forums/bbpress/ ~ and/or buddypress/forums/bbpress/templates/kakumei/register.php to see what happens…

I just tested on a local install with no conflicts and thanks for investigating.

Just another little update: To me it seems that there are two different spam-signups (at least )

The ones, that come in through the registration-form

I could handle those with all the tipps (for me this worked best):

– change the slug

– additional-fields

– change some text on the registration-page

– change footer-text

– SI-Captcha didn’t really work, so I used the modified invitation-code-plugin mentioned before

– wp-ban did help, too (often wasn’t really needed – just left it there in case…)

– changing/deleting wp-signup.php (which led me to this connected issue/question: https://buddypress.org/forums/topic/wp-signupphp-redirects-to-registration-slug-why)

The ones, that don’t seem to use the registration-form or wp-signup.php at all

– never had this problem before, so it hit me… Further described here with a open question for me: https://buddypress.org/forums/topic/is-there-a-backdoor-in-wpmubuddypress

– This morning I found out, that I had deactivated the hashcash-plugin because I had comment-issues (didn’t come through anymore). I think the spam-flood came after deactivating it. Right now I have activated it again (just for signups) and no spam came in for a couple hours now (even with deactivated wp-ban, without captcha or invitation-plugin, wp-signup.php still there)

So far my forther journey with this issue

http://buddydev.com/buddypress/bp-gallery-beta-available-now-download-test-and-enjoy/

There’s already a solution for number 2 of your list (not sure if it works with stand alone wp).

For problem one you could just make a simple bbparser, but since your not a coder, you’ll have to wait till a coder needs it too.

btw,If you are wondering, why this happened.

the problem is with bp_core_set_uri_globals function In Bp.

See the ticket here

https://trac.buddypress.org/ticket/1726

If you install bp in a folder whose name coincides with one of the component slug, the component is not accessible until you change the component slug to be different than the folder name.

This is getting worse and worse. I just launched my first BuddyPress site and am getting spammer registrations although I have additional required profile fields and SI Captcha installed.

Sadly, the article mentioned (linked) above is not available anymore (I guess the spammers took down that site) and judging by the responses here there still seems to be no known solution to the spammer problem with WPMU/BuddyPress.

I spoke to someone on Twitter who confirmed that the spam problem started when activating BuddyPress – this would be in contradiction to remarks from Andy, I’m afraid. Anyhow: after reading comments here there seems to be a hole in the system somewhere.

(I guess the spammers have been clever enough not to spam testbp.org )

just a thought: How about the intruder coming from another end than wordpress? There are so many theoretical ways to enter some data in the database.

Of course that doesn’t mean it’s not a wordpress problem – just to keep an eye on other things too.

I ‘like’ @hempsworth ‘s rating plugin.

I just don’t think options table is the right place to store language translation.

I have to delete bp_like_settings from sitemeta table with phpmyadmin.

Then reactivate this plugin before my translation shown up.

But after all. I vote this plugin to be in the core

before other developer make other rating capability in their plugin.

Report this on http://trac.buddypress.org so the developers can see the report please

On 2 different test sites (WP with BP, not WPMU) everything works ok except for 3 things:

1 – the “view likes” button doesn’t appear on all activity streams items where it should appear;

2 – changing the visibility setting doesn’t change a thing (maybe it’s because I’m using the admin account);

3 – on one site the “load more” link in the bottom of the activity stream stopped working and in the other site, it loads the items with the original language, not the translation.

I will test it better as soon as possible.

Ricardo

See the end of this thread: https://buddypress.org/forums/topic/how-do-i-disable-members-from-creating-groups

@Hempsworth: European Portuguese.

Our website uses the WordPress.com TOS made available as a CC license: http://en.wordpress.com/tos/

I’m trying to integrate P2 in the bp-groupblog plugin. Haven’t tried BP theme template pack.

P2 apparently only works on a regular blog index.php. On a group home (and probably other BP pages like members home etc.) it can’t find the right blog and the Ajax breaks.

The fix probably involves setting the blogID somewhere and changing settings in P2’s js.php. If it’s possible at all…