Who are the 'guests' that show up in my subscription only website?
WPMU DEV Community
Who are the 'guests' that show up in my subscription only website?
Elite
211 pointsWPMU DEV ExpertI'm new here
JoAnn
Member
—
27th January 2011 (1 year ago)
I have a buddypress site with the Business Portfolio theme. I am using the WordPress Membersip plugin and only subscribers can see the protected content.
I also use the Visitor Maps and Who's Online plugin.
I am able to see any member who is online, but I also see 'guests'.
Who are these guests? I do not have any level set up for 'guests' and I certainly do no allow any 'guests' in the site without being registered subscribers, so who are they?
They are not bots as there is a place to see this and they are listed separately from guests.
Please let me know. It is imperative that I have full security on my site.
I have a buddypress site with the Business Portfolio theme. I am using the WordPress Membersip plugin and only subscribers can see the protected content.
I also use the Visitor Maps and Who's Online plugin.
I am able to see any member who is online, but I also see 'guests'.
Who are these guests? I do not have any level set up for 'guests' and I certainly do no allow any 'guests' in the site without being registered subscribers, so who are they?
They are not bots as there is a place to see this and they are listed separately from guests.
Please let me know. It is imperative that I have full security on my site.
Have you tried being a "guest" to make sure you have everything protected? If so, then can you get details of the pages they are being registered on? What about your web site logs? Can you match a guest time with a page visit to see what caused them?
I did some checking and found out that the listing of 'guests' by Who's Online are simply a list of people visiting the home page, which has limited information and allows for sign up or sign in or clicking protected links that lead them to a 'members only' page. When the software refreshes these 'guests' disappear.
I carefully rechecked all of my protected content and now feel confident that the site is secure.
6593 pointsLike some sort of WPMU DEV GodExceptionally helpfulLifetime member
Keeper of the Dark Chocolate
—
30th January 2011 (1 year ago)
#
I know you mention bots but it could also be spammer bots seeing the wp-comments-post.php file and trying to leave their garbage.
May want to scan an stats your host provides looking for high number of visits coming from a small number of IP addresses and/or trying to access that file. Make sure you don't include yourself in that list of course. May want to start blocking those ip addresses, at least for a little bit until the issue gets resolved at the other end.
Is there a single url that seems to get accessed a lot?
Responses (3)
Developer — 28th January 2011 (1 year ago) #
Have you tried being a "guest" to make sure you have everything protected? If so, then can you get details of the pages they are being registered on? What about your web site logs? Can you match a guest time with a page visit to see what caused them?
Member — 28th January 2011 (1 year ago) #
I did some checking and found out that the listing of 'guests' by Who's Online are simply a list of people visiting the home page, which has limited information and allows for sign up or sign in or clicking protected links that lead them to a 'members only' page. When the software refreshes these 'guests' disappear.
I carefully rechecked all of my protected content and now feel confident that the site is secure.
Keeper of the Dark Chocolate — 30th January 2011 (1 year ago) #
I know you mention bots but it could also be spammer bots seeing the wp-comments-post.php file and trying to leave their garbage.
May want to scan an stats your host provides looking for high number of visits coming from a small number of IP addresses and/or trying to access that file. Make sure you don't include yourself in that list of course. May want to start blocking those ip addresses, at least for a little bit until the issue gets resolved at the other end.
Is there a single url that seems to get accessed a lot?
Become a member