WordPress.org

Support

Support » Multisite » Multisite registration spam

Multisite registration spam

Viewing 15 replies - 1 through 15 (of 28 total)
  • Is Akismet not effective for you?

    For comments yeah, but not for reistrations @ wp-signup.php

    Ah, sorry I completely misread the title and your post it seems!

    We use Anti-Splog from WPMUDev but it’s a paid plugin, very effective though. I recommend trying WangGuard though, it’s very good.

    Cookies for Comments – Read this thread

    You have to add something to your .htaccess, but it works great.

    Also check out Darcy Normam’s htaccess tweak

    Would one of these techniques also block genuine users seeing as most of my sign ups will come from direct links to wp-signup.php via an e-newsletter?

    Nope. What they do is say ‘If you’re trying to pass the data to wp-signup without clicking the SUBMIT button, you’re a spammer.’ Which is true 🙂

    ok, so I’ve got:

    # BEGIN ANTISPAMBLOG REGISTRATION
    <IfModule mod_rewrite.c>
     RewriteEngine On
     RewriteCond %{HTTP_COOKIE} !^.*59a5259c983ed123457907875dd8d758.*$
     RewriteRule ^wp-signup.php - [F,L]
    
     RewriteCond %{REQUEST_METHOD} POST
     RewriteCond %{REQUEST_URI} .wp-signup.php*
     RewriteCond %{HTTP_REFERER} !.*mywebsite.com.* [OR]
     RewriteCond %{HTTP_USER_AGENT} ^$
     RewriteRule (.*) http://lmgtfy.com/?q=spammer [R=301,L]
    </IfModule>
    # END ANTISPAMBLOG REGISTRATION
    
    # BEGIN WordPress
    ...

    This is the htaccess inside my wp folder, not my website root htaccess file. Everything look ok?

    Assuming you changed mywebsite.com to your website 😉

    Is WP installed in a subfolder? And if so, is it running out of mywebsite.com/wp/ ?

    subfolder and /blogs/

    Should be fine 🙂 Just making sure you’re not trying to install it in /blogs/ and run it out of / 😉 That way lies shenanigans.

    I’m getting a 403:

    Forbidden
    You don’t have permission to access /blogs/wp-signup.php on this server.

    And you changed mywebsite.com to your actual URL?

    It works perfectly on my site.

    Remove this for a test: You may have done that wrong.

    RewriteCond %{HTTP_COOKIE} !^.*59a5259c983ed123457907875dd8d758.*$
     RewriteRule ^wp-signup.php - [F,L]

    yep. it works if I remove those two lines. how have i done that wrong?

    59a5259c983ed123457907875dd8d758 must not be right is all I can think.

    You’ve got css.php?k=59a5259c983ed123457907875dd8d758&o=i&t=XXXXXXXXX right? And you’re ONLY getting the stuff in front of &o=i... right?

    Here’s the image from view source:

    img src=”http://www.mywebsite.com/blogs/wp-content/plugins/cookies-for-comments/css.php?k=59a5259c983ed12345907875dd8d758&o=i&t=1343467019″

Viewing 15 replies - 1 through 15 (of 28 total)
  • The topic ‘Multisite registration spam’ is closed to new replies.
Skip to toolbar