Skip to:

Managing group creation

  • xprt007



    I am having problem with users mostly from Russia, with outlook, hotmail & gmail accounts permanently remotely creating groups where they post content, without them even being on the site as site counter shows + an increasing number of remote registrations, which of course I delete, but would be better o have them blocked.

    I have spam control (aksimet – free, bad behavior), but it only seems to work for post/page comments.
    Currently so much of these groups being created. How can I stop this?

    Any help would be very much appreciated.

Viewing 9 replies - 1 through 9 (of 9 total)

  • danbp



    my 3 word recommendation: disallow group creation !
    And prevent your users, if they need a group, that they have to ask you to create it for them.

    A good pratice to avoid spam, is to use another table prefix as the default wp_table_name. Bots really like this prefix to rape databases. 👿

    Aside you can also try to stop some spambots via htaccess.
    Search on the web for more information on how you can do this.

    Here 2 lines you can add to htaccess to block some russian spambots (without any waranty)

    RewriteCond %{HTTP_REFERER}  ^(.*).ru/(.*)
    RewriteRule ^.*$   -   [F]

    @xprt007 What else have you tried before asking this question here?

    #1 would have been searching the forum archives for possible solutions from past threads (one of great benefits of forums are ever increasing db of information and help derived from questions & replies)

    #2 would be to check the WP plugin repo searching one something like ‘spam’

    In addition to danbp’s advice try installing Wanguard which seems to do a fairly good job along with perhaps a simple registration submission question – believe something called ‘BP-humanity’ might work.

    btw I edited your topic title to remove ‘urgent help’ that’s not considered an appropriate phrase to enter on subject titles 🙂



    Over 170 topics are tagged with “spam” on this forum.

    There we go, a wealth of information!



    Indeed !
    The Tag Widget should be renamed to something like:

    Increase your chances to get the right information by 500% by searching in the tags!

    Will certainly need an extra horizontal uberwidget with longtext format for the title, but other than that little detail, searching by tags is much better and efficient than the usual “Search the forum”.
    For those who search the forum before posting, of course. 😀

    i know, i’m off topic but a little humor doesn’t hurt.




    Thank you for all the responses.

    Well, the issue of spam registrations & comments with the above mentioned plugins in addition to SI CAPTCHA Anti-Spam, Wordfence Security (?), etc had worked for months & was manageable, occasionally getting something in sometimes after weeks. I also blocked all IPs of spammers who would tried to login, etc.

    A few days ago, though I started getting a barrage of bot-registrations + groups with bogus content created. New registrations would come in as soon as I deleted some.

    Since it was late in the night in the middle of a very busy period, I thought someone probably getting similar issues could mention some quick solution I could find the following day.

    It was not my first time in the forum. Some of the above solutions were found through searching the forum, which i agree should be the first step.

    So far – in addition to the above plugins I first added JP User Registration Blacklist, WP-SpamShield and also reluctantly disabled user group creation. (Is there a plugin that enables moderation of user created groups, allowing the moderator to approve user created groups?)

    That stopped the group creation, but spam registrations continued coming. So like recommended above, installed Wanguard, though this being a small site which currently gets in very little income, it is not yet worth paying for it. I hope the free wanguard account can work for a while.
    That since yesterday only let in one or 2 registrations by some criminals, this being one of them – details shown by some plugin:

    Benutzername: clairmcconnan


    Angezeigter Name: Claire McConnan

    Vorname: Claire

    Nachname: McConnan
    IP Address :
    Reverse DNS :
    Reverse DNS IP :
    Reverse DNS Authenticity : [Possibly Forged]
    Proxy Info : No Proxy
    Proxy Data :
    Proxy Status : FALSE

    Names & emails suggest they mostly originate from Russia.

    danbp suggested using .htaccess to block Ru-based submissions. I will look into BUT – on an unrelated Drupal-based site, I ever had a much more serious attack, with as many 25,000 attempted login/post attempts a day(!), which were blocked by the Drupal mollom plugin BUT that constantly filled some DB table, probably logging visits/attempts, to several 100MBs a day, causing me problems with the webhost. Source of attacks was Russia, ukraine, China & Poland.

    The only solution that worked was adding literally several 10,000 lines of complete IP(blocks(?)s from those countries I got from some site to the .htaccess that blocked them out. Only that helped.

    Later on, though – months on, the web host removed that .htaccess file, because my site account was supposedly overusing server resources. I am not sure that had anything to do with the IP address lines in the .htaccess file, but the good thing is that a similar attack has not happened again.

    An .htaccess solution that only involves naming a country ( … ^(.*).ru/(.*) …) & not its thousands of IPs would of course be great & preferable, but I will do a search & see. My site does not need a single Russian & so can do without the country.

    Ultimately, for the time being – what I would need is a functioning free solution until the currently small site can pay for itself, later on. This particular site had not had anything similar in over a year, assuming Wanguard cannot be used …

    Anyway, thank you all.



    change the tables prefix !
    Check also some index.php firstly, for some encrypted datas, like base64_decode on the first line…

    If this matches, you have also to scan your computer.

    You can use the wordfence plugin (and de-install if nothing is found)

    This one is really efficient against fake registering.

    But in any case, this is like carrying water in a sieve or perforated device !




    The index.php file is clean, …

    I used the plugin “Change DB Prefix” which enables a db prefix table change & in wp-config.php with a click. Good since the db has 175 tables 🙁 … ;), thi sbeing a community site with a number of functions.

    I added BuddyPress-Honeypot, … but does it not matter it seems to have had no changes since 2012?

    I temporarily disabled Wanguard to see if the 2 steps above + existing antispam plugins can handle this. Will then see about the .htaccess issue tomorrow etc.

    Many thanks & kind regards



    PS – the high number of DB tables is because of some web directory plugin, which is otherwise very good – which has very many of them. 😉

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Managing group creation’ is closed to new replies.
Skip to toolbar