• Skip to primary navigation
  • Skip to main content
  • Skip to footer
  • Books
    • Content Strategy for WordPress (2015)
    • WordPress for Web Developers (2013)
    • Beginning WordPress 3 (2010)
  • Blog
    • Content Modeling for WordPress
    • WordPress Hidden Gems
    • Web Design
  • Work
    • MLIS Class Projects (2019-2022)
    • Portfolio (2002-2019)
    • Services
    • WordPress Plugins
    • WordPress Themes
    • Presentations and Interviews
    • on GitHub →

Stephanie Leary

Writer, WordPress consultant, recent MLIS grad

  • About
    • Press Kit
    • Presentations and Interviews
  • Contact Me

Stopping spam accounts on BuddyPress

February 1, 2011 Stephanie Leary 1 Comment

In chatting with a few people at WordCamp Phoenix about our various BuddyPress sites, the issue of spam user accounts came up several times. I’d just run into this problem myself on the VP Alumni site, and after cleaning out about 400 bogus users (all with usernames like maryjane913), I went searching for a way to stop them without subjecting real people to a CAPTCHA (or something equally irritating).

The method described by stwc in the forum is working well for me, even though I did only the last two steps s/he described.

First, I changed the slug of the BuddyPress registration page, which usually lives at example.com/register. You do this using a definition in wp-config.php:

define ( 'BP_REGISTER_SLUG', 'newbpuser' );

I chose a new slug that did not involve the word “signup” at all, which might have helped.

Second, I used stwc’s function to redirect visitors from the built-in WordPress signup page, wp-signup.php, to the BuddyPress registration page instead.

function bp_splog_signup_redirect() {
        if (strpos($_SERVER['REQUEST_URI'], 'wp-signup.php') !== false ) {
                $url = 'http://example.com/newbpuser';
                wp_redirect($url);
                exit;
        }
}
add_action('init', 'bp_splog_signup_redirect');

You could just add a redirect above the WordPress rewrite rules in .htaccess instead, I suppose, which would continue to work if you change themes:

Redirect /wp-signup.php http://example.com/newbpuser [R=301,NC]

So far, I haven’t had any new spam accounts at all since I implemented the changes. Maybe someday BuddyPress (or WordPress itself) will integrate with Akismet or something for signups, but in the meantime this seems to be the least painful solution.

WordPress akismet, buddypress, spam, splogs

Reader Interactions

Comments

  1. John says

    June 14, 2011 at 11:16 am

    Any new discoveries on Spam?

    Thanks in advance

    John

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Footer

My Books

I’m a front end developer at Equinox OLI, working on open source library software. I was previously a freelance WordPress developer in higher education. You can get in touch here or on LinkedIn.

Copyright © 2023 Stephanie Leary · Contact