BuddyPress.org

Closing this thread per Jeff’s comments, I think discussion should continue in the thread that Stas’ linked to.

As @sushkov states, the issue of spam in BuddyPress is currently being discussed in depth. Please search before you create a new thread. There are many threads on the same topic. Creating a new one does not help.

Hi,
there’s an interesting thread started on this subject:
https://buddypress.org/community/groups/requests-feedback/forum/topic/here-come-the-spammers/

Awesome.

The issue of spam will be one of the topics discussed at this week’s dev chat on Wednesday. There should be more to report after that chat.

It’s my belief that the footer link plays a bigger part in the problem than is given credit for at least it was the last thing I implemented (removing) and appeared to have a significant impact. One thing I think people should stop putting forward is this notion that adding custom fields to sign up makes a difference, it doesn’t! and is obviously and emphatically demonstrated by the fact that spam bot signups manage to fill all fields with garbage including user created ones but as you would expect.

interesting:

2) How do spammers find BP communities?
Using Google.
Example: http://www.google.ca/search?hl=en&q=%2B”is+proudly+powered+by+WordPress+and+BuddyPress”; (front page of every BP site on the net)
Example: http://www.google.ca/search?hl=en&q=inurl:%22/community/members/%22+%2Bbuddypress (members page of every BP site on the net)

I have two open test BP installs (one wp_user linked to my blog domain) and changed the standard footer. Not a single spam sign-up (just hashcash installed)

Has there been any more movement on this front?

The issue of spam registration and posting is well discussed. If you want to learn more about some proposed measures, please read this thread: https://buddypress.org/community/groups/requests-feedback/forum/topic/here-come-the-spammers/

@stwc and everyone else.

I’ve been experiencing problems with spammers constantly, I would get about 11 a day, (at the minimum). I’ve tried several things, reCaptcha, email activation, email domain blocking, etc etc and nothing seemed to help with the bot spammers.

All they were doing was creating users with a few profile fields filled out, so there was no big issue, it was just annoying seeing so many fake users on the site.

So all I did out of the suggestions here was enter the code provided for the .htaccess file :

# BEGIN ANTISPAMBLOG REGISTRATION
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .yourbpsignupslug*
RewriteCond %{HTTP_REFERER} !.*yourhomedomain.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://die-spammers.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION

And it seemed to have worked. For the signup slug, I used wp-signup.php. And so far, for about a day and a half now I’ve only found 1 bot spammer. Drastically reduced, but not quite fixed.

But we’ll see. I’ll post back if there is any change, or after a few days of no spammers.

It blows my mind that this is not a core feature of WPMU, WP, or BuddyPress. It is the most obvious first defense against sploggers and spammer-members.

There is a plugin called Pie Registration that claims to do user moderation of unverified users before they are allowed to post. It seems to be a resurrection of an older (discontinued?) plugin called Register Plus. Find it here: https://wordpress.org/extend/plugins/pie-register/

Will check it out now.

EDIT: It says that the feature “Moderate all user registrations to require admin approval” will only work when Email Verification is DISABLED. I can’t get it to work, though.

Also found this:
“Register Plus plugin seemed to be working fine in 2.9.2, with custom logo and all, but now I’ve just discovered that it only sends the registration email if the registration is done in IE. In Firefox or Chrome the mail is not sent. How can this be?”
https://wordpress.org/support/topic/376015

Had the same problem on all of my installs last night. Temp solution was to shut down all registrations while bp works this out. Between my network of sites, I would estimate 150+ spam registrations. Once in, they were also abusing the pm system. It’s ok though, I’d rather shut it all down for now then to have to manually keep deleting pm’s from the db all day long.

I know you guys are working hard on this issue. It is much appreciated!

As @r-a-y suggests, these look like spam accounts to me.

I guess these could be spam bots inputting data to pass the registration
I know a lot of work is going on now in the background to help stop this
Stay tuned

Could be spam accounts. Are these users doing anything weird on your site?

Ok, I had the same problem, and I got that “Mail From” plugin and it works as far as the From line coming from the community name instead of from “WordPress.” However, emails are still going to the spam folder. Is there no way around this at all?

I see you simply copied and pasted my previous code without adding the rest of the function!

Here’s the full function:
http://pastebin.com/5Pb5VpSz (updated to check if spamlist is filled in)

I think I’ve written the majority of your plugin! lol

This thread should be developer-focused and less “why aren’t you guys doing anything about it?”.

I don’t want to start moderating this thread, but please keep comments focused on combatting spam instead of bickering about it.
We are all aware of the problem.

I must say the SPAM problems are real pain, and for a long time people have been complaining about the SPAM and its been brushed off. I have laid off the complaining and tried to be proactive to fight the spammers off but its really hard to keep up with them.

I think the admins and developers need to start a working group or something and start giving this a lot of attention because if they remain nonchalant about it, it will eventually work enough people’s nerves to chase them away to use some other solution.

The other day I was talking to someone who played with BP a while ago and then dropped it in favour of another solution after the sploggers started coming in.

I have created a group called SPAM Eater where members who are pissed off about SPAM can gather and vent our frustration a bit

https://buddypress.org/community/groups/spam-eater/