I haven’t been able to get the plugin to work. Spammers that should have been caught are getting through. The diagnostics page says the tests are working. The log page says there is no log found.
Let me know what I can do to help diagnose the problem.
Please tell me the URL of your wordpress site, so I can test a few things.
You can test it by logging off and then using the word VIAGRA in a comment. If the comment works then the plugin is not working.
Just for fun, try to turn off and then on again all the options on the plugin options page. This sets the options in case they were scrambled somehow. To be sure you can scroll down to the bottom of the options page and click “Show Raw Options” and then click the “Force Reset of All Options” button.
Sometimes a plugin is not completely installed. You can try uninstalling the plugin and then reinstalling it from scratch.
If the log is not written, press the “delete log” button and see if you get an error. The log should say Log Deleted with the date and time it was deleted. If it doesn’t delete the log then your plugin folder is write protected.
The plugin only works on standard WordPress installations. If you have plugins or a theme that do special things with comments or the registration forms then the plugin will not work.
Thanks for the quick and detailed reply.
Something I did when I followed your outlined steps got things working. Unfortunately I don’t know exactly what it was. Nothing I did before deleting and reinstalling the plugin worked. After reinstalling the plugin I immediately checked the status of the log and it was still showing as missing so I hit the delete button and it created a new log. But it did not show the log as having been deleted because there was no log to delete. When I pressed the button a second time I got the delete message. It was only after doing all the above that I again tried to register with a known bad email and it was denied.
Some more details, in case they help:
My site is using bbpress, but my login spam is all coming from the standard login page which has not been modified. There are no public pages with open comment forms.
I tried deleting the log and it successfully created a new log. I did not get the deleted message because there was no old log to delete. When I deleted the newly created log I then got the deleted message.
Force resetting the options did not fix the problem.
My best guess is that reinstalling the plugin solved the problem. I should have done that before posting. It doesn’t seem likely, but I suppose it is possible there was something with creating the log file that solved the problem.
Now I will go change the options to what I had.
Thanks again for your help.
It should stop registration spam very well.
I have written many plugins and a bad update or installation happens more often than you think.
This is a new plugin, so I only have a few users so I am very pleased that at least one of them got the plugin to work.
The plot thickens. I had some spam registrations last night that should have been caught. When I go to the registration page and try to register with the spam email addresses my registration is stopped so it appears the plugin is working perfectly. But the spammers go through. I guess I’ll have to dive into the logs to see what they are doing. My site is at https://watrailblazers.org/wordpresstbhl/ if that is of any help to you. As far as I can tell without looking at the logs they are using the main registration age at wp-login.php?action=register. But I will check that out.
I figured out what is going on. I had interpreted things incorrectly. The spammers are using the bbpress login page and, as indicated in the docs, this plugin won’t work with altered login pages.
I didn’t think they were using that page because the spam emails were never registered with a bbpress role. It turns out that they either never complete the registration process to get that role, or when they do complete the process it is because they use the lost password link to complete the process, not the email sent by WordPress. Interestingly, the ones that use the lost password link to recover the password have a different IP address then the bot used for the initial registration.
I will download bbpress and see what I can see. The register check is very specific on purpose so that the plugin does not lock out a registered user. I will try to register on your site to see what is going on.
I’ve added support for the BBPress registration form.
I installed the update and it worked perfectly in a quick test.
We should have plenty of confirmation by tomorrow.
Thanks for the nearly instantaneous update!
- The topic ‘No Spam Being Caught’ is closed to new replies.