WordPress.org

Support

Support » Multisite » [Resolved] How are you stopping the sploggy new registrations?

[Resolved] How are you stopping the sploggy new registrations?

  • I actually gave up on the wpMU concept yesterday .. offering other people to have sites on my installation, besides me.

    But the sploggers made me quit again – I admit in shame that I just can’t take the lost time in moderating this venture. Every day, I have had about 30-40 new users and splogs created and every day I delete 30-40 new users and splogs created. And I’m using WHM and ConfigServer Security & Firewall plugin and it’s like a one step process to permanently ban any IP in 5 seconds .. but it still takes time to make sure I have all the users and sites marked as spam and delete them.

    It sure took the cake today when AFTER I disabled all registration yesterday … and 4 new splog users/sites were created on my blog today. http://PetLvr-Blogs.com

    How can that happen?

    What are you guys doing to combat the bots? I can’t believe my only option to stop them is to join a membership site wpmudev or purchase “pro” version plugins gd press tools to combat this. Isn’t there an Akismet-type of plugin available for this yet?

    HART

Viewing 15 replies - 1 through 15 (of 18 total)
  • I use WPMU-Block-Spam-By-Math to stop them from registering. I also don’t allow new users to create a blog (they have to ask).

    There are a lot of spam plugins for free on the official WordPress plugin repository.

    Also read these posts: http://wpmututorials.com/tag/spam/

    Thanks Ipstenu ..

    Will that .htaccess script from 2009 still work today on 3.0?
    http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/ .. it looks hopeful.

    I tried the Block Spam By Math plugin and it didn’t stop the registrations for me. But, I deactivated it when I moved on to try another plugin … Most of the spam-free plugins (that I found in the plugin repository) were more for the comment spam. I’ll take another look.

    I’m using it now and it doesn’t ‘not’ work, if that makes sense 🙂

    There are plugins like Bad Behavior which stop spammers from accessing your site at all, but really do try the .htaccess one. 🙂

    So – I just enabled the registration – and nothing worked – the .htaccess or the plugin and combination of plugins.

    However … maybe someone here can advise – if this is the right .htaccess code I need? I am using the domain.com/folder/ setup instead of the subdomain.domain.com setup..

    This is what I have – copied from that link above:

    # BEGIN ANTISPAMBLOG REGISTRATION
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} POST
    RewriteCond %{REQUEST_URI} .wp-signup.php*
    RewriteCond %{HTTP_REFERER} !.petlvr-blogs.com. [OR]
    RewriteCond %{HTTP_USER_AGENT} ^$
    RewriteRule (.*) http://diespammers.com/ [R=301,L]

    I’ve had 18 new registrations since I’ve re-allowed registration (exactly 60 minutes later), and implemented the above code. Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) – with that .htaccess code.

    I have 3 plugins, .htacess, and individual IP banning in place. It makes me mad.

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    It sure took the cake today when AFTER I disabled all registration yesterday … and 4 new splog users/sites were created on my blog today

    Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends.

    (actually, if this re-checks itself, you can fix it in the db.)

    There’s tons of ways to stop them, none of which you listed. 🙂 (Sorry.)

    the hashcache plugin works.
    renaming the signup page is a hack, but it sure does work.
    bad behaviour will help.

    and I’ve also covered this quite a bit in my blog already…

    Obviously, something is wrong – (besides wordpress mu 3.0 not having better spam control) –

    If you have open registrations in wordpress 3.0 with the network running, that’s your responsibility. 😉 Got Akismet?

    Go to Super Admin -> Options. Uncheck “allow users to add new users”. THAT is how they get in. If one gets in, they let in their little friends

    .

    if you mean the following, it has always been unchecked with my installation: Allow site administrators to add new users to their site via the “Users->Add New” page.

    This WP-HashCash Plugin is new to me (http://wordpress.org/extend/plugins/wp-hashcash/) .. and although it says Compatible up to: 2.9.2 … I will give it a try – it gives me new hope // thanks!

    I have been plagued by spam users for a while (having installed hashcash and akismet etc) but then unchecking the “allow users to add new users” option has given me new hope of a spam-free day! I thought i had cleared all the spam users out, but there must be one or two still registered who were letting others in…

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    Part of the problem with explaining how to stop the sploggers is they read these threads too. 😉 (hi! knock it off, will ya??)

    I find it more effective to block things at the server level. Stop xmlrpc requests, for example.

    Is there a way to setup a timer so when a new user registers they can not create a blog for a set amount of time? Maybe a timer for how long before a blog becomes public? OR a setting such that all new blog default to private?

    Thoughts?

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    Yeah you could do that.

    Which and can you direct me to the plug-in, because I’m in need of one of those solutions.

    Thanks,

    Ed

    Andrea Rennick

    @andrea_r

    Customer Care at Copyblogger Media and Studiopress

    I didn’t say there was a plugin, only that it could be done.

    Yeah … that’s a tough one .. knowing that the spammers read these threads too although, I don’t think that should be the underlying reason to keep the GOOD STUFF quiet!

    In the past 15 hours since my last comment above – when I installed the WP-HASHCASH plugin (and granted, I’m not sure if it’s just this or in combination with my other plugins already activated) but

    >> Number of Spam Registrations: ZERO.

    😀

    My use of hashcash and not allowing users to create new users (posted above) seems to have done the trick too!

    ZERO new sploggers in 13 hours!

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘[Resolved] How are you stopping the sploggy new registrations?’ is closed to new replies.
Skip to toolbar