I don’t actually use AVH…
I would guess that it’s looking for wp-signup.php directly, and doesn’t check on alternate login pages. Maybe you could ask them how it handles BuddyPress, since it’s a similar thing in so far as registration goes.
I guess a better question would be: Do you know of any RBL type plugin that blocks signups based on DNS with the config above?
No, but then again, I don’t use WP for that sort of blocking. I use http://configserver.com/cp/csf.html on my server.
Hmmmm… I pretty much understand most of server security elements, but don’t see how this provides any way to stop forum or comment spam unless you have your firewall updating from the SFS and Spamhaus IP block lists. Unless I miss something, there’s no way to allow open subscriber signups without getting botted and hammered with comment spam. Can you think of anyone that knows how to block forum/comment spam with the http://halfelf.org/2012/multisite-registration/ technique?
Supposedly AVHFDAS checks the user’s IP against StopForumSpam and Project Honeypot (with an API key) before parsing the entire page. I can’t fathom why that would ‘stop’ working. The registration page is a -page- so if AVH is stoping people from hitting that page, they’d never be able to register in the first place.
Did you set the plugin up to check every page, or just registration pages?
AVH doesn’t have a setup for particular pages. It appears to hook only into register, comment, and post pages. Since doing the multisite registration patch it no longer checks the registration page, but regularly blocks a lot of comments and posts, but no registrations. I’ve tested this against IP’s and email addresses on SFS and they all pass through since I did that otherwise great trick with multisite 🙂
OK, I just took a quick glance through the patch, MU stuff and my code.
I believe I can make this work, just not very quickly as I’m short on time. I would have to change some other code to make the solution fit in nicely.
Somehow I knew that it wouldn’t be easy. I finally wrote my first plugin and am learning theming so I’m a ways off from figuring something like this out… Thanks Brah!
I did some coding and it should now check for spam during the validation of a user signup in a MU environment.
I don’t have a MU environment, so if you, akamai4hire, are willing to test it that would be very helpful. If you please contact me through my site where I can send the zip file to, thanks.
