BuddyPress.org

I also used this 5 hours ago then deleted 49 spam users so you can bet your *** it works!

@cometchat Do all of the packages have buddypress support on that page? Right now I have the skysa bar which is free so its not as good but I got it intergraded with my site except for the avatar and it dose not have friend support plus Im using there api which means no support as it is alter with the extra code. Im kinda leading towards the $49 but its branded but with skysa it cost me 99 a yr to not have branding. Which I dont plan to upgraded to. i just cant see how someone can pay and still have a branding? Then pay like 70 to remove it? This seems to be more priced to people who have a large site. Now if I had like 300 user I can see buying this but with only 3 of us who dont even use the bar we have now and the countless spam account joining everyday I think I will stick with skype in tell I get a large group of 300. So for now its in my book marks.

Has anyone made any progress with this? Will we have buddypress checking for banned email domains soon?
Will we have buddypress checking for banned domains upon registration and perhaps even again upon activation?
Can someone please add the possibility to add *.info in a way that works
I know this won’t stop all spam and splogs – but I am getting tired of deleting a dozen spammers every day that are mostly from the same dozen domain names that I have added to the block list. This would save lots of people hlaf the splog deletions, and that adds up to a lot of time saved.
BTW – has anyone tested buddypress with TTC Spam Bot Registration plugin (https://wordpress.org/extend/plugins/ttc-user-registration-bot-detector/ )to see if there are any issues? I am guessing it may still be bypassed by buddypress even if it worked in WP?

@elizawhat; Your post made me think, and I checked our (not yet) live site, which does require email confirmation. Mostly I’m thrashing around at home with a local xammp installation, and can’t remember what I did to make the live one require email conf. The plugin linked to below should do it, although it’s not activated in our site..! Something in WP or BP lets you require email confirmation, but I can’t remember what.

https://wordpress.org/extend/plugins/bp-xtra-signup/

Our site is for one UK county only, so would it be possible to put a rule in .htaccess to block any connections not from the UK? (Not brothered about search engine spiders, as it’ll be local word of mouth advertising). Or, is it possible to just block anyone from outside of the UK from signing-up? That would allow others to read, but not register or post.

a few things i’ve done

removed the powered by in the footer (just changed up the wording to WP/BP)
block the crappy browser MSIE ([3456]).
block a bunch of bad bots (something like: http://www.askapache.com/htaccess/blocking-bad-bots-and-scrapers-with-htaccess.html )
block a bunch of CDIR ranges (something like: http://www.wizcrafts.net/blocklists.html )

Okay! This is pathetic. Spam is a real problem for literally all community websites on the internet. Ever since I’ve updated to WP 3.0, spam has become a pain in the anus! So this is my solution, I’m building a spam prevention plugin that is built in flash. Its all using AS 3.0. I’m having issues with Internet Explorer 6. If you use IE 6 or you don’t have a flash plugin or something for your browser then I don’t care. SPAM IS A PLOBLEM. 90% of the people using my site have flash and don’t use IE6. The 10% have to just deal with it.

UPDATE COMING SOON! IF YOU USE IE6 THEN GO LIVE IN A CAVE LIKE THE HOBBITS DO.

Wouldn’t it be cool for a plugin to remove wp-signup.php and xmlrpc.php from a BuddyPress installation in a way that these changes would be kept through an upgrade of WordPress (which now of course replaces the deleted files)?

For those of you that want to directly influence the future of BuddyPress, http://trac.buddypress.org. Make it your friend. Learn it. Love it. Live it. Give it a hug everyday and patch a bug.

The Trac is where you can post code snippets, or giant mega patches of code that you think should be integrated into BuddyPress. You can see the timeline of when people have done what, and see the outstanding bugs that need squashing before we can safely release the next version. The more bugs you fix, the more code you contribute, the more you are directly involved not only in the community, but directly in the future of the platform as a whole.

As incentive to help out, if your goal is to be a developer and make a career out of BuddyPress, consider walking into a meeting with a possible client, and when they ask what your level of involvement is with WordPress or BuddyPress, and you can respond with “I make it,” your chances of securing that client are pretty good. In order to help make BuddyPress, you have to actually help us make it, and you do that via the Trac. I can say this, because that’s how I did it with both WordPress and BuddyPress, and I’m down to help you guys do it too.

There are plenty of people that are highly active in the Trac that aren’t so much so in the forums, and vice versa. Since we moved BuddyPress.org over to 1.2, both Andy and myself have been busy with our own assignments that yes, do involve BuddyPress, but also involve other neat things like the WordPress.com “Like” feature and planning some neat things for a WordCamp.org redesign.

Truth be told, if /anyone/ is concerned about where I am or what I’m doing in regards to BuddyPress or the future of the project, there are at least 10 methods to contact me directly and I am totally happy and not annoyed by anything that has to do with BuddyPress. Drop me a line, let’s chat http://en.gravatar.com/johnjamesjacoby

To answer a few of the questions/comments/statements in this topic: Private Messages are turned off because spam bots have started targeting BuddyPress installations and we were getting hit pretty hard after we upgraded the site. Raise your hand if you got a PM from someone claiming to love you enough to help you with male enhancement. Regarding my absence in the forums, I’ve really just taken on too many clients and haven’t had the time to look backwards at support AND forwards at development at the same time. It won’t always be that way, but it has been lately and I like it about as much as you all seem to too. I love being in the forums and helping people out, and I’m sad I haven’t been able too recently.

Andy is the figure head of BuddyPress and serves as the guiding light of the project similar to how Matt does for WordPress and bbPress, but there is no shortage of capable people in the BuddyPress community that could take this project by the horns and make it their own at any point. I know I’m not Andy, but if I can pretend to be to help anyone when he’s not around, ping me.

Along the lines of what @matt said, I love using @nacin as an example. He stormed into the WordPress Trac and started contributing code and patching bugs. Some were great, and some were rubbish, but he learned as he contributed and within 1 calendar year he has merited his way into being a core committer for WordPress, and contributed something insane; like 60% or more of the commits on the WP3.0 branch are his doing or somehow as a result of his hard work and commitment to the project. While there is only one @nacin, there is plenty of room for any one of you to be very @nacin like.

By the way, if there is an election and I’m voted out, I’m not leaving without a fight. You’ll have to chase me out of town with torches and pitchforks.

I’ve wondered this as well. I mark as spammer, and I guess really one ought to leave them marked as, however I don’t particularly want an ever increasing list of spammers in the DB when I do backups so will go through the list and delete them. Certain persistent spammers are blocked though if you leave them marked, delete them and they are able to register once more.

Ok, so I have another follow up. Apologies to anyone who thinks I’m spamming but I feel like this could be valuable to anyone trying to edit the php files after running buddypress template pack, if you disagree please advise.

So, I’ve determined that editing the /activity/index.php file does not mean that the “activity” page will be affected. My question is, what IS affected when I edit the /activity/index.php file? How can I check my work to see if the edits are working? Do I have to edit all the index.php files before anything changes?

Re: Forum vs. Activity – I have no doubt that it is harder than is seems, but that’s not relevant to the discussion. The issues being discussed are usability. Any good and usable design begins and ends with users… not programmers.

Re: Autocomplete (my pet peeve) – Sorry, doesn’t make sense to me. I’m free to message any member I want but I’m only given help and feedback when typing in friends names. Huh? If I compose a message to a non-friend by putting their username in “Send to” – I have no indication that I’ve gotten it right until after clicking send. And even then, the feedback is not that clear. An error message could be a wrong username or something else. I know you can more easily message non-friends by visiting their profile (instead of having to remember their username and type it without error) and clicking “Send Private Message”… but that only allows for one recipient. As for the spam issue – that’s a technical issue. We’re talking about usability.

And yes… I have tried to create a plugin and I got 99% there – but I’m not a programmer and I got stuck on how to remove / override the existing autocomplete ajax functions. I asked for help here but didn’t get a response. So I had to hack the core Oh well. And for some reason it stopped working the other day. Odd.

Anyway, BuddyPress just seems a little confused when it comes to it’s ideas around Friends, Followers and Members. It feels like an odd mix of Twitter (wide open) and Facebook (walled off).

I also hate buddypress.org since they started to “eat their own dog food”. Ironic. I find is very difficult to find past postings.

bp.org needs a tab with forum topics started similar to the “My Topics” tab on the forums tab available on a stock BP install.

The whole “eat your own dog food” logic doesn’t really apply well on a site like bp.org because bp.org is not supposed to be like a social site. It’s more of a developer community that isn’t activity stream centric. Even Facebook uses an older version of PunBB for their developer community, FB doesn’t eat their own dog food.

—

And the whole “comment on a forum post in the stream *OR* in the original thread” is absolutely insane. When a user makes a comment… don’t make them THINK about where to make it. They should just make the comment and it should show up in *BOTH* places.

I brought up this issue a long time ago when BP 1.2 was being built. Easier said than done I’m afraid. That’s why there’s a “disable activity commenting for blog posts and forum threads” in the BP admin area. If it was easy, I’m sure it would have been implemented.

—

It also drives me crazy how you can message anyone by typing their username in “Compose > Sent To” but only your friends show up in auto-complete. Makes no sense

Actualy, it does make sense. You’d most likely message your friends for the most part. This also helps prevent PM spam. If you really wanted to message someone, you could go to their profile page and message them. Or if you intend to message them more than once, become their friend.

Your request could be extended via a plugin (which doesn’t exist yet!).

I’m having the same problem. Is there a way to go into the database and change their status? How do I do that?

THanks.

Now… my spambusher script gives me some very rudimentary statistics… and in the 2 days and 9 hours since that post above, the number of spam registrations has gone up 50%… but the number that I actually delete myself has gone down by about the same number

Which tells me two things:

1. People or bots are actually following the link above and tripping the spambush

2. Links to buddypress sites from buddypress.org are just ASKING to be spammed

There’s a fairly simple and foolproof method to automate spammer deletion. It’s easier to let them in and then delete them automatically than to try to stop them from registering in the first place. Otherwise it becomes an ‘arms race’ type of thing, as well as a game of keep-up-with-BP/WPMU-changes if you try to integrate it.

See it in action at http://visarus.co.uk/bp-spambusher.php – every time you visit that page you will be cleaning up spam registrations for me I can put it on CRON if I want but I enjoy the satisfaction of seeing how many registrations I’ve deleted 40 in the last 24 hours.

Spammers target all social networks. They literally overran an elgg site I have and I’m rebuilding with WP/BP. A few still get through with the latest BP and anti-spam and custom profile fields, not a lot, two or three a day, but that’s nothing. I found about 600 in my first month in my users that never made it to the surface. As for the few that did, having a couple fill in custom profile fields is really helpful. The bots that do sneak through fill those two spots with gibberish, in my case age and location, so it’s easy to identify spam members.

check if your activation e-mail lands in the SPAM-folder of the recipient.
I am not sure why, but most of the time the e-mail with the activation-key is landing in the SPAM-folder…..

@zlamczyk: I think we are trying to work on the same thing.
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/disable-activation-email/

I am getting spammed (bad) and they are simply using the activation email to approve themselves. My thought was just do a manual approval to either “activate”, “send activation email” or “delete from wp-signup”.

I have modified manual member approve for BuddyPress so I can see the signup table and manually approve members.
http://mattkern.com/wpmu-manually-approve-new-members-on-local-install/

I just need to stop the automatic sending of the activation email. Do you know how?

I’ve simply tried commenting out the following line in wp-core-signup.php to test, but it’s not working.
wp_mail( $to, $subject, $message, $message_headers );

This is the function; but for some reason the activation email still goes out.

@hnla and @boonebgorges: I found this plugin a while back and modified it to work with BuddyPress. Let me know if you need it still.

Anyone know how to stop sending the activation email? I don’t want to disable the activation function; I just want to stop sending the email automatically. I want to selectively send it. I figure I would just add this function to the manual approve plugin so I could either:
Manually Approve
Manually Send Activation Email
Delete the Signup

I’m getting killed with spam users (that are easily identifiable)
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/spam-blogs/

Actually… Terry is correct. SPAMers are in fact hiring people from India to fill our registration forms and CAPTCHA’s by hand. They get paid next to nothing and just sit there for hours and hours a day filling out CAPTCHA’s. I’m sure the majority of SPAM comes from Bots… but it’s not all bots. And there is no way to stop a human short of banning entire countries.