[Helene Finidori]

Hi,

We are seing a recrudescence of splogger attacks. People (?) who manage to sign up with BG, FW etc or jdg345 type of data entered in the text areas of their profile, that create groups, or documents or post activity status that are spam.

Has anyone else experienced this? And did you manage to stop this?

We have Akismet, WanGuard and Better WP Security installed. Plus a conditional captcha that kicks in for new commenters and if Akismet has suspiscions.

Better WP security regularly sends warnings of file changes but I am not proficient enough to go and look in the error logs and identify if it’s a file compromised or a file changed because a plugin or a legit new member created…

We used to have lots of spam comments. None anymore. It seems there’s a new way of operating spam now…

I would welcome some advice.

Thanks

Helene

[Matthew K Gold]

Hi Helene,

Spammers are the bane of the open web. Unfortunately, I had a lot of
headaches on my own CBOX installs before I partially closed registration,
setting things up so that people with .edu and .org domains could register
automatically, but asking others interested in registering to send an email
request for an account. Since I’ve made those moves, spam registrations
have dropped entirely and life has been much better.

If you’re interested in implementing this for yourself, you can download
the plugin that @r-a-y created to restrict signups to .edu and .org domains
here – https://github.com/r-a-y/bp-rsed

Best,

Matt

[Helene Finidori]

Thanks Matt, we were talking about the possibility to go with requests a minute ago. Thanks. It would be helpful to keep it open to org and edu.

[Author]

Posts