Also is there any downside to this I dont know about?
Yeah, IPs aren’t going to help in the long run, as people can mask and munge their IPs and, sooner or later, they’ll come back. Also you’re possibly blocking legit traffic.
Hmmm… Thanks more Q’s
Well as far as I know, they are only denied sign up, they should be able to access everything else or am I wrong? I dont know how I could test this…
This is why Id like them to be redirected to a page explaining why they cant sign up. Then perhaps they can contact me and ask for help. I don’t know how to do this yet, still learning…
I’m really not too concerned about blocking legit users from joining if they are in these countries. It may sound elitist, but my website is really only for bloggers that can use Google Adwords…
So…. Your telling me that bots can use proxy? I dont know a lot about IP stuff… Sounds like it would be easier for them to find a different target.
Can I still block their masked IP?
All I know is after six long months Im finally getting some relief. If it comes at the cost of blocking entire countries so be it. Ive tried everything else with no stop… Id implement a new tactic promised to stop them wait five minutes and BLAM a new splog! This is the first time Ive managed to stop them with no new spam now for over a week.
Im pretty sure if they live in countries known to the world as the Top 10 Spammers and Hacker countries in the world, they should be use to this sort of thing…
5 bucks says that’re all coming from a small number of IP addresses and blocking countries is overkill.
No offense against what you done. We used to average about 15% out of ev1/theplanet. Guess we’ll have to block out the US then. 😉
I had this problem a while back – like a year or so – and I installed these 2 plugins – no problems ever since
http://wordpress.org/extend/plugins/bad-behavior/
http://wordpress.org/extend/plugins/cookies-for-comments/
I believe we’re talking about splogs, not comment spam.
Bad behavior stops them from accessing your site. Period.
I use that and this: http://wordpress.org/extend/plugins/wpmu-block-spam-by-math/
I only block by IP when they try to log into my site as root. And that’s handled by LFD (I.e. My firewall)
The two comment plugin sam listed will also stop splogs. Don;t let that throw ya. 😉
Thanks for the replies everyone!
I know this is an old topic…
It seems like a lot of people think this is over kill. Well I think 100+ splogs a day is overkill lol. Its either this or shut off registration completely…
“No offense against what you done. We used to average about 15% out of ev1/theplanet. Guess we’ll have to block out the US then. 😉 “
Im not sure what you’re saying here. Are you saying you get this much spam from the US? I believe I did find a very prolific spammer located in Florida once, but they only came once and after I deleted the account they haven’t returned.
tdjcbe I know, I dont like doing this, this is after all the W W W… Its just the only thing that has worked for me. Its ridiculous that the only way I can enjoy the awesomeness of WPMU is by blocking half the world from registering. I hang my head in shame… What have I become?!!!
I have tried cookies for comments and bad behavior and they did nothing… Well, nothing of note. Perhaps, I didn’t set them correctly?…Maybe I didnt give them enough time? I’m willing to give them another shot but Ive heard this all before.
Its been about 10 days WITH NO SPLOGS!!!
Its ridiculous that the only way I can enjoy the awesomeness of WPMU is by blocking half the world from registering.
This is why running a site where ANYONE can register and create a blog is NOT something you should get into without a clear understanding of what that means.
Anyway. Maybe you should look into a plugin or hack that helps moderate new users or new blogs?
This is why running a site where ANYONE can register and create a blog is NOT something you should get into without a clear understanding of what that means.
Anyway. Maybe you should look into a plugin or hack that helps moderate new users or new blogs?
I run several sites with other CMS and have zero problems with spam… All of them allow registration and are social type websites with user blogs, profiles, forums, video hosting, ads, messaging, and pretty much everything even entries via SMS. I cant recall more than maybe a few sporadic spams through the contact forms. The only security on any of my other sites is captcha on registration.
WordPress seems to be a HUGE target for spam… So you’re telling me that 1000 spammers to every 1 real member is just something everyone should expect?…
Well, I installed every Plugin suggested here Plus a few others. I took out the htcaccess IP blocks and went to bed. The next day… SPLOGS galore… After two weeks of peace.
None of these plugins work. Ill give it another day or two but if I dont receive an actual real signup Im done allowing open registration. From there on, if anyone wants a blog they will have to contact me first to receive an invite…
Not really what I meant, but that’s okay 🙂
WordPress is more popular as a platform than many other CMS (you can google the comparison charts). Saying ‘WordPress gets more spam because it’s less spam-secure’ is akin to saying, say, ‘godaddy is hacked more often because it’s less secure.’ Both statements have some accuracy, but realistically it’s because of size. Bigger target. Do people drink more StarBucks because it’s better or because they’re ubiquitous? 🙂
If you want to run an open reg wordpress site, one presumes you’re going to do research into what that means, what the shortcomings are and all that jazz. And one thing, no matter what CMS you use, is that maintaining a site needs constant vigilance! Spammers will surprise you no matter what you use, so you have to keep your eyes out. And yes, one method is the ip blocks, but you have to know what they mean. If that’s acceptable for your site, cool. If not, you keep looking. But you have to know what your needs are, what the options are, and what you can reasonable expect 🙂
My point was you MUST be aware of the whole picture when running any site 🙂
Also, owners who have huge sites block spammers at the server levels after studying logs to see the kind of requests they make. this way the processing for it is outside of WP.
Also, owners who have huge sites block spammers at the server levels after studying logs to see the kind of requests they make. this way the processing for it is outside of WP.
I tried this but it just took too long. Its an effective way to get rid of major offenders. Its tedious tho to try and blog them all individually…
As a last ditch attempt I’m going to remove any keywords they are searching to find my website. Seems to be Yes, Id like to create a blog…
ipstenu, I got you. Sorry if I sound rude… You’re right WP is much bigger than the other CMS out there. So I guess it doesn’t really apply. I guess Im just frustrated as heck. I dont like having to do all this extra work. Usually I can find a solution that just works but nothing seems to work here. Now, it seems as if my comment spam has increased ten Xs since implementing all these plugins, which are suppose to STOP comment spam… I know its unrelated but Im freaking sick of this…
When you are running a blog network, you are now running server level software. Others are looking to you to support their blogs. 🙂
So yeah, the learning curve is steeper and you do have to look after more things that are more difficult.
Is it possible to change name of wp-signup.php in order to stop spam registrations? Seems spam registration is huge problem. I got a lot of automatic registrations like janet128972861.domain.com
None of recommended plugins stopping it.
