Spam is a tough one to crack. Whilst I don’t claim to have the ultimate solution Captcha is a good step then also 1.6 as you said has measures. I also think that encouraging good community policing can help. Testbp is after all a test site so yes there may be some issues different there from an active community.
I am a new Buddypress user but in a very short time, our site has had numerous spammers join. This is a significant problem limiting the potential of the system. I have just 21 users and have had to remove 4 of them as spammers. What happens with 2100 users? Removing spammers will be a fulltime role and that would seem to defeat the purpose of a self-maintained website and social media community.
have you taken any steps to prevent spam?
Hi Mode, apart from manually remove the offenders, I am not sure what I can do.
I have not yet launched my BP site, but I too am concerned about this happening. If I use things like CAPTCHA on the registration page or https://wordpress.org/extend/plugins/wangguard/, will it be sufficient enough to prevent spammers?
Try:
Change the register slug to something else. Make sure BuddyPress or WordPress is not shown on any page of your site. Check footer and header via the browsers view source. Use a captcha. Only allow sign ups via Facebook connect. Don’t use multi site.
In my profile privacy plugin there is a button on user pages that lets admins mark user as spammer. This is for quickly blocking a user. It doesn’t delete account just puts account into a state that will not allow user to sign in.
I’m working my way through my plugins and adding updates. One update I may add to the profile privacy plugin is too block an account if they post without doing a certain thing first. Maybe they need to add a friend or join a group.
Search around, but no one should open a BP site without locking it down.
The following steps helped me stop most spam.
install s2member and follow the security steps (verify that all keys are created)
Delete the Register folders in BP (make sure to save the files)
use WordPress register form, ( you can intergrate s2members to BP 
)
Have the passwords e-mailed to the user that is signing up.
in custom.php change the slug of the register and members.
These steps helped me lock down my BP site. It stopped activity spam and fake members.
Good luck.
Thanks everyone, I am going to test drive these suggestions over this week.
So far so good. I installed a captcha. Got some legacy spam from some of the users that are spammers but I am slowly removing them. Great advice. Thanks to all. That said, the journey is far from over.
@presence-films Try using my approach to registration, see it here: http://www.snaplist.net23.net/register/ I have 0 spammers and the sites been live for a year. @modemlooper Sounds like a great idea. Could you make the conditional so that the admin can decide which condition is applied and if the user does not meet the criteria the plugin prevents them from posting?
