Comments on: Stopping Spamblog Registration in WordPress MultiUser

By: Bookmarks for November 18th through November 19th « LostFocus

Bookmarks for November 18th through November 19th « LostFocus — Thu, 19 Nov 2009 20:01:34 +0000

[...] Stopping Spamblog Registration in WordPress MultiUser : D’Arcy Norman dot net – Looks useful-ish. [...]

By: Armand

Armand — Thu, 19 Nov 2009 03:14:04 +0000

Unfortunately, I have had to disable registrations on my site too and added a note that if they want to register they have to email instead, to the point that I’ve also neglected adding any updates on it.

I might try that little nifty trick from Michael and might actually use the hack suggested in this article.

By: Michael Lovelock

Michael Lovelock — Tue, 17 Nov 2009 10:53:57 +0000

For those disabling self registration – don’t, that’s just letting the spammers win!
Splogs are a pain, but if you’re getting enough to really bother you, you might want to consider the ‘Moderate New Blogs’ plugin – http://wpmudev.org/project/Moderate-New-Blogs – at least then real users can still sign up and get their blog, whilst you can get rid of the splogs before they’re ever viewed.

Also worth renaming your wp-signup.php file and you might want to consider some smaller tweaks like removing the ‘powered by wordpress’ test in the footer of your theme. Little stuff, but every little helps

By: Cheryl Johnson

Cheryl Johnson — Mon, 16 Nov 2009 11:42:13 +0000

Sorry to say, I disabled self-registration on all my sites. (Thanks for that, spammers )

I mostly use my sites to create my own blog/sites anyway.

If anyone wants on board they will have to ask me, and if I know who they are, I’ll set them up as a user on the backend. It’s a labor intensive solution, but no more intensive then deleting spamblogs every day.

By: Michael Hampton

Michael Hampton — Mon, 16 Nov 2009 01:22:53 +0000

What is this? Bad Behavior doesn’t redirect anybody anywhere.

By: Jim

Jim — Sat, 14 Nov 2009 06:15:03 +0000

Thanks for the reply, I was just wondering there’s any “easy” way to ban all usernames ending in #### … ?

True, most just create the blog, But I have noticed some change the theme, and I did miss one that eventually posted. Our users keep asking what’s up with the stretchmarkcream blogs!

By: dnorman

dnorman — Sat, 14 Nov 2009 04:54:45 +0000

Yeah. I’ve been getting a LOT of FullnameYYYY users creating accounts and blogs lately. They don’t seem to do much more than create the default site – I’m not sure if their l337 skript kiddy tools bork on something, or if they’re planning to come back and crap up the place later.

By: Jim

Jim — Fri, 13 Nov 2009 19:33:36 +0000

UPDATE: I’ve had this solution in place now for a few months, and it had been working great, until recently. In the past week or so we have been getting dozens of splog registrations daily. It’s hard to believe by humans… :-\

Nearly all are from the fullname#### ilk. Can anyone suggest what might be added to these rules to ban signups for any username ending in a four-digit number? Is this even possible? I would be willing to do this on our site, and just add an explanation/disclaimer to our “if spam” redirect.

Thanks again.

By: Get Rid of Splogs Once and For All | WPMU

Get Rid of Splogs Once and For All | WPMU — Thu, 05 Nov 2009 19:05:28 +0000

[...] sent from a web page on your WPMU site or if it has an empty user agent string. Thank you again to D’arcy Norman for this [...]

By: Konstantin

Konstantin — Tue, 03 Nov 2009 01:44:52 +0000

I’ve added this to my htaccess file, will report soon to let people know if it has worked. I do get a lot of spam signups, I hope this will at least slow things.