Skip to:
Content

BuddyPress.org

Opened 12 years ago

Closed 11 years ago

#2081 closed defect (bug) (no action required)

Problem with spam ¿bug?

Reported by: jconti's profile j.conti Owned by:
Milestone: 1.5 Priority: major
Severity: Version:
Component: Core Keywords: reporter-feedback
Cc:

Description

Hi,

Since a lot of time, I use at WP and WPMU this lines at .htaccess

RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .register*
RewriteCond %{HTTP_REFERER} !.*buddypress-es.org.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://no-puedes-registrarte.tld/ [R=301,L]

I have some installations with BP 1.2 and others with BP 1.2.1 or BP 1.2.2

All the BP 1.2 installations over WP and WPMU works fine. there insn't spam

When I upgrade one of them to BP 1.2.1 or BP 1.2.2 spam begins.

There are some changes between BP 1.2 and BP 1.2.1-1.2.2 BP makes the code not work.

Please know that you can think that this ticket is invalid. But before you mark it as invalid, think about it.

BP 1.2 don't have spam with this code.
BP 1.2.1 or BP 1.2.2 Have a lot of Spam with this code.

Thank you

Change History (6)

#1 @cnorris23
12 years ago

  • Keywords reporter-feedback added

What kind of spam are we talking here? Given the .htaccess code you posted, I'm assuming spammy site registrations, but could you be more specific?

I'm a little confused about BP 1.2.2 as it does not currently exist.

#2 @j.conti
12 years ago

Hi,

Sites spam and user Spam. Users and blogs like henry7364367434

I say BP 1.2.2 because is a BP trunk (is on the way :) )

#3 @Magganpice
12 years ago

I am experiencing this too. And talked with someone on Twitter who says it started after the installation of BuddyPress (not already on MU). I guess the spam problem may be in part a MU problem but not altogether.

Hope this ticket won't just be closed with reference to "spam is always a MU issue".

#4 @cnorris23
12 years ago

At the time this ticket was created, the only changes since 1.2 that involve anything effecting spam was a change in how a new username was validated. The change was to a newer WP function, that handles username validation. If anything, the change was a hardening. While I can't currently rule out something in BP being the issue, my guess is that it's not. I would say that it's more likely to do with the fact that you're making yourself a larger target, and larger targets are hard to hit. WP/BP have very search engine friendly URLs, and just the installation/activation of BP greatly increases the amount of links you have on your site. Given the fact that almost every page of BP contains a form, I'm guessing these URLs are reaching search engines, and becoming like blood in the water to sharks. If the spam involved some sort of issue with people gaining access to areas they shouldn't find accessable, then we might have a problem. This however is not the case.

#5 @DJPaul
12 years ago

  • Component set to Core

Might be related to #2289

#6 @boonebgorges
11 years ago

  • Resolution set to invalid
  • Status changed from new to closed

Given the lack of activity and the lack of specification, I'm going to mark as invalid. If anyone can demonstrate the problem on a recent version of the BP trunk, please reopen this ticket.

Note: See TracTickets for help on using tickets.