BuddyPress.org

@marathifacebook First of all, I suggest that you change your domain name to exclude facebook unless you have a written permission from the organization. Facebook has previously won trademark lawsuits against the owners of domains that included the “Facebook” name, such as FacebookStuff.com and KillFacebook.com etc. You wouldn’t want to be on the receiving end of a lawsuit, would you?

As for your query about public and private blog posts, you can already do that using the privacy setting on the metabox in write/edit panel …

@imagine81, You can use a function to remove email contact from private message:

http://pastebin.com/jZeThNEv

Note: You can amend it to remove other contact aswell

Naijaping

@imagine81 The functions you want would require some custom plugin which is not available at this time. You could hire a developer to do this for you or wait till someone creates one and release it to the public.

@rcain
Activity Stream Throttling done courtesy of BuddyDev:

BuddyPress Rate Limit User Activity

Limit friendship request throttling done courtesy of BuddyDev:

BuddyPress Limit Friendship Request

Private Message Rate limit plugin includes throttling coming soon from BuddyDev

Many captcha solutions have been out there for years.

I covered a hidded registration form field in a plugin here:
https://github.com/bphelp/bp-spam-killer

I doubt this covers everything but the fight against spam is ongoing. So you have my support! 🙂

@ghera74
That is default behavior if you do not have an private community type plugins activated. You can make activity your landing page in dashboard/settings/reading or create a custom menu and add the activity page as a menu item if you don’t want it as a landing page:
https://codex.buddypress.org/user/setting-up-a-new-installation/how-to-set-up-your-main-site-navigation-using-the-built-in-wordpress-menus/
Either way the activity stream is visible to logged-out-users, they just can’t post or comment.

@henrywright-1
Have you succeeded in your pages list? I think it would be a helpful contribution to the codex. I did my best at covering buddypress and bbpress pages with the plugin Private Community For BP Right now the only thing that makes me hesitate releasing it to the repo is the uncertainty of if I covered all BP specific pages and the fact it has no dashboard page settings so users can specify which pages are off limits to logged out users. Anyway, just checking in on this thread because it has a lot of relevance.

You maybe right, and i’m unsure too. The best way to know, is to give a try. But do you absolutely need to ask twice for the user email ?
Or you could simply name the email fields differently.
Private mail
Work mail

Members page is not visible in the top menu bar

@waterfiend check out http://wpmu.org/how-to-build-a-facebook-style-members-only-wordpress-buddypress-site/ or have a look at different solutions posted for a private BP site at https://buddypress.org/support/topic/protecting-buddypress-pages-from-non-logged-in-users/

@dice2dice
Do you know how to go to dashboard/pages/all pages/register? At the top of that page the title says Register just change that to Sign Up. At the top right corner of that same page click screen options and click the box beside of Slug. Now scroll down below the page body and you will see a text field labelled Slug. Change that from register to sign-up and click the blue Update button. Done!

Spam Killer is not in the WP Repo you need to download it from the github link I provided then go to dashboard/plugins/add new, and where it says Install Plugins you will see upload below that. Select upload and browse to where you saved the Spam Killer plugin on your hard drive. Click Install Now then activate it. There is no settings just activate it and forget it. If you search the HTML source after you activate the plugin you will see the hidden field the plugin created just like below:
<div style="display: none;"><input type="text" name="are_you_a_spammer" id="rejected" /></div>

Private Community For BP basically makes all BP related pages private and redirects the user to the page you want. Read the instructions in the readme.txt You will have to follow the same procedure listed for Spam Killer for getting, installing, and activating the plugin.

I have tried to make these instructions as clear as possible. Make sure to read the readme.txt in the plugins because the instructions are for fairly novice users. Let me know if you need more assistance.

@dice2dice
You can change the register page name and slug to sign-up.
You can also try using Private Community For BP:
You will also need to change line 27 in private-community-for-bp.php from /register to /sign-up to reflect the change of the register slug.
If your not using it you can get it here:
https://github.com/bphelp/private_community_for_bp
Another thing you can try is this small plugin “Spam Killer” which creates a hidden field humans can’t see, spam-bots will see it and fill it out and get a message indicating spammy behavior and it rejects their registration. Get it here:
https://github.com/bphelp/bp-spam-killer
Please read the readme.txt for complete instructions for usage for both plugins.

You can try this in bp-custom.php or your themes functions.php:

function bphelp_redirect_to_profile_on_login() {
global $bp;
if(!is_user_logged_in()) { 
wp_redirect( get_option('siteurl') . '/profile' );
}
}
add_filter('get_header','bphelp_redirect_to_profile_on_login',1);

Let me know if it works for you!
If you dont want to try this then use the plugin:
https://github.com/bphelp/private_community_for_bp
And change line 27 accordingly in private-community-for-bp.php to the page you want folks redirected too upon login before you activate the plugin.

When non-members are browsing through member profiles, the default behaviour is for them to be able to see each member’s avatar. The bp_displayed_user_avatar() function takes care of that.

If this isn’t happening then I suggest you check there isn’t a is_user_logged_in() check which is used to display content to only logged-in (registered members) users.

With reference to the non-member messaging, this would be far more complex to achieve and would require lots of custom code.

Not out-of-the-box. In order to send a private message the sender will need to be registered and logged in.

If you think you’ve found a security issue it really should be reported privately to a core dev.

I don’t think this is an issue, looking at upload avatar functions, but perhaps could use some hardening. Open a ticket.

When I requested membership, it asked me to add a comment, rather than just returning the button disabled with “request sent”. … I also tried bp-default but that made no difference either.

@becskr per link I posted above, that’s the default behavior when membership request is done at the group’s page. And commenting is optional. Could it be that you’re missing the “Send Request” button. Glad you found another solution but it could very well be a JS conflict with another plugin or script.

Well activity is already protected by akismet integration. Regarding the friend requests, one thing you can do now (and i have been forced to) to fight spam is only allow private messages to friends in that case the spammer gains the ability to send spam messages to these friends.

@ubernaut and others, re spam, I would appreciate hearing from the more experienced dev and web masters about the pros and cons of a private membership site.

By not allowing just anyone to become a member you automatically arrest spam. Of course, you also impede your growth because legitimate users can’t join.

One way to get around this is to use the great invite anyone plugin and have the original number of ‘seed’ members invite their friends and their friends invite their friends and so on.

Limited but organic growth in members and a total elimination of spam!

What do you guys think?