My WP Directory site is being SPAMMED to death!!! (please advice)

Discussion in 'Black Hat SEO' started by Padawan, Nov 22, 2011.

  1. Padawan

    Padawan Junior Member

    Joined:
    Aug 12, 2009
    Messages:
    105
    Likes Received:
    217
    Location:
    In a Pacific's Paradise
    As the title states, I need urgent advice about how to stop spamming.

    The site uses this free plugin:
    artic*lesss.c*om/art*icle-director*y-w*ordpress-p*lugin/

    I broke the author.php page and I emptied ALL of the "registered" users and users_meta tables, but they still are registering and posting.

    Hosting provider has suspended the whole account twice in 7 days because of a high SQL usage.

    I don't want any of them to post on the site.

    How can I prevent them from doing that?

    The site runs the last version of WP.

    Please, any advice will be simply GREAT.

    Thanks.
     
  2. paincake

    paincake Power Member

    Joined:
    Aug 18, 2010
    Messages:
    716
    Likes Received:
    3,101
    Home Page:
    So you want only legit users to register and post or do you want to disable registration altogether?
     
  3. wannabie

    wannabie Elite Member

    Joined:
    Mar 11, 2009
    Messages:
    3,806
    Likes Received:
    2,959
    Occupation:
    Seo and Marketing Suprisingly
    Location:
    Your bedroom window
    Recaptcha and askimet
     
    • Thanks Thanks x 1
  4. Padawan

    Padawan Junior Member

    Joined:
    Aug 12, 2009
    Messages:
    105
    Likes Received:
    217
    Location:
    In a Pacific's Paradise
    Not even that. I let Unique Article Wizard to post directly there. I need to disable any registration/posting feature of the site. I really don't need more authors, because I have automatic postings from UAW. They only send quality articles.

    @wannabie: Where can I put the recaptcha? It seems that they don't need any page to post the article.

    Thanks.
     
  5. paincake

    paincake Power Member

    Joined:
    Aug 18, 2010
    Messages:
    716
    Likes Received:
    3,101
    Home Page:
    Unfortunately akismet only stops comment spam; it doesn't check user registrations. Recaptcha doesn't work because almost everyone is using decapther or OCR (xrumer) to crack captchas, so that won't stop bots from registering/posting.
     
  6. paincake

    paincake Power Member

    Joined:
    Aug 18, 2010
    Messages:
    716
    Likes Received:
    3,101
    Home Page:
    That's very simple to do. Go to WP admin -> Settings -> General -> Uncheck "Anyone can register"

    now go to www.yourdomain.com/wp-signup.php and you'll see that the registration is disabled.
     
    • Thanks Thanks x 1
  7. wannabie

    wannabie Elite Member

    Joined:
    Mar 11, 2009
    Messages:
    3,806
    Likes Received:
    2,959
    Occupation:
    Seo and Marketing Suprisingly
    Location:
    Your bedroom window
    Askimet will work for any page on a wordpress site, it flags ip,user email blah blah

    Recapthca wont stop spam but it will drasticlly slow it down


    Check my thread about when i ran a artikce directory a whie back, i slowed sign ups tonext to nothing from bots
     
    Last edited: Nov 22, 2011
  8. Padawan

    Padawan Junior Member

    Joined:
    Aug 12, 2009
    Messages:
    105
    Likes Received:
    217
    Location:
    In a Pacific's Paradise
    The simplest, the best. I was so blind with this issue, that I completely forgot to uncheck that option.

    Thanks!
     
  9. wannabie

    wannabie Elite Member

    Joined:
    Mar 11, 2009
    Messages:
    3,806
    Likes Received:
    2,959
    Occupation:
    Seo and Marketing Suprisingly
    Location:
    Your bedroom window
    Have you checked amr to see if you in the list
     
  10. flashgordon88

    flashgordon88 Registered Member

    Joined:
    Jul 7, 2011
    Messages:
    76
    Likes Received:
    5
    sorry to hear bro but what theme are yyou using? would apprecite it you share that info.
     
  11. ardley216

    ardley216 Elite Member

    Joined:
    Mar 28, 2008
    Messages:
    2,389
    Likes Received:
    2,382
    Occupation:
    Finding easy keywords
    Location:
    1,500,000,000 Keywords Re
    in the registration, put some random mandatory forms areas. that will confuse bots registering. Not too difficult to change.
     
  12. Padawan

    Padawan Junior Member

    Joined:
    Aug 12, 2009
    Messages:
    105
    Likes Received:
    217
    Location:
    In a Pacific's Paradise

    Couldn't find it. Could you please point me to that post?

    Thanks!
     
  13. phpbuilt

    phpbuilt Jr. VIP Jr. VIP

    Joined:
    May 16, 2011
    Messages:
    1,658
    Likes Received:
    5,295
    Occupation:
    $ from websites I own.
    Location:
    putting monkeys in paypal
    Find xmlrpc.php in the root directory of your blog, rename it to something else. People can post to your blog through that file.

    Rename wp-signup.php to something else if you don't want anyone registering.
     
    • Thanks Thanks x 1
  14. indu7

    indu7 Newbie

    Joined:
    Dec 5, 2008
    Messages:
    3
    Likes Received:
    0
    I'm having the same problem,

    If i just change the file names to something like xmlrpc1.php and wp-signup1.php that is all i need to do and it won't break anything?:)

    Apologies, I'm not too clued up when it comes to this kind of thing!
     
  15. flx89

    flx89 Senior Member

    Joined:
    Apr 22, 2010
    Messages:
    1,157
    Likes Received:
    409
    Location:
    United States of Europe
    same happen here, i stop accepting comments from those that are not registered, and now problem is solved
     
  16. indu7

    indu7 Newbie

    Joined:
    Dec 5, 2008
    Messages:
    3
    Likes Received:
    0
    Its not blog comment spam. They are regisstering as users and posting actual blog posts from the WP back office dashboard.