I was just about to ask the same thing – never had much trouble before when using re-captcha but now I have upgraded we’re talking 20-30/day and increasing
Which brings me to my next question – is it better to mark both user and blog as spammer or just delete them both?
There was a new blunt solution here. Apparently having a couple of required custom profile fields also cuts down spam.
I know on the MU side, you can ban registrations from specified email domains. (Site Admin -> Options)
Can’t remember if this translates over to the BP side.
I’m in the same boat. Have used a bunch of different captchas including the recaptcha that has been reworked for BuddyPress to no avail. Even took down our registration page for a day to make sure spammers weren’t bypassing via bbpress or somewhere else…. it was nice not having to delete spam accounts for a day. We may end up taking buddypress out at some point here until there are better spam tools in place.
One thing to remember, the spammers can see the signup code. That’s what they build their scripts for.
The better you can customize your site, the better you can stop them.
Checking your referral logs is one way you can see how they’re getting in. Tip: login to the bbpress admin area and CLOSE SIGNUPS.
Andrea, I did it but all in vain. I guess buddypress should talk with wp-recaptcha or akismat developers and come up with built-in akismat or captcha support for buddypress sign up pages.
And there’s no benefit of banning email domains or ip since every time they come up with new fake domains and ip address. There should be a permanent solution… “Spbloggers” is the biggest problem for those who use buddypress.
Hey Buddypess, do something to stop spammers at your earliest. They waste our resources drastically!!!!!!!!
Checking your referral logs is one way you can see how they’re getting in. Tip: login to the bbpress admin area and CLOSE SIGNUPS.
Obviously this only applies if you are running a seperate bbPress install.
Crap, the spammers have now found my site.
These are not the spammers with name+year usernames, like ‘johndoe1973’, that I used to get on test sites. Those seemed to bypass the registration and activation process, because they didn’t show up on my mailing list.
The spammers I get now have realistic sounding full names and apparently usernames generated from those fullnames (my regular custom registration). I recognize them from the long random strings they add in my custom Company field.
Haven’t seen them registering blogs yet. What are they even trying to achieve?!
Sploggers is a serious problem that WPMU/BPAutomattic needs to address!
http://www.bp-tricks.com/tips_and_tricks/stopping-the-sploggers/
i guess this is one of the best trick against spam blogs and “wild” registrations.
Step 1 and 2 are a bit obvious, but 3 and 4 are really efficient.
Keep in mind that on a wpmu site each blog created by a member has his first post and comment appearing on the default template – the good ol’ kakumei… on which is also written “powered by…” ( Step 2 is only for main blog i think) Spam bots eat this with delectation i suppose.
Spam programs are written to bypass signup. Well. I presume other narrow words like join, fall in, get together are also activ in such programms. But what do these programms if you choose “groink” or “methabolic” ? So follow the explanation and choose a really original word for your signup redirection. This works well for the moment. And don’t forget to put the functions.php file the in mu-plugins folder (to be theme independant).
To use in addition with some other solutions (wp-ban, invisible defender, …) of course.