Support » Networking WordPress » How are you stopping the sploggy new registrations?

  • Resolved PetLvr

    (@petlvr)


    I actually gave up on the wpMU concept yesterday .. offering other people to have sites on my installation, besides me.

    But the sploggers made me quit again – I admit in shame that I just can’t take the lost time in moderating this venture. Every day, I have had about 30-40 new users and splogs created and every day I delete 30-40 new users and splogs created. And I’m using WHM and ConfigServer Security & Firewall plugin and it’s like a one step process to permanently ban any IP in 5 seconds .. but it still takes time to make sure I have all the users and sites marked as spam and delete them.

    It sure took the cake today when AFTER I disabled all registration yesterday … and 4 new splog users/sites were created on my blog today. http://PetLvr-Blogs.com

    How can that happen?

    What are you guys doing to combat the bots? I can’t believe my only option to stop them is to join a membership site wpmudev or purchase “pro” version plugins gd press tools to combat this. Isn’t there an Akismet-type of plugin available for this yet?

    HART

Viewing 15 replies - 1 through 15 (of 18 total)
  • Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    I use WPMU-Block-Spam-By-Math to stop them from registering. I also don’t allow new users to create a blog (they have to ask).

    There are a lot of spam plugins for free on the official WordPress plugin repository.

    Also read these posts: http://wpmututorials.com/tag/spam/

    Thread Starter PetLvr

    (@petlvr)

    Thanks Ipstenu ..

    Will that .htaccess script from 2009 still work today on 3.0?
    http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/ .. it looks hopeful.

    I tried the Block Spam By Math plugin and it didn’t stop the registrations for me. But, I deactivated it when I moved on to try another plugin … Most of the spam-free plugins (that I found in the plugin repository) were more for the comment spam. I’ll take another look.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    I’m using it now and it doesn’t ‘not’ work, if that makes sense 🙂

    There are plugins like Bad Behavior which stop spammers from accessing your site at all, but really do try the .htaccess one. 🙂

    Thread Starter PetLvr

    (@petlvr)

    So – I just enabled the registration – and nothing worked – the .htaccess or the plugin and combination of plugins.

    However … maybe someone here can advise – if this is the right .htaccess code I need? I am using the domain.com/folder/ setup instead of the subdomain.domain.com setup..

    This is what I have – copied from that link above:

    # BEGIN ANTISPAMBLOG REGISTRATION
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-signup.php*
    RewriteCond %{HTTP_REFERER} !.petlvr-blogs.com. [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) http://diespammers.com/ [R=301,L]

    Thread Starter PetLvr

    (@petlvr)

    I’ve had 18 new registrations since I’ve re-allowed registration (exactly 60 minutes later), and implemented the above code. Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) – with that .htaccess code.

    I have 3 plugins, .htacess, and individual IP banning in place. It makes me mad.

    It sure took the cake today when AFTER I disabled all registration yesterday … and 4 new splog users/sites were created on my blog today

    Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends.

    (actually, if this re-checks itself, you can fix it in the db.)

    There’s tons of ways to stop them, none of which you listed. 🙂 (Sorry.)

    the hashcache plugin works.
    renaming the signup page is a hack, but it sure does work.
    bad behaviour will help.

    and I’ve also covered this quite a bit in my blog already…

    Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) –

    If you have open registrations in wordpress 3.0 with the network running, that’s your responsibility. 😉 Got Akismet?

    Thread Starter PetLvr

    (@petlvr)

    Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends

    .

    if you mean the following, it has always been unchecked with my installation: Allow site administrators to add new users to their site via the “Users->Add New” page.

    This WP-HashCash Plugin is new to me (http://wordpress.org/extend/plugins/wp-hashcash/) .. and although it says Compatible up to: 2.9.2 … I will give it a try – it gives me new hope // thanks!

    I have been plagued by spam users for a while (having installed hashcash and akismet etc) but then unchecking the “allow users to add new users” option has given me new hope of a spam-free day! I thought i had cleared all the spam users out, but there must be one or two still registered who were letting others in…

    Part of the problem with explaining how to stop the sploggers is they read these threads too. 😉 (hi! knock it off, will ya??)

    I find it more effective to block things at the server level. Stop xmlrpc requests, for example.

    Is there a way to setup a timer so when a new user registers they can not create a blog for a set amount of time? Maybe a timer for how long before a blog becomes public? OR a setting such that all new blog default to private?

    Thoughts?

    Yeah you could do that.

    Which and can you direct me to the plug-in, because I’m in need of one of those solutions.

    Thanks,

    Ed

    I didn’t say there was a plugin, only that it could be done.

    Thread Starter PetLvr

    (@petlvr)

    Yeah … that’s a tough one .. knowing that the spammers read these threads too although, I don’t think that should be the underlying reason to keep the GOOD STUFF quiet!

    In the past 15 hours since my last comment above – when I installed the WP-HASHCASH plugin (and granted, I’m not sure if it’s just this or in combination with my other plugins already activated) but

    >> Number of Spam Registrations: ZERO.

    😀

    My use of hashcash and not allowing users to create new users (posted above) seems to have done the trick too!

    ZERO new sploggers in 13 hours!

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘How are you stopping the sploggy new registrations?’ is closed to new replies.