Si-Captcha was ineffective in controlling spam registrations on my site. I have to delete 10-15 spammers daily.
I tried captcha technique. but some how its not working with my installation. I dont know what the exact reason is. The image is not get displayed. when i clicked on the test link at the Si Captcha settings page, it is redirected to “not found page” ..
But Buddypress test site (testbp.org) does not hold a captcha.. but still it seems that there is not much spam registration. How they control spams without using captcha. Any idea about it?..
I would love to see this, and actually I think it would be prudent to keep people’s activity out of the stream until they have been a member for a selectable amount of time, say 2 days, 3 days, a week. Perhaps even have an option fot amount of posts or something. This would keep the spam blog posts they make from pushing the legit ones off my front page.
I would also like to see this filter turned off if logged in as admin, so we could administer the the spammers better – I often go to my front page and look at the activity stream to find the spammers – so if this filtered my view, than it would be harder to hunt them.
Good idea – maybe a plugin will be created like this one day.
A re-install of the BuddyPress plugin as well as a rehacking of the custom theme seems to be doing the trick, time to turn this ticket off for now.
Update: Seems like the sitewide activity feed is showing the comments that Akismet is marking as spam. Which simplifies my issue, or so I think, how do I filter the spam comments out? Any ideas?
If you like to laught, go here:
http://jeunessarkozystes.fr
a BP site full of spam and splog who support the french president.
Aaaand we’re off topic. This thread is for reporting spammers on buddypress.org, not about how to implement anti-spamming measures on your own site. I am going to lock this thread.
If you are looking to report spamming issues on THIS SITE, please send a message to a forum moderator or find us in IRC chat.
If you are looking to discuss spam prevention on your own site, please make a new post or find an existing one.
Guys, But seriously,, even if the bot-spammer gets through — its still very taxing on my server!
Im thinking of installing “BAD Behavior” but im really trying to limit the stuff I have installed/
any suggestions?
Here’s something else that might interest a few: I installed WPMU Super Captcha over the weekend (running WPMU2.9.1 & BP1.2rc). Since then, there have been no bot signups at all, and the plugin has blocked exactly 50 attempts. Plus, it logs each attempt that it blocks so I can keep track.
I’ve also added a comment on the registration form directed towards human signer-uppers with a support email address just in case. None of the 50 blocked attempts have used it, so…
Bots had managed to get around other plugins I’ve tried before, but not this one.
@Boone, yep, thx !
So i progressed on my site. I downgraded to wp 2.9 and asked (gently) my host to give me more memory.
I have now 25 mb for php and the install is working. But i haven’t installed plugins other than BP for the moment….
If this memory lack is “normal” or “expected”, i would preddict that as soon as WP 3.0 is avaible, 90% of all WP user actually on a shared host, and who udate, will go down. As actually no shared host offers at least 32 mb for php…
The cgi php solution with 64 mo, the new host trend apparently, is more powerfull but is always shared too, which means that i could write at my site entry: open between 3 and 4 am. The rest of the day, maybe my neighbour is trolling on emule and consume the server memory with * db queries on his overspammed fischerman forum… Wouaaaaaaaa ! Nice future…
This means also that from now on, a WP usage with BP is only intended to be on dedicated server.
If this hypotesis is right, this must be annouced to the world and should be mentionned, at least, in the readme file and on the download page.
So i discover that WP, who once was one of the fastest and litest CMS, is now entering in the heavy weight super-pro area, with ultra wide storage capacities, intense RAM consumption and specialized hi-band connection… Whouaaaaaa !
Twenty Ten, a new template but also a very surprisingly year ! 
Thanks for the plugin, however the activity stream is showing spam comments even if they are stopped by akismet
@jeffreeeeey: any luck with this? I’m getting the bp-registration-options.php on line 639
error as well.
The plugin has helped a great deal. I went and modified wpmu-functions.php to add the members profile URL so I could quickly look at the person’s info and either spam or delete them if I thought they were fake. It’s still pretty manual, but faster.
I currently have the option set that people can sign up for groups on the registration screen:
http://tkdunion.org/register
So, I thought perhaps it occurred because I didn’t join any groups. Lots of people get emailed when a new user signs up, so I hesitate to keep testing this. Any suggestions? How did you resolve this issue?
Oh. @Andrea_r –> any way you could point me to that particular Mike Pratt thread?
I was having major problems w/ sploggers. The link Chouf1 mentioned totally stopped ’em dead in their tracks. I think I’ve only had one splogger since, and it was a real person just typing it in somewhere in Thailand, trying to up their SEO ranking or something weird like that. :p
zageek – in another thread @mikepratt mentioned he has a small number of required fields. If you just have the default stuff on signup, yeah, you’ll get flooded.
I have been running BP in Production since well before the 1st alpha release on the same url with the exact same registration slug AND requirements. Nothing is protecting on my site any more than a standard install – no captcha, etc. I can count on my hand the number of spam attempts to register. They are so few, I just delete them and use BanHammer once they try.
How? We have a specific (albeit small) set of required registration fields to fillout. That’s all. I love siple and fast registration as much as the next guy but, unless you want to enforce email address verification and a bunch more, those are your real options.
Changing the slug will work until it doesn’t …which won’t be very long. Consider how that spammer found you in the first place…with a bot – not by randomly coming across your site.. and just like in the matrix, the bots will find you again. 
If you change the signup slug, ie. from to signup to regme, probably that this can be found easely by spammers. But if you change signup to bolimp or domybest or f_12gt_99xpm, probably not. And building a random letter word constructor to spam a wp install is probably too much also… As far as i know, the majority of wp users never look into the code. And robots like majority…
Anyway, the signup table would still exist… and accessing a db is not impossible at all i presume. So the only thing to change is the table name, 6 x by day if necessary. And this is not simple at all.
Happy coding !
Have you read these recommandations ?
http://www.bp-tricks.com/tips_and_tricks/stopping-the-sploggers/
They help in many cases. Really.
Spam is becoming a serious threat to Buddypress. We need to create a dedicated Spam section to help people fight it.
Ever since I posted my site here in the showcase thread I suddenly had a flood of spam
presume my last post got caught in the spam que because of two links, so will avoid this time.
The parent theme is Justin Tadlocks Theme Hybrid & the child theme is down to Patrick of developdaly.com.
I just added the BuddyPress reguired functions to my child theme, loving the functionality of BuddyPress 1.2, still some CSS needing to be worked out, but am happy to share the theme/code if wanted
okay, well that was 2 hours not well spent.
reinstalled the plugin recommended on the wpmu forum, namely collin mcdonald’s WP-Mail-SMTP Plug-in
it doesn’t work, no matter what variation I tried.
I cannot believe that with all the 1,000’s of buddypress users on here that I am the only one with issues about making sure our members get their messages and that they don’t go to spam.
a default server email address like the one I mention here is sure to go to spam in many email programs. …
the relentless search continues
@bowe
Why would YOU put advertising on your site when spammers do it for you for free ?
Top be rich one day, one hour or a few minutes, never forget that time is money
Thanks DJPaul, I find these plugins and don’t advert them,but let people know of them.
I don’t en-dose them or warrant anything only FYI !
Whilst that’s true, I think for those of us who are not great developers, coders or web stylists, having something that shows recognition even if its not linked is a better alternative than just deleting it from the footer…
but of course with the logo I presume copyrighted, it would need to be an offical ‘powered by’ one to be used only for specified purposes.
I’m guessing that those developers who are able to combat the spammers with a greater degree of control then perhaps it is a non-issue.
It was just a thought.
