BuddyPress.org

Thank you for your reply,
When I hover over the one user that is not an admin I get to see ‘spam’, so it looks like WordPress does not see it as a spammer. the other user is an admin, so why on earth would Buddypress mark that as a spammer?
I registered a new user and it is marked as spammer right away by BP, WP does not because I can click the ‘spam’ button from the users list.

I installed BP on my other local test site and there it works fine….
I guess you guys need more info so please let me know as Im really in need of solving this.

Thanks!

Hi

The index.php file is clean, …

I used the plugin “Change DB Prefix” which enables a db prefix table change & in wp-config.php with a click. Good since the db has 175 tables 🙁 … ;), thi sbeing a community site with a number of functions.

I added BuddyPress-Honeypot, … but does it not matter it seems to have had no changes since 2012?

I temporarily disabled Wanguard to see if the 2 steps above + existing antispam plugins can handle this. Will then see about the .htaccess issue tomorrow etc.

Many thanks & kind regards

Hi

Thank you for all the responses.

Well, the issue of spam registrations & comments with the above mentioned plugins in addition to SI CAPTCHA Anti-Spam, Wordfence Security (?), etc had worked for months & was manageable, occasionally getting something in sometimes after weeks. I also blocked all IPs of spammers who would tried to login, etc.

A few days ago, though I started getting a barrage of bot-registrations + groups with bogus content created. New registrations would come in as soon as I deleted some.

Since it was late in the night in the middle of a very busy period, I thought someone probably getting similar issues could mention some quick solution I could find the following day.

It was not my first time in the forum. Some of the above solutions were found through searching the forum, which i agree should be the first step.

So far – in addition to the above plugins I first added JP User Registration Blacklist, WP-SpamShield and also reluctantly disabled user group creation. (Is there a plugin that enables moderation of user created groups, allowing the moderator to approve user created groups?)

That stopped the group creation, but spam registrations continued coming. So like recommended above, installed Wanguard, though this being a small site which currently gets in very little income, it is not yet worth paying for it. I hope the free wanguard account can work for a while.
That since yesterday only let in one or 2 registrations by some criminals, this being one of them – details shown by some plugin:

Benutzername: clairmcconnan

E-Mail: synfhongegizi@mail.ru

Angezeigter Name: Claire McConnan

Vorname: Claire

Nachname: McConnan
….
IP Address : 107.181.70.207
Reverse DNS : 107.181.70.207
Reverse DNS IP : 107.181.70.207
Reverse DNS Authenticity : [Possibly Forged]
Proxy Info : No Proxy
Proxy Data : 107.181.70.207
Proxy Status : FALSE
HTTP_ACCEPT_LANGUAGE : en

Names & emails suggest they mostly originate from Russia.

danbp suggested using .htaccess to block Ru-based submissions. I will look into BUT – on an unrelated Drupal-based site, I ever had a much more serious attack, with as many 25,000 attempted login/post attempts a day(!), which were blocked by the Drupal mollom plugin BUT that constantly filled some DB table, probably logging visits/attempts, to several 100MBs a day, causing me problems with the webhost. Source of attacks was Russia, ukraine, China & Poland.

The only solution that worked was adding literally several 10,000 lines of complete IP(blocks(?)s from those countries I got from some site to the .htaccess that blocked them out. Only that helped.

Later on, though – months on, the web host removed that .htaccess file, because my site account was supposedly overusing server resources. I am not sure that had anything to do with the IP address lines in the .htaccess file, but the good thing is that a similar attack has not happened again.

An .htaccess solution that only involves naming a country ( … ^(.*).ru/(.*) …) & not its thousands of IPs would of course be great & preferable, but I will do a search & see. My site does not need a single Russian & so can do without the country.

Ultimately, for the time being – what I would need is a functioning free solution until the currently small site can pay for itself, later on. This particular site had not had anything similar in over a year, assuming Wanguard cannot be used …

Anyway, thank you all.

I’m sorry I can’t do that.

I’m my register.php page there are two <div . <div id="my-custom-registration"> and <div class="register-section" id="basic-details-section"> :

Mod Edit// tinypic link removed as too spammy and using re-directs to other sites.

I’m trying to do that in CSS with “#my-custom-registration” and “#register-section”, but no luck.

Sorry for my ignorance

Ok I found it… After changing 2 default settings for spam from ham_only to false it works and shows everything now.

But I can’t figure out why they are marked as spammers in the first place after the 2.0 update.

Ok here I found this:
“Added new “hide_spam” parameter to the entire Activity template loop stack; defaults to true, except if specific activity items have been requested (for backpat reasons).”

I found “hide_spam” in 3 files in buddypress but it’s already set to false? How can I disable this option?

Is it here in bp-activity-template.php:

// If a user is a spammer, their activity items will have been automatically marked as spam. Skip these.
if ( $comment->is_spam )
continue;

$user_ids[] = $comment->user_id;

or here

@type string|bool $spam Spam status. ‘ham_only’, ‘spam_only’, or false
* to show all activity regardless of spam status. Default: ‘ham_only’.

Yes I thought so but one of the first things I tried is to disable all plugins except Buddypress and it was still happening. I tried it again now – bbpress error is for something else it seems, as users still get marked for spam even when it’s disabled.

Yes it was a typo, I meant “is_spam”. Yes I tried switching and the same thing is happening, it’s not for all users, but most have the problem. When I mark for spam/unmark in the users list their old activity shows up (when they were marked for spam, and it’s reset to 0 in the table), but as soon as they log in and try to post it goes back to marking their activity as 1 in is_spam column, and not showing anything (and not giving them access to bbpress forum also).

In phperrorlog I get this error:

WordPress database error Unknown column ‘spam’ in ‘where clause’ for query SELECT ID FROM lb_users WHERE ID=1 AND spam != 1 made by require(‘wp-blog-header.php’), require_once(‘wp-includes/template-loader.php’), include(‘/themes/Cinematix/bbpress.php’), get_sidebar, locate_template, load_template, require_once(‘/themes/Cinematix/sidebar.php’), dynamic_sidebar, call_user_func_array, WP_Widget->display_callback

Yes I’m using a custom Buddypress theme (Cinematix) but it’s updated to the newest version and no one else has that problem. bp-custom.php doesn’t exist. I tried switching the theme also and same thing is happening.

Is there a way to disable buddypress flagging users for spam, so that is_table field isn’t being set to 1?

sorry for spam.
And thanks @bphelp . And i see your BP Remove Profile Links. He is great !

BUT Now

in profiluser page i have the FIELD3:

<tr class=”field_3 field_poste-occupe field_type_textbox”>
<td class=”label”>Poste occupé</td>
<td class=”data”><p>poste occupé cest ca</p>
</td>
</tr>

i would like “include” the <td class=”data”> content in your Code ‘field-name’ : $bphelp_my_profile_field_3=’Field-Name’;

thank you.

and sorry bad english im french ^^

Please note: i have no legitimate users only spam!

What I think I’ve learned:

wp_bp_messages_recipients needed some work before spam content was safely deleted

not paying attention to wp_bp_messages_recipients, and simply deleting data from wp_bp_messages_messages and wp_bp_notifications …meant that when bp_get_the_thread_recipients is called, subsequent conversation IDs got confused with data left over in wp_bp_message_recipients, and additional recipients were pulled into the conversation.

This was pretty much the worst possible thing that could happen on a social network (especially a dating site) so, hopefully these notes help someone else. This occurred as a result of my deleting message spam (in an incomplete manner) so hopefully there are some qualified plugins for spam prevention and message moderation that I simply haven’t stumbled upon yet.