Preventing Spam: Mostly user registeration - Antisplog? Wp-Admin? Buddypress? Not sure.

I have setup my anti-splog following the steps outlined here: https://premium.wpmudev.org/project/anti-splog/
I have also set up my WP comment blacklist using moderation for all-unregisted users and a blacklist from github.

And I am happy to report that splogs have ceased entirely as well as comment spam, however I am still having spam user registrations. I think they must be getting through buddypress registration - yet I have set my registration page to a randomized url - (why didn't someone think of that before? You guys are awesome) and between that and other mesures - spam user registration is down - but still at un-acceptable levels.
I wonder if there is a way to stop this using a plugin here or rules that seem to be working for anti-splog to stop this problem.

  • StudioSelf

    Is this part of the solution? - the user registrations are mostly usernames with numbers. Integrating the anti-splog regular expression "/[a-z]+[0-9]{1,3}[a-z]+/": seems to help with numbers within the username, but not attached to the end. Can this regular expression be modified to work?

    Side note: The github list has helped stopped all comment spam - they don't even make it to the spam folder yet the list is so large - I am not sure it can be added as a regular expression to anti-splog., which contains only a few common spam words: "/ugg|louboutin|pharma|warez|download|megaupload/i
    ".. or within any of my mudev plugins for that matter. But it works so well. Can this list be utilized network wide?

    Github list: https://gist.github.com/splorp/1385930

  • Vinod Dalvi

    Hi @StudioSelf,

    I hope you are well today and thanks for posting on the forum.

    Are the SPAM registration happening now from specific domain, email id, IP address or having related user names etc. ?

    If yes then you can prevent them using Anti-Splog Pattern Matching feature.

    Are the registration happening in short span of time like automatic registration or take some time like manual registration?

    Have you tried using Captcha or PlayThru or Questions and Answers options of Anti Splog to secure it?

    Please try reducing the Blog Signup Splog Certainty level in the Anti Splog settings.

    Best Regards,
    Vinod Dalvi

    • StudioSelf

      Perfect timing. I have some updated info to share which may assist you in assisting me.
      First of all - it seems spam has gone up since I have posted the log in form to my homepage http://studioself.com - If logged out - registration is shown.
      At this point I believe I had better share with you another thread in which I am working with another of your kind staff yo create a simple account login/out form:
      https://premium.wpmudev.org/forums/topic/customize-the-appearence-of-mempership-2-login-form-side-by-side

      Are the SPAM registration happening now from specific domain, email id, IP address or having related user names etc. ?

      At this point, They all have yahoo.com in common, but banning the domain I think would be a bit of an extreme fix. I am open to alternative solutions

      If yes then you can prevent them using Anti-Splog Pattern Matching feature.

      BEFORE adding the homepage login/out. I was and still am using this on the normal registration page that is url-randomized using Anti-Splog and re-captha secured. This is where the only spam that get's through is membernames that consist of a normal username with numbers at the end.
      They all have yahoo.com in common, but banning the domain I think would be a bit of an extreme fix.

      Are the registration happening in short span of time like automatic registration or take some time like manual registration?

      I usually check by the day. I have noticed that some memberships are marked Participant and some are marked Subscriber.

      Please try reducing the Blog Signup Splog Certainty level in the Anti Splog settings.

      I will do this, but I must clarify: the "splog certainty" - if reduced means that a potential splog would require a lower splog score? So less certainty is more protection?

      I thank you for your time and knowledge.

  • Vinod Dalvi

    Hi @StudioSelf,

    First of all - it seems spam has gone up since I have posted the log in form to my homepage http://studioself.com - If logged out - registration is shown.

    Glad the spam has gone up :slight_smile:

    I will do this, but I must clarify: the "splog certainty" - if reduced means that a potential splog would require a lower splog score? So less certainty is more protection?

    Yes you are right.

    Regards,
    Vinod Dalvi

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.