Skip to:
Content
Pages
Categories
Search
Top
Bottom

Spam Users Registering. Stop ’em. What’s the current best practice?


  • David Gerhart
    Participant

    @dggerhart

    Hi,

    I’m reading lots of posts that are a 18 mo’s to more than two years old. So I thought to re-ask the question, hoping for some more current advice.

    How can I stop Spam Users from registering?

    WordPress 4.9.6 running Idyllic theme.
    BuddyPress Version 2.9.4
    Site https://insideouthope.org

    What’s the plugin, combination of them or other treatment we can deploy that will best insulate our real community from vermin?

    My inclination is to blacklist/whitelist domains somehow.

    Thanks in advance for your considered response(s).

Viewing 10 replies - 1 through 10 (of 10 total)

  • vegetatingwithleslie
    Participant

    @vegetatingwithleslie

    I’m having the same issue, David. I just came into the support forum to put the question. I hope you get a response. I subscribed to this stream, which hopefully means I’ll be notified if there’s a response.


    Varun Dubey
    Participant

    @vapvarun

    @dggerhart you can try https://wordpress.org/plugins/ban-hammer/ it will allow you to block list domain TTL.


    David Gerhart
    Participant

    @dggerhart

    Thanks for the suggestion, Varun. I’ll read about it.

    For the record, here’s a link for anyone reading this in the future:

    Preventing Spammer Registration

    Discusses the options, and ‘wares to deploy … but seems really dated.

    WordPress.com suggests:

    https://github.com/pixeljar/BuddyPress-Honeypot

    But I can’t verify it’s compatible with the newer systems (6 years old.)

    My problem persists, but seems to run in spurts…


    Venutius
    Moderator

    @venutius

    I still use Wanguard, it still works for checking the validity of email addresses. I notice recently however that I’m getting a large number of spam registrations from domains ending with .xyz or .top so I ended up forking r-a-y’s plugin BP Restrct Signup by Email Domain, turning it into a blacklist intead of a whitelist. My new plugin is called BP Blacklist Signup by Email Domain, I’ll be uploading it to the repository later. This seems to be working well on my systems so far – not had any spam registrations get through for the last few days whereas without it I was getting about 8-12 per day.


    Venutius
    Moderator

    @venutius


    Shashi Kumar
    Participant

    @mastershas

    Hi David,
    This is very common problem that we all are facing with the Buddypress websites. The combination of registration process that I am using to stop it
    1. I have enabled social login as it is very easy for users to login with almost no spam users. Every users is having a google or facebook account. It increases the engagement of users also.
    2. Restrict sign up with only a few legit and popular email domains like GMAIL, YAHOO, MSN aor anything u want. You can use BP Restrict Signup By Email Domain plugin.


    mrditt
    Participant

    @mrditt

    @dggerhart I was able to register for your site without a confirmation email and post “test” comment to your general group. Enabling email confirmation to register will help. Using a checkbox for your Privacy Policy GDPR compliance, is needed and will help too. I would give the Honeypot plugin a try on your staging site (disclaimer, I don’t use, and it’s old) but what it does is pretty simple so it could be ok. Admin notification of new users will help. Manually checking email addresses and questionable profiles (if you have more profile fields) will eliminate the obvious spammers and most are obvious. You can manually approve new users if that won’t be overwhelming. On a different note, you might want to block your dashboard access and you have some html tags displaying. Also a registration menu item (it was hard to figure out how to register) are some things I noticed too. I hope you find this helpful


    David Gerhart
    Participant

    @dggerhart

    Awesome advice.

    Thanks so much!


    djsteveb
    Participant

    @djsteveb

    Using ‘good question’ or similar plugin,
    ‘graphic captcha’
    ‘ip geo block’
    unfortunately spamshield had some meltdown with the wp.org people so it’s out, but similar functionality for logins and such is in ‘shield’

    you’ll never stop the manual spammers, if you could stop them, you would be stopping legit users..

    on my multi-site I use a plugin that makes all new blogs/aka sites that are created automatically set as ‘search engines do not index’ in settings.. this helps too..

    the bp plugin that limits the amount of private messages that can be sent is nice (BuddyPress Private Message Rate Limiter),

    one one install I disallow user’s group creation ability – and ask them to send me a note about any new groups that should be made.

    also enjoy “register ips” – so I can ban really bad cidrs..


    Lars Henriksen
    Participant

    @adjunkten

    I use and recommend Buddypress Registrations options.

Viewing 10 replies - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.
Skip to toolbar