Support » Fixing WordPress » suspicious users bypassing askimet. Hot to find IP?

  • Resolved jlockley

    (@jlockley)


    On one of my two blogs I have been getting suspicious users signing up, mostly from o2.pl (the email given..probably not, actually) with obviously robot generated id’s. I have captcha. they are bypassing it somehow. A review of visitors in CPanel shows a lot of Russian hits (a bad thing). Blot content is narrow and specifically targeted to culinary workers in the US, so this is not righteous.
    I am puzzling over their purpose. The fact that the blog blew its bandwidth usage twice makes me suspect using it as a spam portal. I spoke with the server techs about this, and they were extremely unimpressed.
    I am trying to figure out how to get the users’ IP addresses, from which I can determine the ip ranges and block them from the site.
    What I think I am looking for is a good statistics plugin which shows user statistics with IP and time of sign up.
    What I also need is a sign up system which is more difficult that captcha.
    Input and suggestions gleefully accepted.

Viewing 12 replies - 1 through 12 (of 12 total)
  • esmi

    (@esmi)

    Forum Moderator

    Akismet only filters spam comments. It does not filter user registration on your site in any way. So where is the problem? Comments? Or user registrations?

    Yes, I understand that, but I noticed Askimet being advised to someone else, and I friend I went to with the problem advised it, so I wanted to state that I have it. Askimet does a very good job of spam blocking.
    The problem, as far as it exists at this time, is rashes (up to twenty or thirty a day) of new users from Poland (although my stats on the server slice show no visits from Polish IP’s) which blow my bandwidth.
    I have no idea what they are up to, but my guess is that it is better to figure out how to block them all together than wait and see.
    My desires (rather than my problem) are a) a plugin which will give me more visitor information and b) a more complex sign up process that my current captcha offers.
    If I have the IP’s, I can find the source. I have secured our mail for now (it’s a never ending battle) but would like these guys as far from my site as possible. So security issue, I guess.

    esmi

    (@esmi)

    Forum Moderator

    Where is the problem? Comments? Or user registrations?

    Registration.
    Also in site visits, which I get from my CPanel. That does not show me however, when which IP’s apeared and of course not which registered. (There may be a way to get to that information. I am working on it.)

    esmi

    (@esmi)

    Forum Moderator

    Registration.

    Then Akismet is about as useful as a bicycle for a goldfish. It’s for managing comment spam – not user registrations. A completely separate area.

    Site visits don’t usually have much of an impact unless you are getting thousands of visits from these “spam ips” – in which case you can block them using your .htaccess file. Your hosts may be able to help you with this.

    If you are sure these are spammers, have a look at http://wordpress.org/extend/plugins/custom-registration-link/ or http://wordpress.org/extend/plugins/stop-spammer-registrations-plugin/

    I have no doubt that they are nefarious..spamming probably the goal.
    Thank you very much. custom registration looks as if it would work well. Pretty much what I am looking for.
    As for the htaccess file, I think I need the IP’s to enter, which was the first question. I know from our fight against the Ukranians that the IP ranges are vast. I believe we have blocked about 110 pages of addresses so far.

    esmi

    (@esmi)

    Forum Moderator

    Your hosts are the best resource if you want IP addresses. They should have raw logs that you can use.

    I have logs, but they are pretty bad. For one thing, the visits are not dated (???). Nothing Polish, lots of Russian spider bots. Ergo my concern.

    Wordfence Security can show you all IP activity and will let you block specific addresses or even entire countries.

    Yeeeeee Haw! With both your help problem surely solved. Thanks to both of you.

    esmi

    (@esmi)

    Forum Moderator

    Glad we could help 🙂

    And fast!!!

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘suspicious users bypassing askimet. Hot to find IP?’ is closed to new replies.