Spam/security notes/issues

Resolved ProWebZone
(@prowebzone)

11 years, 3 months ago

It seems that pretty much as soon (within an hour or 2) of setting up a wordpress site, I have users signed up and spamming, when I moderate posts, they start groups, keep running around closing gaps….Yes, using and liking wordfence, but, how do these people (usually .ru and china and france, users know that there is a new site set up so fast? It seems to me that as search engines, or other normal means should not generate this much interest especially in this time frame. I am wondering if there are any “announcements” with the installation of a new wordpress site that I can somehow eliminate. I can not see any way that this many spammers can find a new site so fast. By the time I complete the install and go straight to modify user registration requirements and add wordfence I am already behind in spamm. Is this just me being targeted, I can’t see how. Just wondering if there is some sort of way to stop this. It is hard to keep a site public and accessible and balance that with keeping the spam away from members.

Viewing 5 replies - 1 through 5 (of 5 total)

Moderator James Huff
(@macmanx)

11 years, 3 months ago

They aren’t actual people, it’s an automated botnet that just hits the common registration URL of every WordPress site.

Is there any particular reason that you want/need to allow use registration on your site?

Thread Starter ProWebZone
(@prowebzone)

11 years, 3 months ago

Thank-You for the fast reply.
Hoping to have a member community to share ideas and resources, but, thinking if this stuff can’t be stopped, maybe working on a different approach, maybe admin approving new members, was hoping to be able to stay fairly open, but, maybe have to work around this. Tried email confirm and even captcha with same results, actually, did not even seem to slow them down that much. Can not afford wordfence premium with country blocking at this time, and not sure that would solve the issue?

Moderator James Huff
(@macmanx)

11 years, 3 months ago

It can definitely be stopped, but captcha isn’t the answer. The botnets can already solve most captcha with ease.

Country blocking isn’t really the answer either. What if someone in Russia really does want to be a member on your site?

I don’t have registration open on any of my sites lately, but I have heard some great things about https://wordpress.org/plugins/avh-first-defense-against-spam/ and highly recommend giving that a try.

Also, if you can identify a common word or domain in the spammer’s emails, https://wordpress.org/plugins/ban-hammer/ is a great simple plugin that I used a while back. If the registration matches anything in the comment blacklist (at Settings -> Discussion in your Dashboard), it’s immediately blocked.

Thread Starter ProWebZone
(@prowebzone)

11 years, 3 months ago

Thank-You, will try those and reply here as to success (hopefully)

Thank-You

Moderator James Huff
(@macmanx)

11 years, 3 months ago

You’re welcome!

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Spam/security notes/issues’ is closed to new replies.

Spam/security notes/issues

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics