** 1/3/09 Sorry, sorry 2.7 contains a typo, 2.8 fixes the typo, download here or wait for it to come through via WP
** 2.7 12/24/08 prevents attempts to add strings more than 255 chars to log files and changes log output. Some IE users were having trouble reading log files in WP 2.7
While BadBehavior and WebProfessor do very good jobs at keeping bots from registering on your WordPress site I wanted the control WebProfessor gave me and the automation that BadBehavior gave me but neither did both.
So here is a plugin to help keep bots from registering on your website. It will log all registration attempts and tell you why it bounced any bots.
You can blacklist domains, emails, and ips.
It will automatically block anyone whose ip shows up more than once, who is listed in spamhaus, or who you’ve blacklisted. If you hosting company allows ‘file_get_contents’ calls you can uncomment the StopForumSpam and check their list as well.
Anyone pretending to be a browser but whose ‘accept’ line is wrong will also get bounced.
See also:
Part 2 of 3: WordPress Security Plugin to block scrapers, hackers and more
Part 3 of 3: WordPress plugin tells you which files have been altered recently
Monday, Apr 13th, 2009 at 13:22
Hello!
This looks like the perfect plugin for my needs, but I do have a question.
After activating, the following text appeared in my user blacklist email box. Is this the dreaded “uncreated database” error? What should I do?
SELECT blacklisted FROM wp_ttc_user_registration_blacklist ORDER BY blacklistedWordPress database error: [Table 'NonProBlogs.wp_ttc_user_registration_blacklist' doesn't exist]
Thanks!
NonProBlogs
Monday, Apr 13th, 2009 at 16:54
That’s the first I’ve heard of that error.
I think it is the NonProBlogs. in front of the wp_… that is confusing it.
The database is there, that is where all your WP data is stored. The plugin is only creating tables in the database.
How technical are you? Tables can be created in phpMyAdmin see lines 81-125 for the information.
If you are not technical don’t do it.
Other option is to hard code the variable $wpdb in the code, but I need to look at and find the places where you need to change it.
Sorry it’s just a really busy couple of months here. Will try to look at it soon.
Tuesday, Apr 28th, 2009 at 11:36
I’m afraid I’ve come to find that this plugin is TOO sensitive.
Example: Jane signs up to my blog but goofs her email (janedoe132@gmail.com instead of janedoe123@gmail.com). She realizes this and tries to sign up as janedoe123 BUT her IP is tagged as already being registered and WHAM she’s banned.
This is bad.
I have few spammers that get past Bad-Behavior, so really I just need a way to list emails and ips that are bad (like with comment moderation, only make it for registration). Or a way to flag a user as ‘banned’.
So … yeah. I like the plugin, but I need to find a less strict fix
Tuesday, Apr 28th, 2009 at 12:41
docwhat ( above ) said he wasn’t going to do a rewrite - see if he’ll help you.
Thursday, Apr 30th, 2009 at 11:52
I’ve actually started my own plugin (2/3rds done) which snags the emails from your comment blacklist and bans them from registering.
I’ve got to add in a check for Stop Forum Spam in there now, but you gave me great ideas
Thank you.
Thursday, Apr 30th, 2009 at 12:22
Cool!
Be sure to come back here and post a link to it when your done.
Checking Stop Forum Spam is tricky since many WP users are on hosts that don’t allow curl and other such tools. If you figure out a one size fits all solution I’d love to see it.
Sunday, Jun 7th, 2009 at 3:15
I can’t get the new version - I’ve downloaded a couple of times, cleared cache, tried another browser etc, but I’m still getting v1.8 not 2.8