Re: [Hampshire] Spamalot

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MFreaky Clown at <-
MPeter B. at ->

Reply to this message
Author: Chris Dennis
Date:  
To: hampshire
Subject: Re: [Hampshire] Spamalot
Thanks to Benjie and Freaky Clown for the suggestions.

I've knocked together a WordPress plugin that does extra checks at new
user registration, and only allows HantsLUG mailing list subscribers to
register.

The plugin also uses the hidden form field trick to fool the spam bots
-- that alone is currently keeping the bots out at a rate of about 10 an
hour at the moment.

And, for luck, I've added the 'WP fail2ban' plugin. In the last half
hour that's logged four attempts to log in with user ids that had in any
case been denied registration.

So, hopefully, that will keep it under control for a while.

cheers

Chris

On 02/07/13 12:41, Freaky Clown wrote:
> In case this hasn't been covered before one of the most
> impressively easy ways to combat this is to have a hidden form field on
> the registration form, this field MUST remain blank for the form to be
> accepted, most spam bots will auto fill this in yet humans will not even
> see it - should knock out most of the spam.
>
> combine with another form and its pretty fool proof
>
>
>
> On Fri, Jun 28, 2013 at 1:29 PM, Benjie Gillam <benjie@???
> <mailto:benjie@jemjie.com>> wrote:
>
>     You could make a very small plugin so only email addresses on the
>     mailing list can be used to register new members; this could be
>     combined with other "defences". It'd stop most of the automated
>     Wordpress registration scripts that are out there; though it
>     obviously wouldn't hold out a determined attacker since all they
>     have to do is register with the mailing list to be allowed in...

>
>     http://codex.wordpress.org/Plugin_API/Filter_Reference/registration_errors

>
>     Cheers,

>
>     Benjie.

>
>     --
>     Please post to: Hampshire@???
>     <mailto:Hampshire@mailman.lug.org.uk>
>     Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
>     LUG URL: http://www.hantslug.org.uk
>     --------------------------------------------------------------

>
>
>
> 


-- 
Chris Dennis                                  cgdennis@???
Fordingbridge, Hampshire, UK


--
Please post to: Hampshire@???
Web Interface: https://mailman.lug.org.uk/mailman/listinfo/hampshire
LUG URL: http://www.hantslug.org.uk
--------------------------------------------------------------

This message was posted to the following mailing lists:
Hampshire LUG
Mailing List Info | Nearby Messages		<-Re: [Hampshire] CentOS DOJO in Aldershot this F5ridayRe: [Hampshire] Spamalot->
Hampshire LUG Mailing List Archive administrated by WebmasterLurker (version 2.3)