Once registered you have no other choice as to remove them manually.
To retain spammers, there many plugins and methods. Afaik none is the perfect solution and in many situation, you’ll need to use a mixed protection.
There many topics on the forum about spam… Search them and make your opinion.
That said, you might follow some basics to harden WordPress, which is a good debut (table renaming, ban “admin” as username, etc). After that, a bunch of anti-spam plugins will calm down their activity on the site. (ban-hammer, buddypress honeypot, etc) Also keep in mind that you won’t probably never avoid spammers. But there is a big difference between 2 spam/day and 1000/per day. 😉
This page has my own suggestions to try to avoid spammers, this combo dramatically cut down on the number of spam registrations and those that get through I hold them in a queue with BP Registration options a ban then based on discrepencies in their registration information.
I don’t so understand what I should to do.. can you elaborate please? or some simple tutorial?
I could try writing a simple guide tonight if you like, might take me some time though depending on what else comes up.
One thing I can say is that before I put in these measures I was getting at least 50 spam registrations a day, I now get 1 a week and this is a human who is trying to register with the site purely to spam, to find these out you have to ask then where they live, they always lie but the IP address does not, so that’s one way of vetting spammers before you allow them onto your site.
Of course with these measures there is always the chance that you are turning down genuine member requests…. It’s a balance.
Nice tutorial @venutius !
Why not add it to the codex too ?
Is that the sort of thing the codex would cover? I thought there might be issues with mentioning specific plugin’s, you know like official endorsement?
Spam is a serious subject, not a taboo. WordPress codex talks about. Why shouldn’t BP do the same, specially because it can drain spam which need special attention ?
If you read Hardening WordPress, you will find a lot of references to third party plugin. I don’t believe there is an issue, if you mention wordpress plugins available on the plugin repo. Even premium plugins can be mentionned i think, as long as you specify they are premium.
OK I’ll run with it on my site for a couple of weeks, see if there’s any feedback regarding it’s recommendations and then when it’s more solid I’ll put it in the Repo
I would sugest No CAPTCHA reCAPTCHA plugin which works with BuddyPress registration. You’ll hit the root of the problem.
Hope this helps.
I suggest an anti spam plugin, the one im using is cleantalk