MULTISITE - SUBSITE ISSUE super admin marked as spammer

HI, I need to some help with my super admin account which does not have access to one of subsites because it was marked as spammer.
Can you help me with this issue?
Thank you

  • Adam Czajczyk
    • Support Gorilla

    Hello Philip

    I hope you're well today and thank you for reaching out to us!

    I can see the issue on the site and I also see that you've already been experiencing the same issue some time ago:

    https://premium.wpmudev.org/forums/topic/your-account-has-been-marked-as-a-spammer

    Unfortunately, James who worked with you on this is no longer with us for some time, and I'm not sure how your conversation ended so could you tell me, please whether this is still the same unresolved issue or was the issue solved back then but it just came back again?

    As for the issue itself. That "Spammer/Active" status is actually set in/by BuddyPress but I'm not quite sure why. I believe that initial diagnosis set in that previous ticket is right but I'll need to dig a bit deeper. I also think - though that's something that I'll need to check as well - that it might actually be easier/better here to try to somehow "exclude" admin/super-admin accounts from that "spam check" entirely. It's obvious that admin/super-admin is an "almighty user" and only given that role on purpose so it doesn't make sense to me to even mark such users as spammers.

    But, like I said, I'll need to investigate it closer.

    Meanwhile, could you please address my question above but also let me know if:

    - this only affects this particular account for now or are there any other accounts that are marked as spammers but you think they should not be?
    - if so what user-roles are these accounts?

    Best regards,
    Adam

  • Philip
    • Flash Drive

    I am honestly not sure if there are other accounts affected or if there is a specific role tied to this issue. Honestly, this whole issue is a giant nightmare for me. I have WordPress mainly to power 2 sites within my sub-site, both of which are broken. At one point I had a single login plugin to allow the user to log into one site and switch to the other site and automatically be logged into the other sub-site. This worked fine for like, a week, and then something broke the whole thing. My original ticket post was for what seems to be the origin of this problem:

    https://premium.wpmudev.org/forums/topic/your-account-has-been-marked-as-a-spammer

  • Predrag Dubajic
    • Support

    Hi Philip,

    I tried checking your DB and the site but I'm afraid that there's nothing obvious about blocking your account.
    I see you have Wordfence plugin active and over 60 plugins on that subsite, so it's possible that the Wordfence doesn't like the behavior of a certain plugin and is blocking the account due to that.

    Try disabling Wordfence completely and see if the account is unlocked after that, or get it touch with their support so they can check the status of that account in Wordfence and what could be blocking it.

    Best regards,
    Predrag

  • Adam Czajczyk
    • Support Gorilla

    Hi Philip

    I've just spent great amount of time checking the site, testing it and looking for what could be potentially a reason for the problem and I must say it's really "tough" issue. I do expect that it will eventually turn out to be something quite "trivial" but only after we'll find it. So far, it's more of a mysterious riddle, I'm afraid.

    I have reviewed pretty much every aspect of the site configuration and I have also tried disabling (temporarily - they are all "as they were" at the moment) some plugins that were appearing to generate some console errors during attempts to "unspam" the user account. No luck with that.

    I then looked into the BP code itself and it looks like to be marked as a spammer user either has to be manually marked as a spammer by super-admin (so other super-admin in theory could do this) or by some additional extension (plugin, theme, custom code) that actually hooks up to some action hooks provided. Furthermore, the super-admin users should be "bailed out" of the limits that are normally put on the "spammer" accounts. I'm not an expert in BP core core code but that's how it looks it should work.

    That would still point us in the direction of "some other plugin is marking account as spammer" - possibly some plugin that is integrating with BuddyPress somehow. But the site is very complex and I didn't risk any serious conflict tests as I suppose I wouldn't be able to revert it back to the same state afterwards.

    I could probably try to "reset" that spammer status via the database (as it must be stored there) but I'm kind of afraid that this will not be a long term solution and the problem will re-appear quite fast. So we still need to find the main culprit and that apparently "is hiding" very well :slight_frown:

    I'm aware of the "e-mail activation" and "social login" aspects that were discussed in that older ticket of yours but I'm still thinking it's "not all". I just checked and I don't see any mention of a full conflict test being performed on site, did I miss it? Let me know please.

    In any case, I suppose it might be difficult to run such test on this site but perhaps it would be possible that you set up a full "clone" of this install somewhere on your server so we could run such a test there and also - so I could do more tests/checks safely, without affecting the live site?

    This could help a lot so let me know please if it would be possible and if you could provide full credentials to such site (please do not post any access credentials here!).

    If so, I'll provide you with a way to securely send me access credentials and will continue investigating this on that site.

    Kind regards,
    Adam

  • Philip
    • Flash Drive

    Yes, I would like to proceed with your suggestions. Do note, I tried to create a new site to test this scenario but it looks like as soon as I activated the BuddyPress plugin on this fresh site it automatically flagged my admin as a spammer. Whatever is causing this has somehow "infected" the multisite database via buddypress.

  • Adam Czajczyk
    • Support Gorilla

    Hi Philip

    Thank you for getting back to me (and I'm sorry for a delay on my end).

    I gave it another go on my test site this time trying to at least "trigger" similar issues: either get automatically marked as spammer or at least the case where I'm not able to unmark/mark as a spammer but to no luck again.

    I admit I'm really stuck with it and, unless I'm missing something really "strange", I'm now nearly sure that it's somehow specific to your setup. You said that you tried to create a new site to test - you mean that it was sub-site of this multisite or a completely fresh install?

    My point about staging site was actually creating an exact, 1:1 copy of your current multisite, preferably on the same server so then, having full access credentials (including server) I could do any testes necessary there. What I was hoping to start with was to first disable absolutely all plugins on site and work only with BuddyPress (and the Twenty Seventeen or Nineteen theme) to see if that let's "unspam" user and then try to find out which part of the site (by enabling themes back, checking database and WP debug log etc) is blocking that action.

    Then knowing this it would be easier to find a fix for that. And after that finding (and possibly fixing) what's causing the user to be "automatically" marked as spammer would also be more probable.

    So, if you could setup such a "carbon copy" of your entire current Multisite, that would give us much better chances. Don't worry if the user gets spammed automatically, we can actually get past that temporarily buy switching of BP and/or creating additional admin/super-admin user(s) via database - so for just testing purposes that would work fine.

    Best regards,
    Adam

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.