Search Results for 'spam'
-
AuthorSearch Results
-
August 26, 2010 at 2:41 pm #90466
In reply to: BuddyPress Spam
pcwriterParticipantI was having 5 or 6 sploggers sign up daily no matter what I did until about 2 weeks ago when I revamped my tactics. Since then, I have had 0 spam signups… not one. Fingers crossed Here’s what I’ve done:
– Removed references to WP/BP in footer text
– Changed the register slug to something unrecognizable that has no bearing whatsoever to the concept of signing up (so even those grossly underpaid 3rd-world human spammers can’t figure it out)
– Installed WPMU Super Captcha to let the nice humans through: https://wordpress.org/extend/plugins/super-capcha/
– Installed WP-Ban to block the not-so-nice ones: https://wordpress.org/extend/plugins/wp-ban/
– Installed Buddypress Humanity as a double-check: https://buddypress.org/community/groups/buddypress-humanity/
– Blocked lists of bad bots in .htaccess as suggested in this post: https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=2&num=15#post-60177
– Added “deny from all” in .htaccess for wp-config.php
– If someone does manage to access the register page through a direct url (without visiting any other page first), they are bumped to a GOAWAY page with the following in .htaccess. .# BEGIN ANTISPAMBLOG REGISTRATION
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-signup.php*
RewriteCond %{HTTP_REFERER} !.examplesite.com. [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://examplesite.com/goaway.html [R=301,L]So far, so good. As I mentioned, not a single splogger has managed to get through in about 2 weeks. If they do, there are 2 ingredients in the above recipe that can be adjusted:
– the captcha image is fully customizable to render bot algorithms redundant (hopefully)
– the register slug can be changed as often as you change socksOn a final note, there are also some interesting tweaks to be found here: http://www.smashingmagazine.com/2010/07/01/10-useful-wordpress-security-tweaks/
August 26, 2010 at 1:14 pm #90456In reply to: BuddyPress Spam
Ted MannParticipantI’m using a custom child theme, so the footer copy has been changed. At the risk of inviting more spam, here’s my signup page: http://injersey.com/join-injersey
I’ve got si-captcha, Humanity, alternate slug, htaccess tweak, and 2 required profile fields. At this point it’s just getting kind of absurd. There must be some kind of backdoor that’s letting them in. Like Matt ( @footybible ), every single one of these spam signups is registering for a sub-blog. Unlike Matt, I offer the ability to register for a town via the Group Registration Options plugin ( https://buddypress.org/community/groups/bp-registration-options/ ) developed by @Messenlehner. Worked pretty well until 2 weeks ago, when we started getting slammed every day at about 2am with spam signups and posts.August 26, 2010 at 7:31 am #90429In reply to: BuddyPress Spam
footybibleParticipant@tedmann when I had the rogue bbpress register file and I was getting spammers sign up I could identify them because under ‘users’ they were listed only as users of their subsites rather than my main site – (which I dont believe is possible through legitimate registration?)
However, last night I had another such registration. Granted, its only one, but I dont understand how they can sign up for a sub-blog without being added to the main site. Which makes me also worry there is another ‘backdoor’ somewhere….
August 25, 2010 at 7:57 pm #90359In reply to: BuddyPress Spam
PisanojmParticipantHave you tried the plugin “Humanity”? Also you can try to add an extra xprofile field that needs to be filled in. We validate e-mails on our site…
August 25, 2010 at 7:09 pm #90355In reply to: BuddyPress Spam
AntonParticipantsi-captcha doesn’t work on my sites. I’m using https://wordpress.org/extend/plugins/wp-recaptcha/ and it seems to stop some of them. Still not a spam free solution.
August 25, 2010 at 5:21 pm #90350In reply to: BuddyPress Spam
Roger CoathupParticipant@tedmann – and changed the default text on the register page?
August 25, 2010 at 5:19 pm #90349In reply to: BuddyPress Spam
Hugo AshmoreParticipant@tedmann have you added all the tricks mentioned? changed footer links? added referer rule to your .htaccess
August 25, 2010 at 4:57 pm #90348In reply to: BuddyPress Spam
Ted MannParticipantI deleted the registration.php file (and have the alternate slug). Still getting slammed with spam signups and posts. Switching to the si-captcha plugin (though I suspect that won’t do anything since the spammers are bypassing the reg form). Any other ideas?
August 25, 2010 at 2:01 pm #90331In reply to: BuddyPress Spam
MarkParticipant@rogercoathup Thanks for the info. I’ll try the some other forums for the other issue.
August 24, 2010 at 9:36 pm #90235In reply to: BuddyPress Spam
Roger CoathupParticipant@mark211 – You can change the slug just by adding the one line to wp-config.php
define( ‘BP_REGISTER_SLUG’, ‘join-up’ );
This thread tells a little more about potential problems: https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/defining-new-register-slug-not-working/
ON the View problem – I think you have posted the wrong URL – it gives a 404 error
Ask this question as a separate thread in support though. Search the forum first of all though, because I think there are some existing threads on this type of problem (view permalink)
August 24, 2010 at 9:17 pm #90233In reply to: BuddyPress Spam
MarkParticipant@rogercoathup no I didn’t change the slug or the default text. I’m not a developer and wasn’t 100% sure how to change the slug. I looked at the wp-config.php but it looks a lot different than Andy’s example on BP org I read. Would I change it under wp-config still? Andy’s posting is from 09. I will go ahead and change the default text. I’ll do anything to keep those bot ******* away. lol. So far Ive been good with the two plugins even though it looks like overkill to my visitors.
Side note. I’m having a problem with viewing status on my activity feed. When someone joins the site or posts a notification and I go to click on view next to the notification, the page it takes my to has issues with the theme. I assume it has to do with my themes template file?. here’s the snipit of code View Any thoughts on how to fix it? Thanks.August 24, 2010 at 7:34 pm #90225In reply to: BuddyPress Spam
Roger CoathupParticipantAugust 24, 2010 at 7:30 pm #90224In reply to: BuddyPress Spam
MarkParticipantFYI, I deleted the register.php file in bbpress last night and I had another 7 spam accounts in the morning so that didn’t work for me. I then installed humanity this morning and I’m using it with the si captcha plugin and the two combined seem to be ok so far. I’ll keep you guys posted.
August 24, 2010 at 4:20 pm #90197In reply to: Spam, Flag, Mark, Notify admin
DSParticipantwell. I meant a little of both
On buddypress.org I can;t find one, and for my own site the plugin mentioned above states: “This plugin is still not released and it’s part of my Google Summer of Code 2010 project. Follow the plugin group on buddypress.org for updates on development.”August 24, 2010 at 4:12 pm #90195In reply to: BuddyPress Spam
intimezParticipantSo other two register.php not be deleted? Want to make sure.
August 24, 2010 at 3:54 pm #90194In reply to: BuddyPress Spam
Roger CoathupParticipanteveryone wants a plugin to solve this. Remove that register.php in the bbPress folder… go on, trust me, it really helps!
August 24, 2010 at 1:51 pm #90178In reply to: BuddyPress Spam
Hugo AshmoreParticipantOh there are many more than that as soon as you start to try and block them a new address will be used
August 24, 2010 at 1:45 pm #90177In reply to: BuddyPress Spam
FilmplayerParticipantis there a plugin that i can use to simply ban certain keyphrases in email addresses from registering? most of my spam signups have the below phrases in their urls, as well as others, i’d like to simply block all of the below them from signing up at all.
buyfioricetnow
junklessmail
trophaeum
picture-movies
stampfreemail
supermailpro
designersmail
freeeeemail
hothdvids
travel1234
freemailme
hotbabesonly
informaniac
belzy
watchathfAugust 24, 2010 at 12:06 pm #90165In reply to: BuddyPress Spam
Hugo AshmoreParticipantNot sure of the process but even if you haven’t got bbpress running locate and remove the file. If spambots are managing to get around hidden fields that should remain empty it suggests they are not using whatever form that protection is on.
For CURL try adding this: (but check carefully things still work!)
# trap curl registration downloaders – block in allow,deny rules
SetEnvIfNoCase User-Agent “^curl” blog_spammer
Order Allow,Deny
Allow from All
Deny from env=blog_spammerBe careful about blocking IP ranges it’s a difficult practice and one that technically you are supposed to notify about in case innocent yet important sites get blocked, you can add further rules to the deny lines above but unless there is a very persistent IP it’s probably not worth it and likely spoffed anyway.
August 24, 2010 at 11:58 am #90164In reply to: BuddyPress Spam
Roger CoathupParticipant@tedmann – have a search on your install for the bbPress folder and remove the register.php file. I guess it doesn’t have to be activated for the file still to be there and therefore usable by the spammers.
It worked like a treat for myself and @footybible
August 24, 2010 at 11:41 am #90160In reply to: BuddyPress Spam
Ted MannParticipantI’ve got the Humanity plugin running on our site, with a semi-difficult question. Likewise, I’ve done the htaccess trick, register slug, and so on. Haven’t blocked CURL requests (how do you do that?).
I never configured bbpress for our site. Even if I haven’t done that, is it possible that register.php file is still lurking somewhere on the site? Are there any more drastic measures I can take? We’re getting killed every morning — not just with spam signups, but spam blog posts. Would blocking the offending IPs (quite a few) be a viable solution?
August 24, 2010 at 9:56 am #90153In reply to: Spam, Flag, Mark, Notify admin
Roger CoathupParticipant@boonebgorges is @kebdarge meaning there isn’t one for this site?
August 24, 2010 at 2:00 am #90121In reply to: Spam, Flag, Mark, Notify admin
Boone GorgesKeymasterThat’s exactly what bp-moderation does.
August 24, 2010 at 1:47 am #90117In reply to: Spam, Flag, Mark, Notify admin
DSParticipantso there isn;t a plugin that adds a nifty button to report inappropriate content directly to an admin?
August 23, 2010 at 4:03 pm #90054In reply to: BuddyPress Spam
Hugo AshmoreParticipantYou’re quite correct it does still exist which I find very odd as I seem to have a recollection of comments that said it would be / was removed.
-
AuthorSearch Results