imjjss 0 Report post Posted November 25, 2010 yesterday, I got 20 spammers registered on my site and each of them created a sub-blog. I deleted them, today, I got another 20 spammers and 20 new created sub-blogs. I have Akismet and Badbehavior plugin working on my Wordpress blog, those spammers didn't get caught. What else I should do to block spammer registering? Share this post Link to post Share on other sites
yordan 10 Report post Posted November 26, 2010 Which blogging system are you using?Don't you have administrating rights on your blog? You should be able to ban the spammer's IP address? Share this post Link to post Share on other sites
vhortex 1 Report post Posted November 26, 2010 akismet only blocks spam post but it was never been designed to block robots that sign up for an account. You need capcha on your blog. Share this post Link to post Share on other sites
imjjss 0 Report post Posted November 27, 2010 I banned their IP address in cpanel immedietely. they are from 2 IP addresses. After banned IP, new ones keep coming from other IP addresses, so I had to shut down "signup" and "create blogs" option.Thanks for the capcha suggestion, I added a "Hummanity" secrurity question and answer on register page. Now the robots stopped coming.But I'm thinking-- there are lots of robots keep trying to register everyday. It should comsume a lot of bandwidth or CPU resources on hosting side. That might make my blog slow down. Hope this is not true? Share this post Link to post Share on other sites
tansqrx 0 Report post Posted November 29, 2010 I’ve had the same problems (not the sub domains though) in the past. I found that implementing a CAPTCHA or updating to the latest version of WordPress solves the problem. Most SPAM usually occurs after a WordPress update which I haven’t had time to update my site.Looks like your site has been added to a SPAM list so from now on you will have periods of Whac-A-Mole the spammer. Hang in there because after a few months of not getting an SPAM through, they usually disappear. Unfortunately this is only temporary because a different spammer will try the same thing at a later date and you will have to do the same thing to them.P.S. Check all of your permission settings and administrative PHP scripts just to make sure they don’t have a backdoor in them. There are several websites that can scan your site for security holes but just be careful who you trust. Share this post Link to post Share on other sites
vhortex 1 Report post Posted December 3, 2010 (edited) Human check capcha's that gives riddles and math questions can be easily be beaten. I have written one which gives random math equation and added a quiz style checking. since i was not really sure if it was working pretty well, i created a cron job on another hosting that runs per minute and parse the info that was being feed. turns out that the quiz questions can be grabbed, analyze later and an answer table can be written for the bot to use as reference. in 9 days i was able to create a bot that not only works on breaking my anti spam software but was also successful to beat 90% of human question and answer patterns. the only code that beaten this approached are ajax triggered human/bot check. Edited December 3, 2010 by vhortex (see edit history) Share this post Link to post Share on other sites
mahesh2k 0 Report post Posted December 3, 2010 Nobody noticed most important thing here about blog creation and registration. If his blog is private then why he enabled setting of 'contributor' in his wordpress general settings ? Because of that settings flaw it is possible to register at his site and make blogs. Otherwise there is no way any spammer can create a blog on his domain under wordpress. Akismet has no control over subscribers, contributors login and the IP detection. Yes you can enabled CAPTCHA but for that you have to additionally install the plugin and then solve the problem of BOT registration. Hope that helps. Share this post Link to post Share on other sites
imjjss 0 Report post Posted January 5, 2011 I installed a humanity checking plugin, now the spammers can't get registered but never stop trying. Last month, they comsumed 3000mb bandwidth. That's a lot.I heard domains hosted by dnspark can get lots of spammers. So, I removed my domain from dnspark, changed to be hosted by the same host as my website. But this didn't improve the situation.Seems I will have to give up this domain? Share this post Link to post Share on other sites
yordan 10 Report post Posted January 5, 2011 Can't you simply block the spammer's IP address? Share this post Link to post Share on other sites
Qrntz 0 Report post Posted January 5, 2011 Can't you simply block the spammer's IP address?I believe he did and thay just keep coming from different IPs. Share this post Link to post Share on other sites