Search Results for 'spam'
-
AuthorSearch Results
-
November 24, 2009 at 12:10 am #57320
In reply to: What do your spam signups look like?
podictionaryParticipant@Andrea_r No joy. Tried the # BEGIN ANTISPAMBLOG… code and just got another bot registration “terrancecline1973” a moment ago.
November 22, 2009 at 9:49 pm #57225In reply to: confirmation e-mail landing in SPAM-folder ?
abcde666ParticipantThanks Sven, I will try to install this and have a look……
November 22, 2009 at 11:52 am #57201In reply to: confirmation e-mail landing in SPAM-folder ?
Sven LehnertParticipantI changed the mail address from noreplay to a real one.
That fixed the spam problem for me.
See this plugin:
November 21, 2009 at 9:19 pm #57182In reply to: confirmation e-mail landing in SPAM-folder ?
abcde666ParticipantThank you !
But what is the name of the file at which I can change and customize the text of the “confirmation e-mail ?
November 21, 2009 at 2:42 pm #57173In reply to: confirmation e-mail landing in SPAM-folder ?
Paul Wong-GibbsKeymasterCustomise the email message with specific text for your site so it is less likely to be identified as spam?
November 20, 2009 at 11:49 pm #57149In reply to: Upgrade/backup/large site size questions
photodesignParticipantThanks so much.
I’m using the object-cache.php file from Donncha as the only caching that I’ve installed. This seems to be the much of the space – If I drop these, will performace be slower, or will data be lost? Would you suggest the wp-super-cache instead?
I don’t have many blogs – one, basically, (the main BP blog, but it has 10,000 posts, but they’re not really posts, long story). It’s a complicated integration where I’m using BP for the community side of a larger site with 123,000 members migrated into WPMU/BP.
There isn’t much spam do deal with, thankfully.
Thanks again for the info.
November 20, 2009 at 9:22 pm #57139In reply to: Upgrade/backup/large site size questions
Andrea RennickParticipantYou shoudl back it all up, yes. But you don’t necessarily need to ftp it down to your computer. I normally make a copy of the folder right on the server.
If you are double-sure you have cache files, you can clean them out. What are you using the cache? Because wp-super-cache has a cleanout button back there on the admin screen.
It’s not unusually large, no, dpeending on how may users and/or visitors you have. Lots of users, lots of hits, means lots of cache files & loads of upload files if they like to post pics to their blogs like you’re Flickr. (Hi mom!)
Yes, you’ll want to backup the db as well. Optimize those tables, and if you’re really feeling frisky, clean out the spam.
Remember that with the BP upgrade, the theme changes location. The MU part should be smoother.
Pick a time when your site traffic is low, like the weekend.
November 20, 2009 at 7:20 am #57084In reply to: What do your spam signups look like?
levinParticipantThanks for your effort, i just put it into my site, hope it can stop the spam registration.
November 20, 2009 at 5:52 am #57083In reply to: What do your spam signups look like?
stwcParticipantCross-posting this here from another thread. It’s now about a week since I’ve had anymore of the firstnamesurname19xx signups.
Well, I don’t know — I seem to have lucked out, or it’s just that my site is too new and so-far untrafficked, but the few very simple, small changes I made last week seem to have stopped the firstnamelastname19xx signups.
1) I changed the some of the text on the /register page.
2) I removed the “powered by” text in footer.php of my child theme (someone mentioned that it was being searched for)
3) I changed the register slug in wp-config.php
4) Added a functions.php file in my custom childtheme with the following code to redirect signups for all blogs to the Buddypress register page
function rk_signup_redirect() {
if (strpos($_SERVER['REQUEST_URI'], 'wp-signup.php') !== false ) {
$url = 'http://mydomain.com/customregisterslug';
wp_redirect($url);
exit;
}
}
add_action('init', 'rk_signup_redirect');where mydomain.com is, you know, my domain, and customregisterslug is the slug I changed in step 3.
I don’t think I changed anything else — no captchas or anything — and I’ve received zero splog signups in the 5 days since, after getting a few a day before that. Fingers crossed.
November 20, 2009 at 5:29 am #57082In reply to: What do your spam signups look like?
levinParticipantthanks for your handy information, do you know is it work for sub-domain configuration too?
November 19, 2009 at 11:16 pm #57063In reply to: What do your spam signups look like?
Andrea RennickParticipantWe modded D’Arcy Norman’s solution above so it would work on BuddyPress. At least it did a while back. Someone wanna give this a whirl again?
# BEGIN ANTISPAMBLOG REGISTRATION
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .yourbpsignupslug*
RewriteCond %{HTTP_REFERER} !.*yourhomedomain.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://die-spammers.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION
November 19, 2009 at 4:51 pm #57028In reply to: What do your spam signups look like?
Michael BerraParticipantHmmm – I installed the Plugin from Dennis Morhard “Invitation Code Checker” (https://wordpress.org/extend/plugins/invitation-code-checker) and changed the text a bit, so that my users know, which the code is when they register. Since then (a couple days now) ZERO spam signups… I hope it stays like that and the plugin is not too upset, that I misuse it
November 19, 2009 at 8:12 am #56995In reply to: What do your spam signups look like?
Oliver WredeParticipantHello.
I do have spam user registrations even with registration option set to:
[*] Only logged in users can create new blogs.
I understand this option to say that new user registrations are DISABLED but registered users may create blogs. Unfortunatly the “Register”-Button appears in the welcome widget with that setting — even though clicking it will redirect back to the homepage.
To disable the above option also disables the blog creation — which I do NOT want.
For an unkown reason I do see spam registrations (a couple per week) but it seems those users are not able to login and create blogs (or comment). I also do NOT get the usual notification mails for new user registrations.
It seems like a bug to me.
November 19, 2009 at 7:43 am #56993In reply to: What do your spam signups look like?
AndreMartinParticipantI have the same problem but it’s not so much the issue of spammers coming to the site than non-working defense measures.
I have failed to find any reasoning behind the dropping of wp-signup.php and replacing it with /register (what’s the .php file for that btw?) in BuddyPress but that’s the reason for a lot of spam problems.
When you install a number of WP and WPMU anti-spam plugins, they add their own features to the signup page – which in WP and WPMU is wp-signup.php.
Now as it has been pointed out in about all spam-related posts, people even delete that file with no success to the spam issue. This confirms the problem that I believe could reduce the spamming significantly:
– WP and WPMU anti-spam plugins do *not* have any affect on the BuddyPress /register page.
Is it because some hooks are missing? I’m not sure as I’m not that deep into it but I think so.
My request to solve this problem and address the spam issue:
– either BuddyPress will return to use wp-signup.php, or
– makes sure that anything added by plugins to wp-signup.php is also added to whatever page is serving the /register URL.
No matter hashcash, captcha or security question (all nice and working (with wp-signup.php) plugins), they can’t add their stuff to the BuddyPress signup page.
Why I don’t use wp-signup.php manually (like redirect URL to there)? Because it’s a blank page (told to die somewhere in BuddyPress if I remember right).
November 18, 2009 at 12:28 am #56909In reply to: Member directory browsing issue.
David BissetParticipantI had a similar issue, and this is how i fixed it. Maybe it will help.
BTW, using WPMU 2.8.4a and BP 1.1.1.
bp-core-classes.php: around line 224:
$total_users_sql = apply_filters( ‘bp_core_users_by_letter_count_sql’, $wpdb->prepare( “SELECT DISTINCT count(u.ID) FROM ” . CUSTOM_USER_TABLE . ” u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id LEFT JOIN {$bp->profile->table_name_fields} pf ON pd.field_id = pf.id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pf.name = %s AND pd.value LIKE ‘$letter%%’ ORDER BY pd.value ASC”, BP_XPROFILE_FULLNAME_FIELD_NAME ), $letter );
$paged_users_sql = apply_filters( ‘bp_core_users_by_letter_sql’, $wpdb->prepare( “SELECT DISTINCT u.ID as user_id FROM ” . CUSTOM_USER_TABLE . ” u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id LEFT JOIN {$bp->profile->table_name_fields} pf ON pd.field_id = pf.id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pf.name = %s AND pd.value LIKE ‘$letter%%’ ORDER BY pd.value ASC{$pag_sql}”, BP_XPROFILE_FULLNAME_FIELD_NAME ), $letter, $pag_sql );
For me, it was the pf.name in the WHERE that was coming back with nothing. I understand the MYSQL, but not understanding the logic behind that. I changed it to what I was hoping to nail in the first place:
$total_users_sql = apply_filters( ‘bp_core_users_by_letter_count_sql’, $wpdb->prepare( “SELECT DISTINCT count(u.ID) FROM ” . CUSTOM_USER_TABLE . ” u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id LEFT JOIN {$bp->profile->table_name_fields} pf ON pd.field_id = pf.id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pf.name = ‘Last Name’ AND pd.value LIKE ‘$letter%%’ ORDER BY pd.value ASC”, BP_XPROFILE_FULLNAME_FIELD_NAME ), $letter );
$paged_users_sql = apply_filters( ‘bp_core_users_by_letter_sql’, $wpdb->prepare( “SELECT DISTINCT u.ID as user_id FROM ” . CUSTOM_USER_TABLE . ” u LEFT JOIN {$bp->profile->table_name_data} pd ON u.ID = pd.user_id LEFT JOIN {$bp->profile->table_name_fields} pf ON pd.field_id = pf.id WHERE u.spam = 0 AND u.deleted = 0 AND u.user_status = 0 AND pf.name = ‘Last Name’ AND pd.value LIKE ‘$letter%%’ ORDER BY pd.value ASC{$pag_sql}”, BP_XPROFILE_FULLNAME_FIELD_NAME ), $letter, $pag_sql );
Works fine for me. I’ve heard the latest edge version of BuddyPress fixes this somehow… but this worked at install for me so something must of changed. I have ALOT of custom profiles and the member import was a-typical so maybe in my case that had something to do with it.
November 16, 2009 at 2:06 pm #56779In reply to: Member details are becoming garbled strings
Jeff SayreParticipantSome member profiles on my site are starting to become garbled …
The way you state the issue, you make it seem as if members’ profiles that were once correct are being changed into a “garbled” set of strings. However, if what you mean is that new registrants profiles appear as garbled strings, then I would assume it is spam as well.
First thing to do is upgrade to the latest WPMU and make sure you are using some form of anti-spam protection–Akismet, captchas, etc. Also, spammers many not be the only unwanted entities targeting your site. If you are not using the latest version of WPMU, then you are greatly exposing your site to attacks from more malicious parties who target older versions of WP, exploiting any recently-announced security issues in older version.
Next, you will want to upgrade BuddyPress to the latest version. Once you’ve done that, you will need to update your theme to work with BuddyPress. you can either do that yourself or contact the designer of your theme to find out if the theme you are using works with BP 1.1.2.
More information about theme changes in BP 1.1.x:
https://codex.buddypress.org/how-to-guides/upgrading-a-buddypress-1-0-theme-for-buddypress-1-1/
November 16, 2009 at 1:41 pm #56775In reply to: Member details are becoming garbled strings
mlovelockParticipantYep, that’s spam. Seeing quite a few of these, with the ‘real’ name and realish email address.
November 15, 2009 at 9:38 pm #56738In reply to: Fighting Splogs
arezkiParticipantBeLogical… I am also unable to beat those suckers. But unless u have tons of registrations, you may want to follow what may be my final option, and that is to install a separate registration form, may be even a simple email form, and then select who I allow in and who I should delete. This means disabling WPMU/Bpress registration at this stage. This way at least, I can check my email in the evening and inform those allowed. Otherwise, I spent my entire week checking my blackberry only to notice a mountain of unwanted blogs. If you are looking for a simple free email form with the ability to include attachments (like avatar), I’ve tested this one and it is just a one minute install and works just fine. http://www.maianscriptworld.co.uk/free-php-scripts/maian-mail/free-contact-form/index.html – At least I may (not sure yet) get spammers in my inbox as opposed to allow them in.
November 15, 2009 at 10:59 am #56724In reply to: What do your spam signups look like?
Michael BerraParticipant@chouf: hmmmmm, ok. By now it’s getting worse… not because of your htaccess-thing, but it doesn’t really seem to do anything. Did I get that right: I just take the code above as it is and that should do the trick?
November 12, 2009 at 11:12 pm #56594In reply to: What do your spam signups look like?
stripedsquirrelParticipantThey keep on coming. Thsi should really get some attention from Andy & JJJ. Just check out the http://testbp.org website. The entire homepage is 9and has been for at least several days) filled with spam (from sidewide activity), so they apparently cannot stop it either.
It is not a good sign to have the public testsite full of splogs and spams methinks, but at least it is truthful as it shows what it is like: BP & MU attract spammers who cannot be stopped easily…
November 12, 2009 at 5:09 pm #56562In reply to: What do your spam signups look like?
danbpfrParticipant@michael -> de nada
Attempt will continue a few days after you did changes. The time spam robots refresh their attack strategy, heu, their cache…
I couldn’t say to you “be patient”, i know you are, but…wait a little ? This is not Nescafé, but computing…
November 12, 2009 at 11:51 am #56536In reply to: What do your spam signups look like?
Sven LehnertParticipantcount me in…
brentschroeder1963
Some month ago, I change my registration process, and become spam free.
Just sometimes, I had a spam registration, but thy never had a user role.
Also I never get a registration mail.
And they not able to create a blog, or even post.
But this morning I have a new user: brentschroeder1963
Also with registration mail, a new blog …..
brentschroeder1963
November 12, 2009 at 9:40 am #56531In reply to: Welcome Pack Fatal Error
rustybroomhandleParticipant“if he does get to a new version, that we have the option of suppressing the flurry of emails sent to the user when the Welcome Pack kicks in (or maybe there’s an easier way”
Hehe, when we first enabled the plugin on one of our sites, it created a mail queue so long, that due to our host’s spam-prevention mail limitations, it took three days to send out all the mails. Not a complaint though, Achievements is a fun plugin, and we have it on three of our installations.
Back on topic though. There was a forum post somewhere about how to write defaults into a plugin, but I can’t find it. Any ideas? I might just use Welcome Pack for self-educational purposes, but need it to do some more specific things.
November 12, 2009 at 8:51 am #56530In reply to: What do your spam signups look like?
Michael BerraParticipantThanks Chouf
I just implemented the code above (just like it is, is that correct???) a couple minutes ago… Since then I already have to spam-registrations and blog-creations…
So, I will try the wp-ban also…
November 12, 2009 at 8:24 am #56529In reply to: What do your spam signups look like?
danbpfrParticipantI have had the same issues as you all these summer.
Since approx. 2 mounth i have nomore fake user or fake blog. And no spam too !
I erased daily and manually all spammer reference in my DB. Mail adrress, blog content, names and so on… An endless job with no success at least. And i don’t use Askimet. I can’t explain why (or only in french), but i don’t.
I’ve installed wp-spamfree (who blocked 45 spam comments since i installed it in july), invisble-defender (who blocked 76 spammer in the same period) This is really less
I use also wp-ban, here i have given some ip ban’s instructions, banned some referrers like these:
and some wildcarded user agents like zhanglingjuan*
in my htaccess i have this, wich is very powerfull(i think it is this who reduced mostly my spammers)
Test it and see in your log file how many “libwww-perl” call you receive in a day and see what is in the url. You will stunning !
# Blocking access from libwww-perl, and blocking urls that include “=http:†to eliminate bot attacks
RewriteCond %{HTTP_USER_AGENT} libwww [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{HTTP_USER_AGENT} www-mechanize [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{REQUEST_URI} !(wp\-login\.php|\/wp\-admin\/) [NC]
RewriteCond %{QUERY_STRING} ^(.*)=http [NC]
RewriteRule ^(.*)$ - [F,L]
# END ANTISPAMBLOG REGISTRATION -
AuthorSearch Results