WordPress MU

I have suddenly been plagued by splog signups in the past week, mostly from 65.75.243.* and 75.127.*.* for "random" blog names of the form [random]blog[random_4_digits]. In order to temporarily combat this, I changed the signup question (some mu plugin) to more advanced human-testing questions.

When that didn't work, I tried limiting registrations to only a few domains, but I kept receiving the notifications of new blog registrations (all of which are clearly splogs).

When THAT didn't work, I tried to disable registrations altogether in the WordPress MU Admin Options page.

Why is it that I am STILL getting these splog signups, and what is an efficient way of blocking them? Could I use .htaccess to blacklist the suspect IP's?

EDIT: I EVEN changed my MySQL and admin passwords!

Rename wp-signup.php to something else for a quick fix. There's a few instances where you have to change it inside the file itself.

And then try WP-HashCash.

"Could I use .htaccess to blacklist the suspect IP's?"

Yep, that's how you ban IP addresses.

And once a spammer has a username on your system, they can create a whole PILE of splogs.

You may want to search for "splog signup" here in the forums as this has been discussed a number of times previously and I believe a few folks shared their IP addresses that they had noticed these signups were coming from.

I politely suggest that you may want to review the IP address before blocking. It may be an ISP proxy which blocking would be a bad thing.