Search:

Eastwood Zhao dot COM

Happenings in a Nutshell



"Sustained intensity equals ecstacy." - Wynton Marsalis

Prevent Spam Blogs in WordPress MU

Spammers are becoming increasingly annoying and tricky nowadays by using Black Hat techniques to boost their websites’ search engine rankings (usually parked pages with tons of ads, which, in return = $$$).

A Little Background

At first, they targeted free blog hosts like Blogspot and Wordpress with automated blog generating programs to create hundreds of spam blogs at a time. These spam blogs would contain back-links to their websites, which improves their SEO. However, these spam blogs are so common now that they usually get suspended/deleted within 48 hrs or so of creation.

Spammers’ New Targets: WordPress MU

Individual blog hosts using WordPress MU are the spammer’s new targets now. The following is from a Black Hat SEO article:

There is a script available from Wordpress called Wordpress Multi-User (WPMU) that allows you to give your website visitors free Wordpress blogs.
Literally thousands of webmasters have installed this script on their servers.
That’s good news for us. Why? Multiple domains/IPs + free Wordpress blogs = extremely easy backlinks to our websites.

Solution to Prevent Spam Blogs on WordPress MU

Spammers find vulnerable WordPress MU blogs through a simple “Google Hack”. They enter the following search query:

“you’ll be blogging seconds later” inurl:wp-signup.php

This allows spammers to go directly to the doors of WordPress MU sites, enabling them to register spam blogs.

To make it harder for spammer to find your WordPress MU blog, simply edit the wp-signup.php file and remove the line “you’ll be blogging seconds later”. This will make it a lot harder for spammers to find your WordPress MU site and register spam blogs.

« Annoying Tailgaters! Why You Should Follow the Speed Limit and Fight Back with a Bumper Sticker
Still Think Facebook’s Such a Great Idea? Well, Think Again. »

Post Meta

Reader's Comments

  1. cup beans | February 14th, 2008 at 2:00 am

    I had people reaching me in the same way and sending tons of messages that are just being deleted.
    Can’t really understand the point if all the spam is deleted anyway? What do they gain?

  2. chuks ugoji | February 16th, 2008 at 8:37 am

    Thanks a million for this security alert kind of.Hoping to get more as days run bye.

  3. John Hok | February 18th, 2008 at 8:56 am

    @cup beans: Most of the times these are mass automated spam processes. Sometimes they past through filters if lucky or if the blog owner misconfigured a setting for their comments.

    Every little link back counts for these spammers so it’s done anyways…

  4. elliot | February 27th, 2008 at 1:11 am

    Spam is a scourge - spamming is useless as the buyer gets put off more often than not….

  5. michael owen | March 9th, 2008 at 9:11 pm

    Thank you. Very good site. respect to author

  6. Jan the aquarium guy | May 16th, 2008 at 12:22 am

    I will be developing an anti-spam plugin for WP-MU soon. I have my own installation of WP-MU and I recently disabled free registration because Google indexed spam blogs which were created by spammers earlier than I deleted it :( . Links to some Japanese sex parties are not what I want there.

    My anti-spam will use more techniques which will result in less, or even zero, spam. Because even if you renamed your wp-signup file, spammers have their own lists of WP-MU blogs. Say that they find your WP-MU before you rename the file, and they put your URL on their list. Unfortunate.

    You can check my current two plugins for WP of course, my nickname is janhvizdak :) .

  7. Eastwood | May 20th, 2008 at 4:47 pm

    Jan, best of luck with your plugin! Keep me updated with the progress :)

  8. courbe de temperature | May 27th, 2008 at 11:46 am

    hi,
    any news from this plugin test?
    I’m still searching a good one tio prevent spam in WordpressMu

    Thanks

Leave a Reply

© Copyright Eastwood Zhao dot COM ::  RSS Feed