Skip to:
Content
Pages
Categories
Search
Top
Bottom

How to stop spam registrations (HELP!!)


  • ride2719
    Participant

    @ride2719

    I am being inundated with spam registrations (hundreds).

    Running a network install of WP version 3.7.1
    Running BuddyPress 1.8.1 and bbPress 2.5

    Very generic settings, as far as I know.

    Forums are enabled (it’s a primary purpose for the site)

    I disabled registrations using “Registration is disabled” from the network admin settings/network settings and the spam registrations continue.

    My search of the forum did not seem to bring clarity to this problem (I’m probably missing something) except that it’s a known problem.

    Side issue: viewing users from the network admin section, there is a category called “Users with Unconfirmed Email Address (7168)”. When I click on the link I get “You do not have sufficient permissions to access this page”. Does anyone know how to view this category. I’d like to delete them.

    Please help!!
    Rick.

Viewing 14 replies - 1 through 14 (of 14 total)

  • ride2719
    Participant

    @ride2719

    Follow up comments:

    I am using the theme Prose (child of Genesis) from Studio Press if that matters.

    I would be willing, as a stop-gap measure to manually register people, but the spam registrations are bypassing the “registration is disabled” setting.

    Rick.


    Ben Hansen
    Participant

    @ubernaut

    that shouldn’t be possible something definitely seems up with your installation at least to me.


    shanebp
    Moderator

    @shanebp

    >Forums are enabled (it’s a primary purpose for the site)

    Understood, but try deactivating bbPress.
    If the spam regs stop, you know it’s a bbPress issue and you can post a bug report on their site.

    If they don’t stop, at least you know it’s not bbPress.


    aces
    Participant

    @aces


    ride2719
    Participant

    @ride2719

    Thanks, aces, for your question. Actually I had seen this post before I started this thread, but when I tried the link given in that post, access to index.php was forbidden. I’m assuming if I can’t get to it (with an active admin account logged in) then it’s unlikely that someone else could successfully execute that URL. Please let me know if I am wrong about that.


    ride2719
    Participant

    @ride2719

    Here’s a followup on my progress in stopping the automated registrations. It turns out that my side issue (see my first post) was very important. I found a plugin called “unconfirmed” that gives you limited access to the user records with unconfirmed emails, including the ability to delete them. I had 7100 unconfirmed registrations. The plugin is not fully implemented, so I had to delete them about 20 at a time. (I figured I was not likely to find anything better, so I bit the bullet and deleted 300 groups of records.) Once deleted, the registrations stopped.

    So here’s the analysis: there were thousands of pending registrations. For whatever reason, the automaton that started the registration process either could not respond to the email, or was designed to respond to the emails slowly.

    So, now I have some time to diagnose the solution to the problem without the fear of my data base being flooded with crap.

    Next I’ll try to disable bbPress to see if it’s the problem, but I really don’t want to delete it as I already have several forums configured. I’ll see if I can disable it without deleting it and then turn registrations back on at the network admin level to see if they start up again.


    ride2719
    Participant

    @ride2719

    OK, here’s a followup on my trying to find the source of the automated registrations.

    — I disabled bbPress on the network plugins page.
    — I renamed the following directories:
    wp-content/plugins/bbpress
    wp-content/plugins/buddypress/bp-forums
    wp-content/plugins/gd-bbpress-attachments
    — enable registrations from the network admin settings

    And… the automatic registrations CONTINUE.

    — disable registrations (network admin) and the automatic reg stops

    SO, it’s beginning to look like it is not bbPress. PLEASE ADVISE:

    • Do you agree? Or is there some other possibility that will implicate bbPress?
    • What other possibilities are there for by-passing registration protocols?

    shanebp
    Moderator

    @shanebp

    First you said:
    >I disabled registrations using “Registration is disabled” from the network admin settings/network settings and the spam registrations continue.

    Now you say:
    >– disable registrations (network admin) and the automatic reg stops

    Not sure why things have changed, but it’s a clue.

    btw – did you change the salts in your wp-config ?
    https://codex.wordpress.org/Editing_wp-config.php#Security_Keys


    ride2719
    Participant

    @ride2719

    Thanks shanebp for sticking with me.

    You missed the post where I explained the problem when registrations continued even when I disabled them (about 3 posts up from this one). Basically, there were thousands of pending registrations (i.e. with unconfirmed emails) that were slowly being completed by the malicious registration process. I did not want to simply delete them directly from the data base since that always carries some risk if you don’t use the API’s. I found plugin “unconfirmed” which enable me to view and delete them. Once deleted, the registrations stopped.

    Also, thanks for your idea about the keys and salts. I don’t think that’s a problem since I have deleted all of the automated users AND all of the pending registrations. All of the automated registrations will have to be done again. Unless there is a reason I haven’t thought of, I’d rather not inconvenience my valid users.

    Thanks again, Rick.


    ride2719
    Participant

    @ride2719

    I beleive I have successfully worked around the problem. The solution is as simple as adding a required profile field (xProfile). Evidently, the malicious registration process is fooled by the presence of a require field that it does not expect.

    Of course, this may only be a short-lived solution, and it may not prevent all automated registration engines out there, but it has solved my problem for the time being.

    Thanks to all who gave me hints on how to handle this.

    Rick.


    ride2719
    Participant

    @ride2719

    OOPS… My last post was INCORRECT (there doesn’t seem to be a way to delete posts). I thought it was working to use a required xProfile field, but it just took longer to get going. The spam registrations started up again and I had to disable registrations.

    SO, I’m still looking for help on how to diagnose the problem, or a work around for fixing it.

    Can I re-install BuddyPress and/or bbPress without losing my settings?

    Thanks, Rick.


    ride2719
    Participant

    @ride2719

    I’m hoping that this is my final post on this thread. I found a plugin called BuddyPress Security Check that, so far, has stopped the spam registrations. Thanks to Shea Bunge for the plugin. This may be one of those short-lived fixes where the spammers figure it out eventually, but it’s working right now.


    Matt McFarland
    Participant

    @matt-mcfarland

    A great plugin that I use (is free) that has greatly reduced registration spamming is WANGUARD (check it out here: https://wordpress.org/plugins/wangguard/) works great with buddypress and bbpress


    talk2bks
    Participant

    @talk2bks

    It seems that those spamming my site are using wordpress’ default way of creating an account and not registering through buddypress. When I go to the users admin, all of the users that used buddypress were given the default forum role of “participant”. The spammers don’t have this role.

    Because of my current setup, I installed the Members plugin and created a new role. Then I made the buddypress form show up only for those that I have confirmed. I would recommend that this be added to future buddypress installs as an option.

Viewing 14 replies - 1 through 14 (of 14 total)
  • The topic ‘How to stop spam registrations (HELP!!)’ is closed to new replies.
Skip to toolbar