Skip to:
Content
Pages
Categories
Search
Top
Bottom

Increase in fake visits since install

  • @projectslimited

    Participant

    Hi,

    Ever since installing Buddypress, we seemingly have an influx of visitors which just continually visit the site. This increases server load and slows down the server considerably. We have blocked out some of the main troublesome IP’s, but it seems to be a relentless flow of spambot traffic. We did have over 6000 rogue registrations, which have now been removed and stopped by using the Buddypress Humanity plugin!

    I have also used Wordfence in order to track these “visits” and on the screenshot below you can see the kind of thing we are up against.

    Wordfence

    Can anyone recommend a decent way to block these out.

    Please note I am not blocking the troublesome IP’s at WordPress/Wordfence level however am using CSF on our WHM in order to add the IP’s to the IP tables block. We do want to have many of these sites on our server, which is a very high powered VPS, but at the moment we are unsure whether it is even worth continuing.

    I have done a search for this issue both on this forum and on Google and haven’t yet found a trusted way of getting rid of them.

    Any help would be appreciated!

    Buddypress: 2.3.3
    Wordpress: 4.3
    Theme: Snaptube

    Thanks!

Viewing 2 replies - 1 through 2 (of 2 total)
  • @sudip23

    Participant

    I think the plugin akismet is the right choice.

    @djsteveb

    Participant

    @projectslimited – yeah, welcome to the club! I had one bp site with registration turned off for 18 months.. turned it on to test some thing – hours later – dozens of new “groups” and spam accounts.

    My main site I depend on buddypress humanity as main line of defense.. but also add the plugin “good question” (changing the defaults on these two!)

    I also use “geo ip block” on all wp sites now. (changing some defaults)

    that seems to help 95% – then I got so tired of the manual spammers that I added the apache gep redirect thing from maxmind lite.. and block all visits from Russia, China, Ukraine, and a few others completely.

    Saves a ton of bandwidth and server resources – and makes it easier to find the cdir blocks of US and UK ISPs to block via htaccess (none of my web site visitors are using COLO Crossing Transport to visit my site- so all their cidrs eg:
    23.94.144.0/20
    23.94.144.0 – 23.94.159.255

    blocked…

    I have been messaging with a wordpress plugin author about modding his plugin that pulls info from failed logins and puts them into iptables – suggesting a few mods that can make that info useful to those of us who do not have access to or want to get into iptables modsec stuff – hopefully those suggestions will come into a new version of that plugin later this year.

    with my multi-site setup I use a ‘new blog defaults’ plugin to set any new blogs created to automaticcaly have the noindex setting in wordpress, and noinded nofollow settings from yaost.. so even if one manual spammer gets in and makes blog – it does no good, and does not show up on the radar of the other spammers.

    I recently had to block Japan entirely as I started getting daily spam hits from there.. of course each person’s setup will vary – I can’t block all countries on all my sites, so some sites I set the ip geo block to whitelist just one or two.. on other sites I setup a blacklist to block 20 or so..

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Increase in fake visits since install’ is closed to new replies.
Skip to toolbar