Spam is a serious subject, not a taboo. WordPress codex talks about. Why shouldn’t BP do the same, specially because it can drain spam which need special attention ?
If you read Hardening WordPress, you will find a lot of references to third party plugin. I don’t believe there is an issue, if you mention wordpress plugins available on the plugin repo. Even premium plugins can be mentionned i think, as long as you specify they are premium.
I could try writing a simple guide tonight if you like, might take me some time though depending on what else comes up.
One thing I can say is that before I put in these measures I was getting at least 50 spam registrations a day, I now get 1 a week and this is a human who is trying to register with the site purely to spam, to find these out you have to ask then where they live, they always lie but the IP address does not, so that’s one way of vetting spammers before you allow them onto your site.
Of course with these measures there is always the chance that you are turning down genuine member requests…. It’s a balance.
This page has my own suggestions to try to avoid spammers, this combo dramatically cut down on the number of spam registrations and those that get through I hold them in a queue with BP Registration options a ban then based on discrepencies in their registration information.
http://buddyuser.com/setting-up-wordpress-ready-for-buddypress
Once registered you have no other choice as to remove them manually.
To retain spammers, there many plugins and methods. Afaik none is the perfect solution and in many situation, you’ll need to use a mixed protection.
There many topics on the forum about spam… Search them and make your opinion.
That said, you might follow some basics to harden WordPress, which is a good debut (table renaming, ban “admin” as username, etc). After that, a bunch of anti-spam plugins will calm down their activity on the site. (ban-hammer, buddypress honeypot, etc) Also keep in mind that you won’t probably never avoid spammers. But there is a big difference between 2 spam/day and 1000/per day. ๐
Hi,
I got spam register on my website… I delete all of them manually.
Part of them even activate the email and after posting on forums and updating the status with spam.
How to remove them to not register?
maybe re-captcha of google or something like.
Thank you.
Hello all,
after the update to v2.7.0 (from the latest before) member of the type “Subscriber” / “Participant” can no longer upload new profile pictures, or pictures, video, or audio to their personal galleries. The upload process starts, then ends with “HTTP error.” – no other data.
It still works fine for administrators – so I assume, maybe some access rights may have changed?
Thanks for looking into it!
For the Scaffies admin team,
Brandon
Here the technical configuration / versions:
Dedicated (powerful) managed server on Linux
WordPress Version 4.6.1
WordPress DB Version 37965
Multisite No
Active Theme DynamiX 5.3
Active Plugins:
Akismet 3.2
Arrowchat WordPress Integration 1.0.2
bbPress 2.5.10
bbPress Topic Thumbnails 1.2
BP Custom Background for User Profile 1.0.5
BP Profile Message UX Free 1.5
BP Recent Profile Visitors 1.1.3
BP Registration Options 4.2.12
BuddyPress 2.7.0
BuddyPress Activity Plus 1.6.4
Buddypress Friend of a Friend (FOAF) 2.6
BuddyPress Friends On-line (FOL) 0.4.3.1
BuddyPress Members only 1.3
Buddypress Messages Spam Blocker 2.5
BuddyPress MyMood 1.7
BuddyPress Polling Plugin 1.0
BuddyPress Registration Groups 1.1.2
BuddyPress Sitewide Activity Widget 1.3.2
BuddyPress Social Icons 1.0.2
CDN Enabler 1.0.3
CM Answers Pro 2.1.6
Contact Form by BestWebSoft 4.0.3
Contact Form Multi by BestWebSoft 1.1.9
Dev4Press Updater 3.3.2
Easy Polling Plugin 2.5
EU Cookie Law 2.9.3
Events Manager 5.6.6.1
GD bbPress Toolbox 4.4.2
Google Analytics Dashboard for WP 4.9.3.2
Huzzaz Video Gallery 7.3
Jetpack by WordPress.com 4.3.2
Login Widget With Shortcode 5.5.3
MediaPress 1.0.6
Pixel Jar BuddyPress Honeypot 1.1
Rating-Widget: Star Review System [Premium] 2.8.0.1
Simple History 2.12
Slider Revolution 5.2.5
Soundcloud is Gold 2.3.2
UpdraftPlus – Backup/Restore 2.12.23.22
User Role Editor 4.28
Wordfence Security 6.2.2
WP-Ban 1.68
WP-DBManager 2.78
WP-Mail-SMTP 0.9.5
wp-Monalisa 3.7
WPBakery Visual Composer 4.4.2
Better to prevent spam users to register at all. There are a lot of plugins, that help with it.
I use WP-SpamShield successfully on a BuddyPress site.
Yeah, the use case for me is because I have a default group that everyone joins automatically. What has happened is when a spammer joins, they’ve been posting in this default group right away. Yet I need people to join this group!
Hi, I need to know if there is a code or anything to advise the user after that he submit the registration ( so past the complete registration step ) that an email with a confirmation link has been sent in order to activate the account ect. because at this stage once the registration has complete it is usually redirect to the main page without further notice, as a confirmation email can go into the spam ect. so a text to remind of what to do or to check would be beneficial and so common really…
Thanks
Wordpress 4.5.4 | Buddypress 2.6.2
Hi @julia_b
I chose not to add an @ all command because it would be easy for a user to spam people.
@ friends is supported though. Hope that helps!
What is the error you are getting?
The user should get an email with and activation link
By the way, this activation email sometimes ends up in the Spam bin on the users email, one fix to this is to set the outgoing email address used for this email using a plugin such as https://wordpress.org/plugins/cb-change-mail-sender/
Hi,
See first here and check this very old snippet (3 years). Untested.
Hi,
I want to create a small spam button and allow the normal users to report spam activities that I want to appear in the backend activity page where admin can monitor reported spam posts/activities. Can you please tell me which hook should I use to allow normal users to report posts/activities as spam?
Isn’t possible at the moment.
My site is getting heavily brigaded by spammers
Sorry for you, but adding moderation to status wouldn’t avoid spammers signicantly.
Have you installed WP by following some basic security recommandation ?
Do you use some anti spam plugins ?
How many members do you have and to what do you estimate the amount of spammers in regard of them ?
Have you inactive users in the list ?
Are you on a MS or single install ?
Maybe you could also blacklist some words from updates publication.
Similar to WP’s ability to hold new comments in moderation unless a user has at least one comment approved – how could I achieve that with BP features? My site is getting heavily brigaded by spammers and I have no mechanism to slow it down.
Hi @dnicu26
I can’t immediately see why that should be stopping the emails. Can you remove the snippet and test again, see if the emails resume sending?
Are you talking about the plain text email that you get from WordPress that says something like a “new user registered on your site”? I assume this has always worked in the past — how many such emails have you received? 10s? 100s?
Can you also please check your spam folders in your email?
Finally, are you using Multisite or regular WordPress?
Thanks Mohamed but your function removes the exclusion of spam users.
I have 6822 users in my db – none of them are spammers (user_status != 0)
The MEMBERS tab still shows only 5724 members.
Does it mean that 1118 members have NOT yet connected and logged-in to the site ? (they are not in pending list in ADMIN)
Is there a way to get the MEMBERS tab to count the same number of members as the ACTIVITY page ?
Moderators can mark replies on bbPress as spam, but is it possible for moderators to access http://www.site.com/members/username/settings/capabilities/ so they can mark them as spammers to ban them? So far only admins can do this.
This won’t help your spam issue, that’s another matter, but it will remove the user registration updates on your activity stream (among other activity types, depending on how you configure the plugin)
https://github.com/lenasterg/buddypress-block-activity-stream-types-ls
I have read through a great portion of the topics but I haven’t come across anything useful.
On my website we use bbpress but I haven’t been able to maximize the use of site wide activity because spammers are landing on the site and spamming new and existing members. I have managed to trace it to a feature in the activity stream that displays when a member registers for the page and also when they update their profile settings (picture, bio, etc). I would like to find a way of removing member profile activity and registration from the Site wide activity stream but I can’t find anywhere in the bbpress setting that will do this? I would like to prevent this from ever appearing in the stream. My only option at this point is to manually go and change the display settings for each post. This just isn’t possible for me to stay ahead of this?
Can anyone offer any suggestions on how to remidy this problem? I should also mention I am not a programmer but I do have access to one so any advice would be extremely helpful
– checked- theres only one Activity page
– resaved permalink structure
– i dont use custom code, but activity+ plugin
– i use quiet a bunch of additional plugins:
–BoweCodes
–Buddypress
–DisableFeeds
–DownloadManager
–DynamicWidgets
–EventsManager
–GoogleAnalyticsDashboard
–GoogleFonts for WP
–HungryFEED
–LayerSliderWP
–Mediapress
–Members
–Metaslider+Pro
–myCred
–myCredHookBP
–PageBuilder Siteorigin
–PaypalDonations
–Peters Login Redirect
–PHP Text Widget
–SimplePress
–Siteorigins Masonry
–SpamProtect by Cleantalk
–TablePress
–Wordpress VideoGalery
–WP FullCalendar
–WP Lastlogin
–WP TwitterFeeds
–WP ULike
–WP touchmobile
Hi,
buddypress.org use BuddyPress and bbPress plugin for the forum part (with some BP Ninja’s customization).
But note that BP activity comments are not forum topics – even if both may “look” like a discussion tread.
To get a similar behave, install bbPress as sitewide forum.
or to get a more indeep integration with your community members, use BP (member) groups and install a forum in some groups. By doing it this way, you can have thematic discussion groups, where not only the discussion is thematic, but where also the participant are sorted.
In other words, an “ordinary” forum can be categorized. With BuddyPress, a forum can be categorized, but members can be grouped, related to the group they belong to (is the group has a forum of course).
Note also that many BP user’s don’t use a group forum because group members can discuss via the group activity. This is very common, but only if you don’t care about forum fonctionnalities like sub-forums, moderation, spam/ham or rich edit for example.
I am currently using the GameDay theme and after installing buddypress I now have two pending lists when I go to my users. this is causing issues with my registration process. I tried switching themese and still have pending link show up twice.
I have attached a screenshot here.
I also have deactived all other plugins except buddy press.
Can anyone help point me in the right direction as to what would be the cause here ?
It is not going to their spam eitherโฆ. Just not emails going out. I notice the weird two Pending list when i go to the users page which I do believe is the reason.
Now I am just unsure why it would be showing two.. If I deactive the bbpress plugin things go back to one pending list and all workโs ok.
Once I reactive Buddypress. Things stop working
Many thanks in advance
It is not going to their spam either…. Just not emails going out. I notice the weird two Pending list when i go to the users page which I do believe is the reason.
Now I am just unsure why it would be showing two.. If I deactive the bbpress plugin things go back to one pending list and all work’s ok.
Once I reactive Buddypress. Things stop working as JT first described