BuddyPress.org

@elangley the thing is that whether you have BuddyPress or not, when you have open registration, expect spammers – bots and humans. There are human spammers who are paid by companies to post backlinks in as many websites as possible and those who spam just for the heck of it, and other than making your site by invitation only, you’d have to monitor membership in your site regular and be prepared to cull the spammers.

It’s a requirement of law that email gets run thru filters and may get sent to spam. Might be the email header ain’t right.

Spam is a tough one to crack. Whilst I don’t claim to have the ultimate solution Captcha is a good step then also 1.6 as you said has measures. I also think that encouraging good community policing can help. Testbp is after all a test site so yes there may be some issues different there from an active community.

@modemlooper, changing his profile/username will only show activity going forward, not retroactively

@sp12 what modemlooper is trying to say is that there is a strange feature at buddypress.org which hides your activity stream (due to spam concerns) so a way around it is to change your profile and edit your name field to something else other than 12sp (I changed mine from Synaptic to Asynaptic)

when you make the change you’ll be able to then see your activities on this site going forward, but you will NOT see activity prior to making the change, so your best bet is to recall keywords and then to search google like this (remove quotes of course):

“site:buddypress.org KEYWORD”

and hope that it has been crawled in google.

This “feature” to fight spam has been a source of questions by MANY users here at buddypress.org so much so that it seems the best bet is to either change it or to at least INFORM people once they register that they must change their name/username to be able to see their activity!

No idea why mods ignore this – it would not only cut down on confused questions but also improve usability of the site since prior activity is never shown, even when the change is made.

Hello,

registration process has nothing to do with BP, it’s WP stuff. For some technical answers to your question, be inspired by reading here:
http://www.esecurityplanet.com/open-source-security/top-5-wordpress-vulnerabilities-and-how-to-fix-them.html

To avoid robot resgistration, there is nothing definitve to do at this time. But to get sure you don’t get a robot in your user list, you can add a mandatory field to your registration via custom profile fields.
For example, “city”. Because this field is custom, no robot will fill it correctly. And most will not fill it at all. Each subscription with “doe” as city name or empty city field can be banned and/or erased from your DB. This will calm down spam activities for a while. The price of this is a constant admin work. But consider that a daily managed site is lesser spammed than a site with randomised webmastering each 31th february… And a site with 50 000 unique visitors will be more attacked that a 70 hits/day site. Just the price of glory, nothing to do with buddypress. [exit]

I need that, too !

For ratings — have a look at GDPress and their star rating plugin

You can search for ‘buddypress.org anti spam’ on Google ( search doesn’t work on this forum ), and it should throw up a lot of previous discussion on the subject.

@djpaul also revealed that a coming version of BuddyPress will have Akismet support for activity stream entries (1.6 or 1.7… I can’t remember which).

We’ve never been able to figure it out, partly due to the lack of information we could gather from bug reports like this. Discovering there’s a user_id=0 is new info and is very helpful.

Can you remember if there was any special details about the user who owned this piece of profile data? Did you delete the user? Was it marked as spam before deleting? Any more details appreciated

“CubePoints Buddypress”

Above Plugin “Limits only members with a certain amount of points access to updates & replies”. I am going to give it a try. I find this whole thing as Psychological. Limiting “User Updates” in this era of spamming is “Logical” and most developers are “Psychos”

You’ve got both options covered there.

Firstly i would most definitely implement an email sign up form on your site anyway. Link it up with an autoresponder so that people receive a nice email, or sequence of emails from you when they sign up, so that they build trust and open your emails in future.

In terms of importing your list. When you do that, Mailchimp, Aweber (who ever you go with) records how the list was implemented.

It’s perfectly allowed, BUT if you get spam complaints they will ask you to remove the entire list, or close your account.

I had this once, where I had a list from a trade show I exhibited at.

First mailshot went out to 2000 people, not ONE complaint.

I thought cool, I’ll drop another one a few weeks later.

About 6 weeks later I sent out another mail (only 2 mails in 6 weeks), and 11 spam complaints.

Shows how unpredictable it is. Mailchimp asked me to remove the list or leave.

HAD that list all been double opt-in i.e. they sign up, get a confirmation which they then have to click a ‘yes sign me up’ link on, then Mailchimp wouldn’t have been bothered. We simply cleanse the list of the complainers.

Email marketing and list building is a very tricky business, as you always get the idiots reporting spam which ISN’T spam. This is either thorough laziness or through ignorance of not knowing what that ‘spam’ button does in their email client.

Most people think it just deleted the email, not knowing it actually sends a complaint to their ISP, which thus gets forwarded on to the client that sent it.

You could import the list, send out what looks like an email confirmation link to sign them up to your newsletter that then actually migrates them to another list.

That’s possible, then they WOULD actually be opted in.

You could only send that ONE email to the list you import though, and even then you may get a few complaints.

Other than that, create a blog post that you could make members aware of asking them to sign up, or direct them to the widget sign up form you are implementing.

Not gonna happen overnight but the quicker you dod it, the quicker your list builds.

Haraldo, there is nothing wrong with your install, there is NO built in way to message all users in BP. The site notification will merely place a widget type notice at the top of your sidebar for all logged in users, which thy can then choose o close. It isn’t emailed or passed as a private message.

There are a couple of old plugins for this such as: https://wordpress.org/extend/plugins/buddypress-mass-messaging/screenshots/

It’s an option that is useful, HOWEVER, I would strongly recommend you export your users to CSV. Again export plugins are available and import people into a 3rd party email service like Mailchimp.

This is far better for email marketing, however in itself is a bit tricky, as unless your members have signed up or opted into a list, it’s technically breaking the T&C’s of all 3rd party mail apps.

The problem with sending email direct from your server is if you get people unwittingly or deliberately labelling your mail as junk/ spam in clients like hotmail, yahoo and gmail, the ip address of your server can get blacklisted.

At that point NO mail at all from your server is going to get through to those services, not just for the accounts that labelled you as spam but your server will be blocked and mail won’t reach anyone with a hotmail address etc.

Sounds dramatic but it could kill your community if you aren’t careful.

You should always use a 3rd party.

Rules are still incredibly stringent though. You are generally allowed one spam complaint in every 1000 emails sent.

Hope that helps!

BP Members Avatar Map does use cities and towns which are then translated into latitude and longitude
I use a combination of BP Members Avatar Map for my directory page and BP User Profile Map for individual maps – they seem to work quite well together but do require a ‘Location’ extended field
My member directory and individual profiles are not particularly ‘pretty’ but they are functional
I should emphasise I am still using WP 3.2.1 and BP 1.5.1 You are welcome to visit my site to see how they are working http://www.experiment.vacau.com the directory page is called Locate and you should be able to see the map as a visitor – if you look at the Tasmania, Australia portion of the map and follow any of the avatar links: you should see the profile outcomes.
Most of the other ‘members are spam’ that I am slowly cleaning up but they contribute to my site activity, so I tolerate them.
If you return to the About page you will see a Pulsemaps Visitors map – most of the ‘Australia’ visits are me – but they are from many different places because my IP is dynamic and belongs to my ISP not to me.
Hope this helps.

This article gives some decent ideas (and some less so!):

http://wp.tutsplus.com/tutorials/security/best-practices-for-preventing-buddypress-spam-user-registrations/

Other than that – there are lots of prior discussions on buddypress.org – if you try Google, it will find some pages on this site.

Keep yollering about how it would be nice to have regular forums with search on here @jjj

Is this the page you mean: http://www.enterprisenation.com/become-member/

Is something that can be easily implemented if outlined in a tutorial? Or made into a plugin? I’m sorry to hijack this thread btw, but since spam is obviously a major issue with Buddypress, if sites like the ones you create have found a way around it, you could be helping tons of people if you share, in detail, the way you did this. Or you could at least make a ton of money if you sold it in plugin form.

If you are sure they are not going into the recipient’s junk or spam filter then the following page might help: https://codex.buddypress.org/troubleshooting/frequently-asked-questions/

Hi websitevala,

To add custom fields to your registration page, you’ll need to add xprofile fields. To do so in WP Backend, you should go / BuddyPress menu / Profile fields submenu

And for the other thing, as you noticed emails are hidden, there might be a spam risk reason to that. And as a user, i wouldn’t like to have my email shown on my profile.. So i dont think it’s a good idea.

Just curious, what percentage of those members would you consider spam accounts?

Edit: Presumably a ton since there are 75,000 members but only around 5k Facebook likes and under 10k Twitter followers. Or is your renamed login page and captcha helping immensely?

Found a bug in the code when replying to this. The blacklist option should mark the item as spam immediately. We’ll get that fixed