Stopping Spam Bots on Blog Registration in WordPress MultiUser

After running WordPress MultiUser for more then a year the biggest problem wasn’t the comment spam , but the fact that if I leave the site open for registration of new accounts the spam bots find it and start the attack.

I have tested a few plugins with different levels of success , all have a high level of false positive which didn’t satisfied me.

And so , I have turned to google to search a better solution for my problem and find this page about using .htaccess files to stop comment spam. After some modification now running it on with success with the apache logs showing that the bots are still attacking but they are not able to register and the positive fact is that valid users don’t encounter any problems on registration.

What is nice about this technique is that you don’t need anything from WordPress , no plugins or mu-plugins or some anti-hacker core files, the Apache steps in and kick spammers out.

Check this example:

# BEGIN ANTISPAMBLOG REGISTRATION
RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-signup\.php*
RewriteCond %{HTTP_REFERER} !.*yourdomain.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) http://myfastblog.com/ [R=301,L]
# END ANTISPAMBLOG REGISTRATION

WPMU Fast Verification for Google Webmaster Tools and Yahoo! Site Explorer [upgrade]

Finally we have a new version of WPMU Fast Verification plugin. The new features add fast verification for Bing Webmaster Center & Alexa Siteowners.

So now you have one plugin for verify meta key for Google Webmaster Tools, Yahoo! SiteExplorer, Bing Webmaster Center & Alexa Siteowners

You can download from here.