The MU forums have moved to WordPress.org

How to stop the Splog -- we can figure this one out (4 posts)

  1. copperblade
    Member
    Posted 14 years ago #

    Ok guys, I know I'm not the only one having a problem with splogs. I've installed both captchas and security questions. (see: http://bitfreedom.com/wp-signup.php). And today I go onto the site to see... why I have no less than 9 splogs! And one of them has an email domain that I've listed to block!!

    So I think, "I don't know how they do it, but I need to start blocking their IP or something." I go to my Apache logs and grep for one of the user/blog names, and not quite to my surprise I don't find it. In the back of my head was always the idea that they must know what kind of HTTP request to send in order to bypass my checks, but I figured someone would have fixed that by now.

    So obviously this is what is going on. No amount of captchas or other techniques are going to work if there is a way to get wpmu to register a blog simply by POSTing some variables to the right URL. I did look at the wp-signup.php file and it's a bit complex, but certainly someone here knows how to quickly find where it test (if it does at all) the input variables.

    Anyone?

  2. copperblade
    Member
    Posted 14 years ago #

    Hmmm, I think my assessment of the situation may be incorrect. I guess I shouldn't be expecting to find something in the Apache log unless they want a "new=" blog.

    Unless someone else is seeing a way they can bypass wp-signup checks, ignore this thread.

  3. copperblade
    Member
    Posted 14 years ago #

    I'm now tracking POST variables and having them emailed to me. Here is the associated ticket:

    http://trac.mu.wordpress.org/ticket/543

  4. bwinn
    Member
    Posted 14 years ago #

    I hate splogs, are there any solutions yet? How are these guys getting through? I too have a security question and a captcha but it doesnt stop them...

About this Topic

  • Started 14 years ago by copperblade
  • Latest reply from bwinn