Skip to:

Removing thousands of spam users

  • I am trying to secure my website against new spam users and there’s quite a few threads of CAPTCHA and so on here which are helping.

    But in the meantime I’ve got about 4,000 spam users created. How can I delete them all? They’re interspersed with real users so unsure what to do. There’s nothing I seem to be able to sort them on either in BP or through the database that will allow me to identify and remove them. Any ideas?

    An example is like:

    Username: ackery815215869
    Name: camdenlotz

    They’re obviously random and I can spot them by site but I can hardly scroll through 87 pages of users trying to pick out the real ones!

    Any ideas?

    BuddyPress is feeling very lonely, insecure and underdeveloped right now…

Viewing 7 replies - 1 through 7 (of 7 total)
  • Sounds like time to get stuck into phpMyAdmin and use it’s search to try and locate just emails ending in .info or similar spammy email addies and delete the rows directly in the DB, might be some genuine ones but probably less than in WP backend which has no sort capability

    Thanks hnla

    I did look at phpMyAdmin but there’s nothing in common like that (they’re not all .info addresses) – except the string of numbers on the end of the usernames. but as they’re on the end I can’t sort like that…?!

    Don’t doubt there isn’t one common string to latch onto you’ll probably have to run a few sorts, going to be agony whatever method one takes really, you could try .info that may take care of quite a few?



    What I have to ask is “Why?” and “How?” are these spambots accessing and creating users? I have one site that uses WP multisite with BP and there’s a great plugin “BP Registration Options” that works well enough to grab and display all new member requests and displays IP addresses; which I then add to WP-Ban. Its taken a month but I am now down to a dozen or so spambot signups per day.

    Now, I have another WP/BP site that is NOT multisite and “BP Registration Options” does not work the same. BUT I copy the IP addresses from the one and paste it into the “WP Ban” of this site. However, I am still 100+ spambot signups per day. So, I have a plugin “Pending Activations” (which doesn’t work in multisite) but this plugin does not display the IP address of the offending spambot signups. Thus, my battle with the signups continues …

    So … How are the spambots signing up? Why does the registration form not have CAPTCHA? and how can we stop them from signing up?

    You should take care adding bans on IP’s it’s a little frowned on and can affect legitimate users, Most spammers will be spoofing their addresses they don’t want to be tracked so adding these IPs is likely not really doing much.

    There are plenty of tips and tricks if you hunt through the forum threads to reducing spam signups.



    @hnla I know that there will be a segment of the population who will be prevented from joining because I am blocking IP addresses. But, I want/need these prevented in the first place and I do not understand why this is not addressed in the core and has to be something I must “hunt through the forum threads to reducing spam signups”. Its not like this is an unknown issue.

    Besides, I HAVE searched for “reduce spambots” “reduce fake sign ups” “Reduce and reducing spam sign ups” with zero results.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Removing thousands of spam users’ is closed to new replies.
Skip to toolbar