Posted 3 months ago #
I am really cheesed off at present. I spent ages putting in spam email accounts to the ban list only to have several spammers join recently using the self same email acocunts.
Either it doesnt work or I am putting them in incorrectly. Could someone please let me know how to word the email so that it actually works?
Single lines, no wildcards, like this:
168max.com
21cn.com
komatoz.net
mail.ru
800Clothing.info
800Footwear.info
and so on...
also check out the latest readme.txt file where it says:
"165 SPAM
166 ====
167 On WordPress MU sites spam signups can be a major problem. Akismet (http://akismet.com/)
168 protects against spam comments but the following will help defeat
169 spammers using automated scripts to create blogs:
170 http://ocaoimh.ie/cookies-for-comments/
171 http://wordpress-plugins.feifei.us/hashcash/
172 http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/"
Posted 3 months ago #
Ahhh I had @ in front of them all. Awesome thank you!! I will check out the latest readme too.
I see you here a lot helping everyone, and was on your site the other day. Great work you do Andrea, thank you very much, you have helped me out several times without knowing :-)
Off to go through many, many emails I put on to mass delete a stray @ lol
Copy the email list into a text editor, then use the find and replace to remove the @, and paste the list back. :)
You are very welcome.
Posted 3 months ago #
Oh POO! I did that and I had four more join last night with the same email addresses. I did the htaccess thing too.
Nothing is stopping these prats from joining :-(
Try montyspam
Did you try those 3 suggested links above as well?
Posted 3 months ago #
I did the htaccess one and the email list. I weasnt sure if I could try all of them at once but I will do anything. I am getting minimum 5 spam blogs a day, doesnt sound like many and im gratful its not bots yet, but it already annoying LOL
Posted 3 months ago #
Oh and I have akismet for the comments. They are however not commenting, they are making usernames and blogs.
"the following will help defeat
spammers using automated scripts to create blogs:
http://ocaoimh.ie/cookies-for-comments/
http://wordpress-plugins.feifei.us/hashcash/
http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/" "
Do all three of these.
Posted 3 months ago #
Yes, thats the htaccess thing I already put in unfortunately. I think this must be real people that are coming, using mysace.com and onlq.com emails I tried banning those but it has made no difference at all, they are still coming. Had another three already thins morning. Look like I will have to give up worrying and just accept it as a part of this blog
Posted 2 months ago #
Hi,
I have the same problem too :(
Same domains: mysace, onlq, myspacee and so on.
I use reCaptcha during signup but nothing to do.
As far as I know, recaptcha has not cracked yet.
Anyway, I have one/two join daily.
But I don't think they are real people signing up here and there over the net. I think they are spam bot.
Recaptcha doesn't fix the problem. Htaccess doesn't fix the problem.
So?
Posted 2 months ago #
Im not sure but the email ban may be working as I am getting different ones now and havent had a re-entry of the ones I ban. However, there are SO many emails to ban it is ridiculous. Once I put in the list, then a new one, another comes along. It just doesnt work this way.
I am about to try the disposable email plugin and see what that does. Not sure if that works with BP
Did you install bbpress too? Turn off user registration in bbpress.
Posted 2 months ago #
You can't ban all of them. Look at here:
http://ipneighbor.com/neighbors.php?q=onlq.com
Too many domains. These are some IPs of them:
87.118.94.133 (87.118.64.0/18)
67.18.16.226 (67.18.0.0/15)
74.208.10.19 (74.208.0.0/17)
67.205.45.4 (67.205.32.0/19)
The key is discovering HOW they can do that. When you KNOW HOW they do that, then you will be able to block them. Suggestions?
Posted 2 months ago #
Oh, I didn't install bbpress and I have the same problem.
Email ban works but there are too many domains to ban.
I use recaptcha (not cracked yet AFAIK) so they aren't signing up at all.
Hence my question is: how can they bypass signup form?
Has everyone tried all three of these, all at once?
http://ocaoimh.ie/cookies-for-comments/
http://wordpress-plugins.feifei.us/hashcash/
http://www.darcynorman.net/2009/05/20/stopping-spamblog-registration-in-wordpress-multiuser/
Posted 2 months ago #
I have not spam inside of comments, actually.
So cookies and hashcash are not helpful.
I tried htaccess change but it didn't work.
Putting in spam email accounts to the ban list didn't work at all.
BTW, I use re-captcha during signup.
Nothing works.
So I changed the wp-activate.php file blocking signups from IP addresses that are not coming from Italy (I have an italian wpmu installation).
This stopped splogs for a while, but today... one new bogus registration!
Again, how can they do that?
Where can I put a piece of code to block them?
My BIG question is: how can wordpress.com handle that?
Posted 2 months ago #
I'm getting the spammers walking right through the banned domains list as well. I employ the 3 listed techniques (heck, I wrote one of them :-) ) but they just walk right through like the banned domains list isn't even there.
Biggest offenders are
myspace.info
myspacee.info
both of which are in my banned domains list. I keep getting people creating accounts and blog sites using email addresses from those domains (and a handful of others).
(update: just looked - I had an installed but not active copy of BBPress. I've just nuked that to see if they were somehow using it as a back door).
Posted 2 months ago #
yeah. no trace of BBPress, and the myspace.info and myspacee.info keep on coming even though they're in the banned domains list. Any ideas?
You must log in to post.
