How do I stop spam sign ups

inetconn
(@inetconn)

9 years, 9 months ago

Hi,
Here is the site in question:
http://inetconnectionsnetwork.com/

I need some help in stopping spam signups and all such activity. This is causing me a lot of trouble with my host who is threatening to shut me down over this as it is causing some issues.

The spam sign up problem is getting out of hand. I need any and all help to stop them. I need help in getting rid of them once I have stopped them.

Any help would be greatly appreciated.
Thank you

Viewing 15 replies - 1 through 15 (of 20 total)

1 2 →

barnez
(@pidengmor)

9 years, 9 months ago

In your WordPress dashboard go to Settings – Discussion and enable:

Before a comment appears Comment must be manually approved

Then you can review the submitted comments in your dashboard at your leisure and choose the valid ones to publish.
barnez
(@pidengmor)

9 years, 9 months ago
Also consider the following:

While not hacker-specific (though it certainly could be), this next bit of code will prevent bots with no user agent from hitting your site. Just change out yourwebsite.com with your actual URL before placing this in your .htaccess:
```
## Protect from spam bots ##
<IfModule mod_rewrite.c>
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.yourwebsite.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]
</IfModule>
```
* The .htaccess file is very sensitive. Always backup the file before making any changes.

(Code courtesy of: http://moz.com/blog/the-definitive-guide-to-wordpress-security)
Moderator James Huff
(@macmanx)

Volunteer Moderator

9 years, 9 months ago

Regarding the signups, do you absolutely need to allow user registration for anything? If not, shut it down at Settings -> General in your blog’s Dashboard.

If you do need it, and you can identify a trend in registrations that you could blacklist (a similar name, email domain, website, etc) try http://wordpress.org/plugins/ban-hammer/ which allows you to apply your comment blacklist to registrations.

Thread Starter inetconn
(@inetconn)

9 years, 9 months ago

Is there also a way to manage user accounts to remove spam accounts and spammers?

Moderator James Huff
(@macmanx)

Volunteer Moderator

9 years, 9 months ago

Yes, you can delete them from the Users section in your blog’s Dashboard.

chhelp
(@chhelp)

9 years, 9 months ago

Best Idea
If You Are Using Any CDN Network Like Cloudflare, Incapsula Or Any Other CDN Network. You Will See An Option To Chose What Type Of People Enter Your Site. And/Or You Can Use Any Plugin In WordPress Market Which Is To Make Captcha While Signup. 🙂

Thread Starter inetconn
(@inetconn)

9 years, 9 months ago

I guess I did not ask my question right:
Is there a reliable plug in to help me find and remove spammer, multiple account users, etc.?

chhelp
(@chhelp)

9 years, 9 months ago

I Think This Will Do Your Job

Use Captcha On Signup
https://wordpress.org/plugins/cartpauj-register-captcha/

Or

https://wordpress.org/plugins/si-captcha-for-wordpress/

Moderator James Huff
(@macmanx)

Volunteer Moderator

9 years, 9 months ago

Not that I’m aware of myself, but you might be able to find a good one at https://wordpress.org/plugins/

Just make sure that it’s compatible with your version of WordPress and has a decent rating, of course.

mmuhammadmairaj
(@muhammadmairaj)

9 years, 9 months ago

WangGuard can help. Read about its features at official WP plugin repository.

Thread Starter inetconn
(@inetconn)

9 years, 9 months ago

My site has been shut down again. Apparently by spammers. Can anyone out there help me get this situation under control?

Moderator James Huff
(@macmanx)

Volunteer Moderator

9 years, 9 months ago

What do you mean “shut down”? Did your hosting provider shut it off? If so, only they can bring it back (and then you should probably find a new hosting provider, because shutting down a site over registrations or comments is kind of silly).

Thread Starter inetconn
(@inetconn)

9 years, 9 months ago

im sorry. Let me try to explain some more detail, Please note the original post above. The problem of spammers and robot sing ups has apparently gotten to the point that my new host has issued multiple warnings over “slow MySQL queries” or something like that. Today, I got a new warning over cpu usage. The host has shut my site down again for the second time.

Another issue I have (maybe not related) is that, after the site was moved and set up again, I could not access my dash board features. I got an error 500.

This site was set up to be a community site similar to twitter, but with a slightly different flair. Right now, it has become a nightmare.

I and my developer really need help in getting this mess under control or the spammers will win and my site will stay down and lost.

Any help would be appreciated.

Moderator James Huff
(@macmanx)

Volunteer Moderator

9 years, 9 months ago

has issued multiple warnings over “slow MySQL queries” or something like that. Today, I got a new warning over cpu usage. The host has shut my site down again for the second time.

Yeah, I find that highly suspect. Unless your are being purposefully DDOSed via registrations, you shouldn’t be over-using any resources, and for that matter the host should be able to identify if it was a DDOS attack. It really might be time to just switch hosting providers.

Another issue I have (maybe not related) is that, after the site was moved and set up again, I could not access my dash board features. I got an error 500.

Internal server errors (error 500) are often caused by plugin or theme function conflicts, so if you have access to your admin panel, try deactivating all plugins. If you don’t have access to your admin panel, try manually resetting your plugins. If that resolves the issue, reactivate each one individually until you find the cause.

If that does not resolve the issue, try switching to the Twenty Fourteen theme to rule-out a theme-specific issue. If you don’t have access to your admin panel, access your server via FTP or SFTP, navigate to /wp-content/themes/ and rename the directory of your currently active theme. This will force the default theme to activate and hopefully rule-out a theme-specific issue.

If that does not resolve the issue, it’s possible that a .htaccess rule could be the source of the problem. To check for this, access your server via FTP or SFTP and rename the .htaccess file. If you can’t find a .htaccess file, make sure that you have set your FTP or SFTP client to view invisible files.

If you weren’t able to resolve the issue by either resetting your plugins and theme or renaming your .htaccess file, we may be able to help, but we’ll need a more detailed error message. Internal server errors are usually described in more detail in the server error log. If you have access to your server error log, generate the error again, note the date and time, then immediately check your server error log for any errors that occurred during that time period. If you don’t have access to your server error log, ask your hosting provider to look for you.

This site was set up to be a community site similar to twitter, but with a slightly different flair. Right now, it has become a nightmare.

Ah, that’s important to know. If you expect to be near the size of Twitter, you do need a robust VPS or dedicated server(s), otherwise it will indeed be a nightmare. I hope you aren’t planning to launch something like that on shared hosting.

Thread Starter inetconn
(@inetconn)

9 years, 9 months ago

It seems that I am going to need serious help here. My host sent three warnings and then shut me down again while I was at work.

I haven’t heard from my developer and am wondering of he is giving up.

As for the hosting issue, I needed to generate revenue before I could move up to more powerful hosting. If interested, please pm me and I will send you all the info via pm.