WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] suspicious users bypassing askimet. Hot to find IP? (13 posts)

  1. jlockley
    Member
    Posted 1 year ago #

    On one of my two blogs I have been getting suspicious users signing up, mostly from o2.pl (the email given..probably not, actually) with obviously robot generated id's. I have captcha. they are bypassing it somehow. A review of visitors in CPanel shows a lot of Russian hits (a bad thing). Blot content is narrow and specifically targeted to culinary workers in the US, so this is not righteous.
    I am puzzling over their purpose. The fact that the blog blew its bandwidth usage twice makes me suspect using it as a spam portal. I spoke with the server techs about this, and they were extremely unimpressed.
    I am trying to figure out how to get the users' IP addresses, from which I can determine the ip ranges and block them from the site.
    What I think I am looking for is a good statistics plugin which shows user statistics with IP and time of sign up.
    What I also need is a sign up system which is more difficult that captcha.
    Input and suggestions gleefully accepted.

  2. esmi
    Forum Moderator
    Posted 1 year ago #

    Akismet only filters spam comments. It does not filter user registration on your site in any way. So where is the problem? Comments? Or user registrations?

  3. jlockley
    Member
    Posted 1 year ago #

    Yes, I understand that, but I noticed Askimet being advised to someone else, and I friend I went to with the problem advised it, so I wanted to state that I have it. Askimet does a very good job of spam blocking.
    The problem, as far as it exists at this time, is rashes (up to twenty or thirty a day) of new users from Poland (although my stats on the server slice show no visits from Polish IP's) which blow my bandwidth.
    I have no idea what they are up to, but my guess is that it is better to figure out how to block them all together than wait and see.
    My desires (rather than my problem) are a) a plugin which will give me more visitor information and b) a more complex sign up process that my current captcha offers.
    If I have the IP's, I can find the source. I have secured our mail for now (it's a never ending battle) but would like these guys as far from my site as possible. So security issue, I guess.

  4. esmi
    Forum Moderator
    Posted 1 year ago #

    Where is the problem? Comments? Or user registrations?

  5. jlockley
    Member
    Posted 1 year ago #

    Registration.
    Also in site visits, which I get from my CPanel. That does not show me however, when which IP's apeared and of course not which registered. (There may be a way to get to that information. I am working on it.)

  6. esmi
    Forum Moderator
    Posted 1 year ago #

    Registration.

    Then Akismet is about as useful as a bicycle for a goldfish. It's for managing comment spam - not user registrations. A completely separate area.

    Site visits don't usually have much of an impact unless you are getting thousands of visits from these "spam ips" - in which case you can block them using your .htaccess file. Your hosts may be able to help you with this.

    If you are sure these are spammers, have a look at http://wordpress.org/extend/plugins/custom-registration-link/ or http://wordpress.org/extend/plugins/stop-spammer-registrations-plugin/

  7. jlockley
    Member
    Posted 1 year ago #

    I have no doubt that they are nefarious..spamming probably the goal.
    Thank you very much. custom registration looks as if it would work well. Pretty much what I am looking for.
    As for the htaccess file, I think I need the IP's to enter, which was the first question. I know from our fight against the Ukranians that the IP ranges are vast. I believe we have blocked about 110 pages of addresses so far.

  8. esmi
    Forum Moderator
    Posted 1 year ago #

    Your hosts are the best resource if you want IP addresses. They should have raw logs that you can use.

  9. jlockley
    Member
    Posted 1 year ago #

    I have logs, but they are pretty bad. For one thing, the visits are not dated (???). Nothing Polish, lots of Russian spider bots. Ergo my concern.

  10. leejosepho
    Member
    Posted 1 year ago #

    Wordfence Security can show you all IP activity and will let you block specific addresses or even entire countries.

  11. jlockley
    Member
    Posted 1 year ago #

    Yeeeeee Haw! With both your help problem surely solved. Thanks to both of you.

  12. esmi
    Forum Moderator
    Posted 1 year ago #

    Glad we could help :-)

  13. jlockley
    Member
    Posted 1 year ago #

    And fast!!!

Topic Closed

This topic has been closed to new replies.

About this Topic