WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] How are you stopping the sploggy new registrations? (19 posts)

  1. PetLvr
    Member
    Posted 4 years ago #

    I actually gave up on the wpMU concept yesterday .. offering other people to have sites on my installation, besides me.

    But the sploggers made me quit again - I admit in shame that I just can't take the lost time in moderating this venture. Every day, I have had about 30-40 new users and splogs created and every day I delete 30-40 new users and splogs created. And I'm using WHM and ConfigServer Security & Firewall plugin and it's like a one step process to permanently ban any IP in 5 seconds .. but it still takes time to make sure I have all the users and sites marked as spam and delete them.

    It sure took the cake today when AFTER I disabled all registration yesterday ... and 4 new splog users/sites were created on my blog today. http://PetLvr-Blogs.com ...

    How can that happen?

    What are you guys doing to combat the bots? I can't believe my only option to stop them is to join a membership site wpmudev or purchase "pro" version plugins gd press tools to combat this. Isn't there an Akismet-type of plugin available for this yet?

    HART

  2. I use WPMU-Block-Spam-By-Math to stop them from registering. I also don't allow new users to create a blog (they have to ask).

    There are a lot of spam plugins for free on the official WordPress plugin repository.

    Also read these posts: http://wpmututorials.com/tag/spam/

  3. PetLvr
    Member
    Posted 4 years ago #

    Thanks Ipstenu ..

    Will that .htaccess script from 2009 still work today on 3.0?
    http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/ .. it looks hopeful.

    I tried the Block Spam By Math plugin and it didn't stop the registrations for me. But, I deactivated it when I moved on to try another plugin ... Most of the spam-free plugins (that I found in the plugin repository) were more for the comment spam. I'll take another look.

  4. I'm using it now and it doesn't 'not' work, if that makes sense :)

    There are plugins like Bad Behavior which stop spammers from accessing your site at all, but really do try the .htaccess one. :)

  5. PetLvr
    Member
    Posted 4 years ago #

    So - I just enabled the registration - and nothing worked - the .htaccess or the plugin and combination of plugins.

    However ... maybe someone here can advise - if this is the right .htaccess code I need? I am using the domain.com/folder/ setup instead of the subdomain.domain.com setup..

    This is what I have - copied from that link above:

    # BEGIN ANTISPAMBLOG REGISTRATION
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-signup.php*
    RewriteCond %{HTTP_REFERER} !.petlvr-blogs.com. [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) http://diespammers.com/ [R=301,L]
  6. PetLvr
    Member
    Posted 4 years ago #

    I've had 18 new registrations since I've re-allowed registration (exactly 60 minutes later), and implemented the above code. Obviously, something is wrong - (besides wordpress mu 3.0 not having better spam control) - with that .htaccess code.

    I have 3 plugins, .htacess, and individual IP banning in place. It makes me mad.

  7. It sure took the cake today when AFTER I disabled all registration yesterday ... and 4 new splog users/sites were created on my blog today

    Go to Super Admin -> Options. Uncheck "allow users to add new users". THAT is how they get in. If one gets in, they let in their little friends.

    (actually, if this re-checks itself, you can fix it in the db.)

    There's tons of ways to stop them, none of which you listed. :) (Sorry.)

    the hashcache plugin works.
    renaming the signup page is a hack, but it sure does work.
    bad behaviour will help.

    and I've also covered this quite a bit in my blog already...

    Obviously, something is wrong - (besides wordpress mu 3.0 not having better spam control) -

    If you have open registrations in wordpress 3.0 with the network running, that's your responsibility. ;) Got Akismet?

  8. PetLvr
    Member
    Posted 4 years ago #

    Go to Super Admin -> Options. Uncheck "allow users to add new users". THAT is how they get in. If one gets in, they let in their little friends

    .

    if you mean the following, it has always been unchecked with my installation: Allow site administrators to add new users to their site via the "Users->Add New" page.

    This WP-HashCash Plugin is new to me (http://wordpress.org/extend/plugins/wp-hashcash/) .. and although it says Compatible up to: 2.9.2 ... I will give it a try - it gives me new hope // thanks!

  9. MacRamsay
    Member
    Posted 4 years ago #

    I have been plagued by spam users for a while (having installed hashcash and akismet etc) but then unchecking the "allow users to add new users" option has given me new hope of a spam-free day! I thought i had cleared all the spam users out, but there must be one or two still registered who were letting others in...

  10. Part of the problem with explaining how to stop the sploggers is they read these threads too. ;) (hi! knock it off, will ya??)

    I find it more effective to block things at the server level. Stop xmlrpc requests, for example.

  11. bejarana
    Member
    Posted 4 years ago #

    Is there a way to setup a timer so when a new user registers they can not create a blog for a set amount of time? Maybe a timer for how long before a blog becomes public? OR a setting such that all new blog default to private?

    Thoughts?

  12. Yeah you could do that.

  13. bejarana
    Member
    Posted 4 years ago #

    Which and can you direct me to the plug-in, because I'm in need of one of those solutions.

    Thanks,

    Ed

  14. I didn't say there was a plugin, only that it could be done.

  15. PetLvr
    Member
    Posted 4 years ago #

    Yeah ... that's a tough one .. knowing that the spammers read these threads too although, I don't think that should be the underlying reason to keep the GOOD STUFF quiet!

    In the past 15 hours since my last comment above - when I installed the WP-HASHCASH plugin (and granted, I'm not sure if it's just this or in combination with my other plugins already activated) but

    >> Number of Spam Registrations: ZERO.

    :D

  16. MacRamsay
    Member
    Posted 4 years ago #

    My use of hashcash and not allowing users to create new users (posted above) seems to have done the trick too!

    ZERO new sploggers in 13 hours!

  17. MacRamsay
    Member
    Posted 4 years ago #

    Spoke too soon... they're in again... damn sploggers.

  18. MacRamsay
    Member
    Posted 4 years ago #

    Thats strange - i looked to see if my 'allow users to create new users' option was checked, and it was - every time i un-check it and save changes, the page reloads but the box is checked again? Any ideas why it wont let me turn this option off?

  19. Yeah, it's a bug. :-/ yes, it's been filed.

    You can go change it in the database tho.

Topic Closed

This topic has been closed to new replies.

About this Topic