Title: Plugin Used for spam
Last modified: September 3, 2019

---

# Plugin Used for spam

 *  Resolved [yoni y](https://wordpress.org/support/users/yoni-y/)
 * (@yoni-y)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/)
 * I’ve been getting a lot of spam when using this plugins.
    Some bots just keep
   subscribing the same email every couple of hours (dozen of different emails).
   I guess the poor owner of the e-mail is getting hundreds of subscribe requests
   each day. It would be much better if the plugin will only send a confirmation
   e-mail once and will not allow to users to resubscribe if an e-mail was already
   sent to them.
 * I assume some e-mails might fail to send so maybe a retry every 24 hours up to
   3 retries is OK, but allowing for unlimited retries just opens the process for
   explotation

Viewing 5 replies - 1 through 5 (of 5 total)

 *  [Matt Robinson](https://wordpress.org/support/users/mattyrob/)
 * (@mattyrob)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11894598)
 * [@yoni-y](https://wordpress.org/support/users/yoni-y/)
 * The plugin ships with 2 features that help here.
 * Firstly, you can block subscription requests from specific domains in the Settings
   page.
    Secondly, you can use the plugin API to set a lockout that will block 
   multiple requests grin the same IP address. You need to add some simple code 
   to your site preferably in a custom plugin or in the themes functions.php file:
 *     ```
       function my_s2_lockout() {
       	// return number of seconds for the dessired lockout
       	return 3600;
       }
       add_filter( 's2_lockout', 'my_s2_lockout' );
       ```
   
 * Finally, it’s always worth using anti-bot plugins like the excellent [Bad Behaviour](https://wordpress.org/plugins/bad-behavior/).
 *  Thread Starter [yoni y](https://wordpress.org/support/users/yoni-y/)
 * (@yoni-y)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11897383)
 * Hi [@mattyrob](https://wordpress.org/support/users/mattyrob/)
    This issue doesn’t
   really affect me personally as I already patched my subscirbe2 code. The Not 
   sure if the lockout mechanism is good enough as there should be some maximum 
   limit to how many time and address can be subscribed.
 * also 1 hour is hardly enough of a block time (I see subscribe attempts 4 hours
   a part)
 * I’m pretty sure this is a targeted attack specifically targeting subscribe2 installs
   so it’s better to enable the locking mechanism by default (and allow users to
   modify it in the settings).
 *  [Matt Robinson](https://wordpress.org/support/users/mattyrob/)
 * (@mattyrob)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11897609)
 * [@yoni-y](https://wordpress.org/support/users/yoni-y/)
 * The code above is an example, the lockout duration can be altered anywhere up
   to 24 hours.
 * If you created a patch already we’d be happy to take a look and potentially include
   in future versions.
 *  Thread Starter [yoni y](https://wordpress.org/support/users/yoni-y/)
 * (@yoni-y)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11898885)
 * Sure thing.
    I was trying to look if you have a github repo to send pull requests
   but I couldn’t find it.
 *  [Matt Robinson](https://wordpress.org/support/users/mattyrob/)
 * (@mattyrob)
 * [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11899372)
 * [@yoni-y](https://wordpress.org/support/users/yoni-y/)
 * My Github code for Subscribe2 is here:
    [https://github.com/mattyrob/subscribe2](https://github.com/mattyrob/subscribe2)

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Plugin Used for spam’ is closed to new replies.

 * ![](https://ps.w.org/subscribe2/assets/icon-256x256.png?rev=2318630)
 * [Subscribe2 - Form, Email Subscribers & Newsletters](https://wordpress.org/plugins/subscribe2/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/subscribe2/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/subscribe2/)
 * [Active Topics](https://wordpress.org/support/plugin/subscribe2/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/subscribe2/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/subscribe2/reviews/)

## Tags

 * [Rate Limiting](https://wordpress.org/support/topic-tag/rate-limiting/)

 * 5 replies
 * 2 participants
 * Last reply from: [Matt Robinson](https://wordpress.org/support/users/mattyrob/)
 * Last activity: [6 years, 8 months ago](https://wordpress.org/support/topic/plugin-used-for-spam/#post-11899372)
 * Status: resolved