Hello,
Unfortunately after the latest bp update Version 12.0.0 I am inundated with spam sign ups!
Previously, it was possible to delete the registration page entirely, which I had tdone because of excessive spam registrations.
However now BuddyPress pages are no longer accessible in the network admin panel & BuddyPress Settings. I even tried addding an obscure page name slug in the urls section of buddypress settings, but I’m still inundated with spam sign-ups.
I use a plugin https://wordpress.org/plugins/user-registration/ to navigate around the weak registration page and I am still using it except that I have the main buddypress registration page causing sign up problems which I cannot fix.
Perhaps I’m overlooking something. If so, could you provide suggestions on how to secure the BuddyPress registration page or eliminate it completely which I would almost prefer to do as
I’ve never been able to customize it and secure it from massive unwanted registrations
Thank you for your time and patience
Mark M.
Previously, it was possible to eliminate the registration page entirely, which I had to do because of excessive spam sign-ups. However, after the latest update, I attempted to delete the page, only to find that BuddyPress pages are no longer accessible in the network admin panel. I even tried renaming the registration page to something obscure, but I’m still inundated with bot and spam sign-ups.
Is the BuddyPress team aware of what I perceive as a major setback in the latest update? Previously, I used a plugin (https://wordpress.org/plugins/user-registration/) to navigate around the weak registration page and I am still using it except that I have the main buddypress registration page causing problems which I cannot cancel. Perhaps I’m overlooking something. If so, could you provide suggestions on how to secure the BuddyPress registration page or eliminate it completely which I would prepare to do as
I’ve never been able to customize it
Mark M.
I have multiple non-Admin test accounts at my site that I use to test user experience. I’ve tried the passwords that should work to log in, to no avail. When I try to reset the password from multiple angles (using the password reset on the site, and from the initial signup email), I’m not receiving a password reset email. (not in spam folder either, and it’s been multiple hours since the first reset attempt)
In addition, when I try to log in from the site’s forum login button, it says “Method Not Allowed”.
I have Buddypress 12.0.0 and just installed the BP Classic plugin which didn’t solve either issue.
Pirates with Ben – About Pirates CSG
Thanks for any help!
Ben
Good evening
When I send out invitations to join my site via Buddypress Invitations
THe invitations are going straight to people’s SPAM/JUNK folders
This defeats the purpose of sending invitations
Does anybody know how I can fix it?
Kind regards
Richard
07943321470
Thank you for your message
tried Sendgrid – then none of the inviatations reached the email address
Mailgun and Elastic Email woudln’t set up properly
any other way to avoid spam folder?
You can use any SMTP plugin with third-party email providers like SendGrid, Mailgun, Elastic Email, etc. Having a dedicated IP can increase email deliverability and reduce the chances of landing in spam folders.
Good evening
wondering if somebody can help me?
I’ve sent out invitations to people’s emails to join the buddypress network on my website but the emails are going straight into people’s SPAM/JUNK folders
is there any feature in Buddypress to fix this?
KInd regards
Richard
Morning, sorry I couldn’t find the start a new topic button in the main forum.
I have a problem where If I send out invitations for people to join my buddypress site – the invitation email goes straight to people’s spam folders
Is there a way to fix that?
The Codex mentions here that there is a page in Settings > Email but I don’t see it.
So I have 2 questions : by default, does sending a notice as an admin to all users triggers a mail to be sent?
And if so where do I configure/disable it? With 40000 users I’d like to be able to notify users but not send a load of email spam.
(damn the spam on this forum seems constant, that’s frustrating)
I’m using BBpress.
In fact the website I’m working on used BBpress and i’m trying to integrate that and Buddypress (that I enabled mainly to add private message to the website).
bbpress has the advantage to contain templates that work directly when you enable both plugin.
I’m trying to pull all the information from both bbpress profile and buddypress profile to an existing custom theme profile page but that’s the challenging part.
Hi,
I’m looking to speed up a user’s recording speed.
I’d like the user to register faster by removing the account activation email.
Other methods exist to combat spam.
Can you please tell me how?
@awol I’m not sure whether david00116 is a spammer or not. One of their messages was clearly a spam.
I’ll test Blocksy again with BP 12.0 to see if I can reproduce the activity comment/reply issue.
Removing the activation URL/key combo from the activation email and requiring users to manually copy and paste the key could indeed help slow down spam registrations to some extent. This approach introduces an additional step that may be more challenging for automated bots to complete, as they would need to extract the key from the email and input it accurately into the form. While it might inconvenience legitimate users slightly, it could potentially deter some automated spam bots.
However, it’s important to note that determined spammers might still find ways to automate this process, such as using OCR (Optical Character Recognition) to extract the key from the email. Balancing security with user experience is crucial. Here are a few considerations:
User Experience: Requiring users to manually copy and paste the activation key can be frustrating, especially for users who are less technically inclined. It might lead to a higher abandonment rate during the registration process.
Accessibility: This method might pose difficulties for users with visual impairments or those using screen readers.
Alternate Solutions: There are other methods to combat spam, such as CAPTCHAs, email verification, and behavior analysis. You might consider combining multiple techniques for a more effective anti-spam solution.
Testing: Before implementing such a change, it’s recommended to conduct testing to see if it indeed reduces spam registrations without significantly impacting legitimate users.
As for your request to add “TWITCHAUDIENCESPOTLIGHT,” I’m not quite clear on where you would like to add this text. Could you please provide more context or specify where exactly you want to insert this text?
Hi, I just wanted to let people know that German users have a complete translation now on wp.org when they install or update BuddyPress.
(Until yesterday, while the basic frontend was covered, ~1000 translations were missing)
You may also review my work on this link and submit any fixes you might have:
Lookup buddypress on translate.wordpress.org, avigate to German and select my per-Project
translations there. I am not including links for now as my other topic was flagged as spam.
I am still working on some fixups, if you find anything to comment on, please do,
and submit your improvements if you can (just signup on the page)!
If you need the formal German, reply here, I am subscribing this topic.
BBPress is a WordPress plugin that allows you to add a forum or discussion board to your WordPress website. While it doesn’t come with a built-in private messaging feature, there are a few ways you can add this functionality to your forum:
Use a plugin: There are several plugins available that allow you to add private messaging to BBPress. One popular option is the “Private Messages For BBPress” plugin, which adds a private messaging system to your forum. You can also check out other plugins that are available in the WordPress repository.
Use a third-party service: Another option is to integrate a third-party service that offers private messaging. For example, you could use a service like BuddyPress, which offers a range of social networking features, including private messaging. You can integrate BuddyPress with BBPress to add private messaging to your forum.
Custom development: If you have the technical skills or can hire a developer, you could also develop a custom solution to add private messaging to your forum. This would involve creating a plugin or customizing the BBPress code to add the functionality you need.
Whichever method you choose, it’s important to consider the security and privacy implications of adding private messaging to your forum. Make sure to implement appropriate security measures to protect user data and prevent spam or abuse.
so much spam and no way to report it…
anyone able to help fix this error?
I’m trying to make registering on the site require a passphrase to complete the registration (a form of spam filtering / needing to be human).
when I go through the steps, to register, the field is there, and if entered correctly, it works, but if it’s blank, or just wrong, it just kicks me to a white screen error with:
“There has been a critical error on this website.
Learn more about troubleshooting WordPress.”
It would seem something is wrong with the error handling in my function. help?
function bp_add_passphrase_field() {
?>
<div class="register-section" id="profile-details-section">
<div class="editfield">
<label for="passphrase"><?php _e( 'What sport do the Steelers play?', 'buddypress' ); ?> <?php _e( '(required)', 'buddypress' ); ?></label>
<input type="password" name="passphrase" id="passphrase" value="" />
</div>
</div>
<?php
}
add_action( 'bp_before_registration_submit_buttons', 'bp_add_passphrase_field' );
// Validate the custom passphrase field on form submission
function bp_validate_passphrase_field( $result ) {
// Set the desired passphrase
$correct_passphrase = 'football';
if ( $_POST['passphrase'] != $correct_passphrase ) {
$result['errors']->add( 'passphrase_error', __( 'The passphrase you entered is incorrect.', 'buddypress' ) );
}
return $result;
}
add_filter( 'bp_signup_validate', 'bp_validate_passphrase_field' );
?>
Not sure if your issue was the same as mine but we got 600K spam registrations because they were finding this url… /wp-login.php?action=register which was different than our Buddy Press Registration form: /register .
Even though we had Recaptcha, etc the query page was not protected. We ended up creating a redirect to the /register page.
I am using the following:
WP Version: 6.1.1
Permalink: /%postname%/
Active Theme: BuddyX 4.4.5
Platform: Windows
Browser Name Chrome
PHP Version: 8.0.7
MySQL Version: 5.5.5
The plugins I have are these:
Activity Plus Reloaded for BuddyPress 1.0.8
Akismet Anti-Spam 5.0.2
BP Friends Suggestions Widget 1.1.0
BP Profile Search 5.4.7
BuddyPress 11.0.0
BuddyPress Activity ShortCode 1.1.8
BuddyPress Extended Friendship Request 1.2.1
BuddyPress Global Search 1.2.1
BuddyPress Login Redirect to Profile 1.2.3
BuddyPress Profile Completion 1.0.8
BuddyPress Simple Terms And Conditions 1.3
BuddyPress Xprofile Custom Field Types 1.2.5
Classic Editor 1.6.2
Classic Widgets 0.3
Colorlib Login Customizer 1.3.1
CookieYes | GDPR Cookie Consent 3.0.8
Custom Font Uploader 2.0.0
Duplicator 1.5.1
Easy Registration Forms 2.1.1
Force Login 5.6.3
GEO my WP 3.7.2.1
Kirki Customizer Framework 4.0.24
Quick and Easy FAQs 1.3.6
Shared Counts 1.4.1
Verified Member for BuddyPress 1.2.6
Wbcom Designs – BuddyPress Member Reviews 2.8.3
WordPress Username Availability Checker 1.1.8
I have configured a new Register page using ERForms. I’ve created just a wordpress page which has only a shortcode to the ERform.
I’ve set it at buddypress settings-> Pages -> register. Buddypress is redirecting to the wordpress regitration page instead of my page.
I’ve also changed the redirection at buddypress setting to whatever page (for example my FAQ page) and always redirects to the wordpress registration page.
I’ve tried also deactivating all plugin but buddypress and ERforms and no, buddypress is always redriecting to the standard wordpress registration page instead of what I am setting.
Any hint / idea what to cope this problem?
Thnks in advance
Anonymous User 18187419Inactive
Hi, site is 3 years old, 13,000 members, approx. 1100 active daily, but not a single instance of multiple-user spam-messaging, forum spamming, blog comment spamming, etc.
The site is a (very mild) NSFW dating site, niche interest, so is a prime target for bots, but so far no big issues.
If you want to compare ideas/methods then please provide some form of contact, happy to provide info in private.
TBH this was just an idea I had while looking at the scope of possible ways to stop spammers/bots. I’ve implemented a few things already like reCaptcha, Ban Hammer, redirects, honeypot. You’re probably right that many of the bots are stopped at the Activation step IF they are using a disposable email. I assume smart ppl would have developed a way to activate spam accounts if needed. Then again maybe they just go for the low hanging fruit.
I am curious though how you’re so sure bots aren’t registering? I have about 1,200 registered users and the vast majority are Gmail address. Alot of them look suspicious, like Username: dien01234567 Email: dien0134567@gmail. I have a very eclectic audience, so I have to be careful which email services I block. But even so I can’t believe all these Gmail users are real…
Would removing the activation url/key combo from the activation email (forcing user to copy/paste the key) slow down spam registrations?
It seems like it is very easy for bots to activate the account because the key is automatically inserted into the form and activation proceeds. My thought is that forcing the user to copy and paste the activation key would thwart some bots. Obviously this user experience is less ideal but if it stops bots I’m willing to do it.
Any thoughts or experience with this?
hi @imath – I wanted to offer to moderate the support forums given there seems to be spam almost every day.
I moderate a separate community so it would be no burden to me to help keep BP Support Forums spam free.
Is there any way for me to talk privately with one of the mods on here?
Pinging some of the folks who have been recently active: @imath @shanebp
Thanks
