Skip to:

Search Results for 'spam'

Viewing 25 results - 1 through 25 (of 3,131 total)
  • Author
    Search Results
  • #261509
    Profile photo of Venutius

    I’m a bit uncertain about allowing users to change their Usernames, it means they lose connections with the past in so much as the activity table is static so the name does not change on past activity items and this throws some errors, also I think it may make the admin anti spam task harder, users posting stuff then changing their login name.

    Profile photo of satus


    When a new user registers using the standard Buddypress user form, they receive the activation email and that all works great! However, they are automatically logged in to the site when they click complete on the register form and can continue to use the site as a standard user. If they are to log out, they cannot get back in. But we recently had someone spam our site with logins and comments and votes using this exploit.

    Any ideas on where to look to solve this? Essentially, i don’t want the register form to automatically log the user in..

    Any help you be much appreciated. Thank you.

    Profile photo of dunnjust

    I’ve installed Buddypress, Buddyblog and the latest version of BP Simple Front End Post:

    1. When a user begins to create a post, they do not have an option to upload a featured image. How do I fix this? A featured image should be required – See Screenshot:
    2. The style of the page is too long. How do we make the Category and Tags split the page 1/2 & 1/2 with contained list? This will shorten the page greatly – See screenshot:
    3. One of our users tried to register and got the confirmation email in their spam folder. So can we edit the email copy to: “BTW: Be sure to add B.O.W. to your contacts in order not to get these emails to your spam folder or in any other dark corner of your inbox.”
    How do I do this for the BuddyPress email confirmation?
    4. How do I hide/remove ONLY the top left parts of the Admin from users? User should not be able to see the dashboard. Only the Admin. Screenshot:

    Thanks in Advance.

    Profile photo of ethernity4ever

    I suggest an anti spam plugin, the one im using is cleantalk


    Hi @tranny,

    Trust me, I completely hear you. You’re right. Ideally anti-spam controls like that should be built-in.

    Those are great suggestions. We’ll take a hard look at possibly including those features in future versions of WP-SpamShield as well. One thing you’ll find by using a plugin like WP-SpamShield is that it will block 100% of bots, and it will prevent most human spammers from even registering (which keeps them from even getting to a place where they can spam other users), and it will make it difficult for them to post their spammy messages.

    Let us know if we can help in any way.

    – Scott

    Profile photo of Tranny

    Hey Scott @redsand

    Thank you for your message. I’m gonna take a look at the plugin you have suggested. I’m still hoping that BP developers will implement basic features that would help in countering spam. Some such features would be:

    1 – Ability to turn off email notifications for all existing users, and choose a default setting for new users
    2 – Ability to set a limit on how many members can be tagged per post
    3 – Ability to set a limit on how many friendship connections can a member make per day, and the ability to set after how many pending friendship requests the member can’t make any more requests
    4 – Ability to set a period in days after registration, during which a newly registered member will not be able to tag anyone or make friendship connections
    5 – Ability to force moderation on BP related posts similar to WP core, whereby a post would be held in moderation unless a user has an approved post

    Features like that would most certainly be welcome by owners of larger sites, and probably by owners of smaller sites too. They can be frequently encountered in other scripts.

    I do realize that fighting spam is a neverending battle, but features I’ve been talking about would make a significant impact on a webmaster’s ability to reduce it, especially since right now BP doesn’t have anything to mitigate it in any way.

    Profile photo of Tranny

    I have an ongoing problem with spammers, and whereas there is no adequate mechanism to control spam with BP, I proceeded to disable sending of email notifications. At least that’s what I figured the feature is about.

    Under “Emails >> All Emails”, I chose to Edit those that are abused by spammers, and deselected whatever was checked off under “Selection”, thinking that if no situation is selected for when the email should be triggered, then none will be triggered.

    Unfortunately, those I have deselected now disable the following error message on the All Emails page:

    Warning: Invalid argument supplied for foreach() in ../../wp-includes/functions.php on line 3508

    Warning: implode(): Invalid arguments passed in ../../wp-content/plugins/buddypress/bp-core/classes/class-bp-admin.php on line 1015

    I am up to date on WP and all plugins, and use Twenty Sixteen child theme slightly customized.

    Hope somebody can help me resolve the error issue.


    Hey @danbp

    I just thought I’d jump in here real quick, as I think this will be beneficial to everyone in the thread including @tranny.

    And even if you would be a genius coder creator of an extra super original spam shield, you could be sure to became target #1 of all spammers, because in this case, you would represent the absolute challenger of all code breakers !

    We are that “genius coder creator of an extra super original spam shield” that you speak of. 🙂

    There is no miraculous plugin or trick to stop them.

    Ahh, but there is.

    It’s real, and it’s even called WP-SpamShield. LOL…you can’t make this stuff up. 🙂

    Check it out on WPorg. It’s been out for about two and a half years, and is forked from another plugin we developed almost a decade ago. It works perfectly and automatically on BuddyPress, bbPress, and pretty much everything else. You can also feel free to check out the plugin documentation here.

    …And for the record, we definitely are a huge target of spammers. 🙂

    dealing with spammers is a long run work, to not say a never ending work.

    True story!

    – Scott

    Profile photo of casttime

    Hello Venutius,
    thank you for the fast reply. Now I use “Mass Messaging in BuddyPress” and it worked fine.
    Unfortunately, most Users have the problem that the emails end up in their spam folder.

    Profile photo of danbp


    dealing with spammers is a long run work, to not say a never ending work. There is no miraculous plugin or trick to stop them.
    And even if you would be a genius coder creator of an extra super original spam shield, you could be sure to became target #1 of all spammers, because in this case, you would represent the absolute challenger of all code breakers !

    Back to real life.

    Most of updates spam comes directly into the DB. Bots are clever and don’t need to login to do that.
    Some spammers are real people, and once they are logged, they do their stuff manually. These people can be isolated, but to do this, you have to find them in the user list. Which is absolutely not easy and time comsumting. And of course, this is not prevention but intervention, after you where spammed.

    You could also track IP‘s, but again, this can be helpfull only AFTER you where spammed. But getting ip’s on admin user list is a great way to gain time. Once you have the IP, you can consult many anti spam sites who store any bot and user known to be attackers. And eventually ban them with this plugin.

    For now, first thing to do is to clean your user list. Whatever suspect username, like a589xdf or special to BP, Bill UNERHOOD, can be eliminated. The first example use alpha-numeric digits, the second a very well formed first and last name. It’s extremely rare that normal users enter such credentials. In addition to this, you can check their email. Why would you, for example, have members with a polish email ( if you’re in New Zeeland and your site relates about pets ? In this case, you can raisonably doubt about an interest between medicaments and pets ! You can fire such user.

    All this may be good and well, but you have also to hardening WP. This means using another table prefix as wp_ at very first. And second, to not use “admin” as user name. Never !
    Read also @venutius tutorial

    You have to clean out the existing spammers, unfortunately manually. And to avoid upcoming spam.

    To calm down the bots – in case you receive dozen of spam daily, close all comments and deactivate notices and messages component in bp settings for 2 or 3 weeks.

    Also, in case you’re on a dedicated server, you really need to enforce his security. But this is out of the scope of this forum.

    Profile photo of Tranny

    @kalico I have a serious problem with spammers, and BP doesn’t have any useful features to deal with spam. I have spammers manually posting activity updates in which they tag hundreds of random users in order to force them to receive email notification containing spam. Same with friend connections, which spammers use in order to force my site members to receive emails with their spam message (they change their display name into a message containing the URL to their site).

    Profile photo of Tranny


    I would like to request the ability to set restrictions on users’ actions in order to prevent spam. For example, the restriction on how many friend connections can a user request per day, or how many members can a user tag in a post, etc.

    Such features have been a standard part of many social networking scripts for years. I’m sure it would be appreciated by webmasters.

    Profile photo of danbp

    Spam is a serious subject, not a taboo. WordPress codex talks about. Why shouldn’t BP do the same, specially because it can drain spam which need special attention ?

    If you read Hardening WordPress, you will find a lot of references to third party plugin. I don’t believe there is an issue, if you mention wordpress plugins available on the plugin repo. Even premium plugins can be mentionned i think, as long as you specify they are premium.

    Profile photo of Venutius

    Ok I’ve written something up, hope you like it

    Hardening BuddyPress Against Spammers

    Profile photo of Venutius

    I could try writing a simple guide tonight if you like, might take me some time though depending on what else comes up.

    One thing I can say is that before I put in these measures I was getting at least 50 spam registrations a day, I now get 1 a week and this is a human who is trying to register with the site purely to spam, to find these out you have to ask then where they live, they always lie but the IP address does not, so that’s one way of vetting spammers before you allow them onto your site.

    Of course with these measures there is always the chance that you are turning down genuine member requests…. It’s a balance.

    Profile photo of Venutius

    This page has my own suggestions to try to avoid spammers, this combo dramatically cut down on the number of spam registrations and those that get through I hold them in a queue with BP Registration options a ban then based on discrepencies in their registration information.

    Profile photo of danbp

    Once registered you have no other choice as to remove them manually.
    To retain spammers, there many plugins and methods. Afaik none is the perfect solution and in many situation, you’ll need to use a mixed protection.

    There many topics on the forum about spam… Search them and make your opinion.
    That said, you might follow some basics to harden WordPress, which is a good debut (table renaming, ban “admin” as username, etc). After that, a bunch of anti-spam plugins will calm down their activity on the site. (ban-hammer, buddypress honeypot, etc) Also keep in mind that you won’t probably never avoid spammers. But there is a big difference between 2 spam/day and 1000/per day. 😉

    Profile photo of protocolil

    I got spam register on my website… I delete all of them manually.
    Part of them even activate the email and after posting on forums and updating the status with spam.

    How to remove them to not register?
    maybe re-captcha of google or something like.

    Thank you.

    Profile photo of Scaffies

    Hello all,

    after the update to v2.7.0 (from the latest before) member of the type “Subscriber” / “Participant” can no longer upload new profile pictures, or pictures, video, or audio to their personal galleries. The upload process starts, then ends with “HTTP error.” – no other data.

    It still works fine for administrators – so I assume, maybe some access rights may have changed?

    Thanks for looking into it!
    For the Scaffies admin team,

    Here the technical configuration / versions:
    Dedicated (powerful) managed server on Linux
    WordPress Version 4.6.1
    WordPress DB Version 37965
    Multisite No
    Active Theme DynamiX 5.3

    Active Plugins:
    Akismet 3.2
    Arrowchat WordPress Integration 1.0.2
    bbPress 2.5.10
    bbPress Topic Thumbnails 1.2
    BP Custom Background for User Profile 1.0.5
    BP Profile Message UX Free 1.5
    BP Recent Profile Visitors 1.1.3
    BP Registration Options 4.2.12
    BuddyPress 2.7.0
    BuddyPress Activity Plus 1.6.4
    Buddypress Friend of a Friend (FOAF) 2.6
    BuddyPress Friends On-line (FOL)
    BuddyPress Members only 1.3
    Buddypress Messages Spam Blocker 2.5
    BuddyPress MyMood 1.7
    BuddyPress Polling Plugin 1.0
    BuddyPress Registration Groups 1.1.2
    BuddyPress Sitewide Activity Widget 1.3.2
    BuddyPress Social Icons 1.0.2
    CDN Enabler 1.0.3
    CM Answers Pro 2.1.6
    Contact Form by BestWebSoft 4.0.3
    Contact Form Multi by BestWebSoft 1.1.9
    Dev4Press Updater 3.3.2
    Easy Polling Plugin 2.5
    EU Cookie Law 2.9.3
    Events Manager
    GD bbPress Toolbox 4.4.2
    Google Analytics Dashboard for WP
    Huzzaz Video Gallery 7.3
    Jetpack by 4.3.2
    Login Widget With Shortcode 5.5.3
    MediaPress 1.0.6
    Pixel Jar BuddyPress Honeypot 1.1
    Rating-Widget: Star Review System [Premium]
    Simple History 2.12
    Slider Revolution 5.2.5
    Soundcloud is Gold 2.3.2
    UpdraftPlus – Backup/Restore
    User Role Editor 4.28
    Wordfence Security 6.2.2
    WP-Ban 1.68
    WP-DBManager 2.78
    WP-Mail-SMTP 0.9.5
    wp-Monalisa 3.7
    WPBakery Visual Composer 4.4.2

    Profile photo of Slava Abakumov
    Slava Abakumov

    Better to prevent spam users to register at all. There are a lot of plugins, that help with it.
    I use WP-SpamShield successfully on a BuddyPress site.

    Profile photo of tse11

    Yeah, the use case for me is because I have a default group that everyone joins automatically. What has happened is when a spammer joins, they’ve been posting in this default group right away. Yet I need people to join this group!

    Profile photo of mdarcangelo66

    Hi, I need to know if there is a code or anything to advise the user after that he submit the registration ( so past the complete registration step ) that an email with a confirmation link has been sent in order to activate the account ect. because at this stage once the registration has complete it is usually redirect to the main page without further notice, as a confirmation email can go into the spam ect. so a text to remind of what to do or to check would be beneficial and so common really…


    Wordpress 4.5.4 | Buddypress 2.6.2

    Profile photo of Henry Wright
    Henry Wright

    Hi @julia_b

    I chose not to add an @ all command because it would be easy for a user to spam people.

    @ friends is supported though. Hope that helps!


    In reply to: Activate Page

    Profile photo of Venutius

    What is the error you are getting?

    The user should get an email with and activation link

    By the way, this activation email sometimes ends up in the Spam bin on the users email, one fix to this is to set the outgoing email address used for this email using a plugin such as

    Profile photo of danbp


    See first here and check this very old snippet (3 years). Untested.

Viewing 25 results - 1 through 25 (of 3,131 total)
Skip to toolbar