BuddyPress Spam
-
I’m about ready to ditch BuddyPress. I installed the latest trunk and have the BPDEV anti-spam component with a captcha. Still, people continue to register, bypassing required fields.
The least that could happen is either BuddyPress become compatible with Akismet or enable some registration approval step, where an admin could delete accounts with empty profiles before they go “live.”
-
jwack – since you had such trouble with this even after taking some measures, what was the final regimen you installed for blocking spam?
Incidentally, I still like the idea of getting folks together in a BP Group to attack the issue. I had suggested starting such a group on an IRC chat a few weeks ago, but I see now that there *is* a (small) group someone had set up. If people are interested, we can use that. Or maybe it’s fine to just continue this thread for now, though not having to dig through a few dozen posts has some appeal.
Well things were all good for a month, now I am getting slammed every night from 2-6am.
Can someone confirm this is correct (if my site were ebay.com and my registration page was myslug)…
‘
# BEGIN ANTISPAMBLOG REGISTRATION
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .myslug*
RewriteCond %{HTTP_REFERER} !.*ebay.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://die-spammers.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION
‘Reading back a page or two this is supposed to redirect attackers, I tried entering myURL?something=something but it doesn’t do anything. How can I test this to make sure it working?
Thansk.
Anyone know how to check the above to confirm its doing what its supposed to?
Also, is the 3 supposed to be myslug, or register.php?
Is line 4, just domainName, or domainName.Com?See this previous post in this same thread:
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=3&num=15#post-69499That was the original post I seen, but then I seen
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=5&num=15#post-74351
and there was another version floating around some where that was slightly different. As you can see this version just has .register* and then domainName.*I wasn’t sure which was correct or how to check if its working. Have you ever successfully tested yours?
The code from this post is the correct one:
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=3&num=15#post-69499Replace example.com with your sitename.
And yes, it works just fine on my site; no bots are getting through
But lately I’ve been getting slammed by human sploggers. That’s a tougher nut to crack.Thanks. How do you know if there human or bots?
Humans always fill out required profile fields.
Am attempting to implement some of the ideas from this forum, particularly those from the post https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/buddypress-spam/?topic_page=3&num=15#post-69499
Would really appreciate some guidance in order to do this correctly. Some of this may appear stupid –My Set up is the following-BuddyPress installation on a subsite.
a) Multisite with subdirectories http://examplesite.com/ – http://examplesite.com/subsite1 – http://examplesite.com/subsite2 – http://examplesite.com/subsite3 etc etc.
b)BuddyPress installed on a subdirectory. say on http://examplesite.com/subsite3
c) So that there is a consistent signup interface I have redirected the signup of http://examplesite.com/ from http://examplesite.com/wp-signup.php to http://examplesite.com/subsite3/register via a plugin Quick Page/Post Redirect. Before doing this the signups at http://examplesite.com/ were going to http://examplesite.com/wp-signup.php and from anywhere else were going to http://examplesite.com/subsite3/register.Question 1
With regard to
1)# BEGIN ANTISPAMBLOG REGISTRATION
2)RewriteEngine On
3)RewriteCond %{REQUEST_METHOD} POST
4)RewriteCond %{REQUEST_URI} .wp-signup.php*
5)RewriteCond %{HTTP_REFERER} !.examplesite.com. [OR]
6)RewriteCond %{HTTP_USER_AGENT} ^$
7)RewriteRule (.*) http://examplesite.com/goaway.html [R=301,L]A) In line 4 what do I replace .wp-signup.php* with ? Is it .register.php* ? or is it .subsite3/register.php ?? or is it something else ???
In line 5 do i replace !.examplesite.com. with anything ? say !.examplesite.com/subsite3. ???Question 2
With regard to “changing the register slug”
A) does this mean changing the name of the file register.php ??? or something else ??? and inserting define( “BP_REGISTER_SLUG”, “your-registration-slug” ); with the new name replacing “your-registration-slug” say retsiger.php or with some other name?
Would it then be necessary to go into the plugins like say Buddypress Humanity and change any references to register.php to whatever its name has been changed to or is that taken care of by the define( statement )) ??Question 3
If the site was http://www.examplesite.com/ instead of http://examplesite.com/ would there be any changes to your advice ?Question 4
In my .htaccess file there is already a line “RewriteEngine On” . Do I still include line 2 of the above?Question 5
Is there any particular place in the .htaccess file where the above code should be inserted ?Many Thanks
I am daily getting very much spams on http://placementmantra.net/
no idea how.even tried plugin no use@placementmantra Please stop posting this repeated post immediately. You have now posted approx twelve times to old ‘Spam’ threads in as many minutes virtually. Open A new post or search and ‘Read’ some for methods of dealing with spam issues.
Now closing this old thread as a read only.
- The topic ‘BuddyPress Spam’ is closed to new replies.