The MU forums have moved to WordPress.org

Feature Request: moderate/approve user sign ups (3 posts)

  1. Bif Powell
    Member
    Posted 14 years ago #

    In this environment I just can't justify any other priority than this simple feature. I am going to be as concise and even-tempered as I can because that is the only way to actually get heard - I "get it" and normally I'm very laid back and solution-oriented and I've seen a million rants with negative consequences like everyone else here. Currently though, the frustration is building.

    <smoke break>

    Productive information follows: I know almost everyone knows this, but in case...

    Environment:
    SEO 101 stuff, knowledge about how google ranks stuff, google is the only search engine of consequence, everyone is gaming it, and they only have to game one to be effective.

    WP/WPMU is becoming/has become a major blogging and social engine, EVEYRONE is gaming it and if WPMU keeps getting better, soon they will only have to game one to be effective.

    Effect:
    The more links to a product's site out there from reputable sites, the more they game google. So naturally the parasite part of this symbiotic relationship (wpmu is the host, they are the bug that has a side benefit of the promotion and 'improvement' of the host) adapts with automated stuff making accounts with numbers at the end, with all the randomness and consistency of 'real users'. They start blogs and have links back to their stuff. They do this with more knowledge about hose wpmu works than 99% of the wpmu admins out there.

    Here is what I've done to combat this:

    1. I did the .htaccess hack of not letting machines access the sign-up page directly
    2. I go in and daily mark all those accounts ending in numbers as spammers
    3. I use the ips from those sign-ups to deny in my .htaccess file (which is HUGE at this point from about 6 months of updates, which might need to be scrolled off, but do I dare, when removing one might add hundreds of sploggers within 24 hours?)
    4. I run a query on the database directly to parse and group on domain which I then paste into the blocked email domains box.
    5. Other things suggested from the 9 bazillion topics on this subject - google it ;)
    6. I get 4 pages of sploggers EVERY NIGHT. I update my information EVERY MORNING. I've done this for 6 months. Everyone has their own stories, but they are all the same.

      Basically wpmu is perfect, in almost every way. Which is why it's all the more dangerous to let it be built to be SO GOOD that everyone wants it, and then to maybe unwittingly guide it's development to allow the parasite to ultimately prevail leaving just a dead husk in it's wake, yet all the more powerful for having sucked it dry. The most effective parasites are the ones that don't kill their host too quickly. For these types of bugs, it's usually best to just hack off the arm, kill it where it stands and try and live with a decreased functionality.

      So pretty please, with sugar on top, in the next release - someone;

      After a user has registered an email is sent to the administrator.
      This email has links to:

      Approve

      If that link never gets clicked, the user becomes a spammer in some time setting.

      OR

      The user list screen let's me see 1000 entries per page. Please.

      OR

      A Donate button on the site that donates to just certain features.

      Thanks!

  2. andrea_r
    Moderator
    Posted 14 years ago #

    I get 4 pages of sploggers EVERY NIGHT. I update my information EVERY MORNING. I've done this for 6 months. Everyone has their own stories, but they are all the same.

    then there's a few new things to try, becasue there are those of us with open signups who get very little spam. (Yes, on decent ranked sites). :)

    Yes, I know it is frustrating as hell.

    I did see you didn't mention if you were running hashcache like is suggested in the latest readme, and in the latest codebase when you turn on registrations. Nor did you mention blocking xmlrpc requests.
    and have you de-selected the option "let users add users to their blogs"? It's in the Site Admin -> Options menu. That has stopped them cold for me.

    also, invite & moderation plugins currently exist for mu. the next iteration (in case you missed it) will be merged with single WP. most, if not all, your suggestions above will likely get recommended as plugin territory. (Saving you the frustration of letting you know this now)

    And, finally - are you running *just* mu or did you add BuddyPress too? Because there's different methods for that, as it hijacks the registration page.

  3. Bif Powell
    Member
    Posted 14 years ago #

    I did miss it, but will be pleased!

    I do have buddypress.

    Many thanks for the helpful reply!

About this Topic

  • Started 14 years ago by Bif Powell
  • Latest reply from Bif Powell