Opened 15 years ago
Closed 14 years ago
#2081 closed defect (bug) (no action required)
Problem with spam ¿bug?
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | 1.5 | Priority: | major |
Severity: | Version: | ||
Component: | Core | Keywords: | reporter-feedback |
Cc: |
Description
Hi,
Since a lot of time, I use at WP and WPMU this lines at .htaccess
RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .register* RewriteCond %{HTTP_REFERER} !.*buddypress-es.org.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) http://no-puedes-registrarte.tld/ [R=301,L]
I have some installations with BP 1.2 and others with BP 1.2.1 or BP 1.2.2
All the BP 1.2 installations over WP and WPMU works fine. there insn't spam
When I upgrade one of them to BP 1.2.1 or BP 1.2.2 spam begins.
There are some changes between BP 1.2 and BP 1.2.1-1.2.2 BP makes the code not work.
Please know that you can think that this ticket is invalid. But before you mark it as invalid, think about it.
BP 1.2 don't have spam with this code.
BP 1.2.1 or BP 1.2.2 Have a lot of Spam with this code.
Thank you
Change History (6)
#2
@
15 years ago
Hi,
Sites spam and user Spam. Users and blogs like henry7364367434
I say BP 1.2.2 because is a BP trunk (is on the way :) )
#3
@
15 years ago
I am experiencing this too. And talked with someone on Twitter who says it started after the installation of BuddyPress (not already on MU). I guess the spam problem may be in part a MU problem but not altogether.
Hope this ticket won't just be closed with reference to "spam is always a MU issue".
#4
@
15 years ago
At the time this ticket was created, the only changes since 1.2 that involve anything effecting spam was a change in how a new username was validated. The change was to a newer WP function, that handles username validation. If anything, the change was a hardening. While I can't currently rule out something in BP being the issue, my guess is that it's not. I would say that it's more likely to do with the fact that you're making yourself a larger target, and larger targets are hard to hit. WP/BP have very search engine friendly URLs, and just the installation/activation of BP greatly increases the amount of links you have on your site. Given the fact that almost every page of BP contains a form, I'm guessing these URLs are reaching search engines, and becoming like blood in the water to sharks. If the spam involved some sort of issue with people gaining access to areas they shouldn't find accessable, then we might have a problem. This however is not the case.
What kind of spam are we talking here? Given the .htaccess code you posted, I'm assuming spammy site registrations, but could you be more specific?
I'm a little confused about BP 1.2.2 as it does not currently exist.