Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I am using Drupal for the content of my website. I mean, I use it as a content editor, but serve the content with my custom PHP pages. Anyways,
I'm seeing a lot of users that are registering and commenting in my Drupal site, the usernames are like
jennipoehmkocmnxqs
traciezlnvafjlasp
frederickajefferson
rowenanskmsqynljyxl
krystle03qgatdzutama
So they are obviously coming from one (if not more) bot(s).
And I don't want to implement re-captcha since I want to encourage my visitors to add content. So I need to find a way to find the source of this bot. Maybe an ip address, and block it from my domain. Do you have any idea what bot is this, or how can I track it?
I've looked into Drupal database, apparently it does not save the ip address of users..
Thanks !
p.s.
And there are also spam comments like this:
I'm really enjoying the theme/design of your website. Do you ever run into any web browser compatibility problems? A number of my blog readers have complained about my website not operating correctly in Explorer but looks great in Opera. Do you have any solutions to help fix this issue? Look at my weblog :: _sell my gold_ (link that redirects to www.swiftcashforgold.com/what-we-buy.php)
I had the same problem with fake users on an e-Commerce site that didn't even allow comments. Implementing reCAPTCHA on the registration and login screens definitely seemed to cut down on the number of fake signups we got quite a bit, but you are definitely correct about it being an annoyance to users and a bit of a barrier to their activity, and in a lot of cases it just doesn't work because humans are filling it out.
A different approach that will at least help you deal with the comments is analyzing the content of the comment and determining if it is spam that way. For this, you can use Mollom, Akismet, Defensio, or a similar solution. These services are configured by default not to display a CAPTCHA, but they instead check the patterns of the many submissions that run through their respective services, and are in many cases they are able to auto-detect spam and "quarantine" bad comments due to the wealth of information they have.
These are all subscription services with free starter plans. If you have a lot of legit comments coming into your site on a daily basis, you will have to pay a monthly fee. All of these solutions have Drupal modules which allow for their integration into Drupal forms.
I know Mollom also supports protecting the user registration form by default, but I don't know for sure if any of these modules will completely solve the problem of fake users signing up because I haven't tried it yet. It's possible that one or more of these modules will mark a user for leaving spam comments. Hopefully this will help with both problems, but it will definitely stop the comments.
You could validate that email addresses of people that register, actually exist.
This can be done using the PHP class (below) that sends SMTP commands to their email server, but not an actual email.
That way you know they are valid users (and where they came from) without actually sending them pestering emails.
http://www.webdigi.co.uk/blog/2009/how-to-check-if-an-email-address-exists-without-sending-an-email/smtpvalidateclassphp/
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 3 years ago.
Improve this question
I have WordPress Website with Google AMP already implemented and working.
Currently, I transfered to CloudFlare and saw the AMP feature.
What should I do now? Should I enable it or not?
Any ideas?
Thanks!
That's really up to the use cases you want to cater and user traffic sources.
Eg. is your primary traffic coming from organic search? Your site's URLs should have been cached and served from AMP Cache already.
Eg. do a lot of users open your site's URLs in a webview? maybe you can give Cloudflare a shot here?
This article might help:
https://antonyagnel.com/how-to-enable-accelerated-mobile-links-in-cloudflare/
"Cloudflare’s Accelerated Mobile Links is actually powered by the official AMP project. What Cloudflare actually does, in this case, is – it loads AMP enabled external links inside of a viewing window, within the same tab. This in comparison is different from what Google does. Google displays the AMP version of a site only when the search query comes from a mobile device through Google search."
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
So in a project i'm working on i'm trying to horizontally scale wordpress, my actual stack idea is :
HA Proxy as a load balancer
3 webservers behind the load balancer running Nginx/ PHP7
1 Redis Server
1 or more MySql servers to make sure everything is ok for high availability
The issue comes to my mind when I think about file uploads, if a user tries to upload a picture to wordpress, the picture will be available only in the Nginx/PHP VPS the loadbalancer gave him.
My question would be something like :
How can I centralize all uploads ? Like using a "shared" wp-content folder ... I've read about GlusterFS and Ceph, will these be usefull ?
Rather than solve this strictly at the backend, I'd suggest you first consider something like CloudFlare in front of your WordPress site. You could setup caching on the upload directory... You're going to get enormous horizontal scalability out of that. And it's basically free and pretty easy to setup. We've got CloudFlare in front of a site serving over 500,000 page views a day and you'd be shocked at how light the load is on that server.
Beyond that, if you do put a load balancer up in front of your site, you should be able to have it route traffic from the same user to the same backend node, so it should be consistent for that user for the duration of their browser session. That'll give you time for a file synchronization tool of some kind to keep all of your balanced nodes in sync. You might look at https://github.com/bcpierce00/unison for this.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 1 year ago.
Improve this question
I am struggling to know why my Wordpress website is blocked in China.
Services I have running on the root site http://example.com that I believe are being blocked are:
Google Maps,
Google Analytics
Google Recaptcha
Vimeo
Facebook/Twitter share buttons
My multisite subsite I have added in a whole bunch of conditionals for the above services to turn them off for http://example.com/china/ however this is still blocked.
Not sure how china firewall blocking works, do they search on keywords in your code? like "recaptcha" "google" "facebook" "vimeo" etc and/or does it grab the resources from the root site?
I have viewed some other websites page source on china server which are not blocked and see google analytics, google maps, facebook icons etc, so I am a bit confused.. ?
Any help would be great.
This was caused by an infinite redirect that was happening. We used this to identify the cause https://www.websitepulse.com/tools/china-firewall-test
How do you make sure your site is blocked in china?
Based on my experience it is possible that your IP address is being used as a proxy
Closed. This question needs debugging details. It is not currently accepting answers.
Edit the question to include desired behavior, a specific problem or error, and the shortest code necessary to reproduce the problem. This will help others answer the question.
Closed 6 years ago.
Improve this question
I am developing a contact form on my wordpress blog on a windows server(not for my choice...).
I am having trouble to make wordpress send email.
I've been using most popular plugin for this (Such as Grunion Contact form and Contact 7), all working on my preview machine(Linux based).
Anybody knows about this issue? is it a php server configuration?
The SMTP issue has become a lot more common for sure. As another option to CF7 with Postman, you could use Formstack instead. Formstack gets around the SMTP issue perfectly, without the need for additional plugins.
All forms can have periodic sending issues, which can be super annoying. Formstack has been awesome, but we did encounter a recent issue, which related to a client's mailbox, so it could be worth a read to help you. The form wouldn't send (although it did store all the submissions) and this was triggered by a periodically full mailbox. The result was the client's email got blacklisted.
Check out our trouble shooting article about Formstack Emails Not Sending. Even though it's Formstack specific, I have a feeling this could affect other forms too, so it could come in handy.
A great plugin that helps you diagnose these issues and even give your CF7 plugin another mail engine to use is Postman SMTP: https://wordpress.org/plugins/postman-smtp/. I use it in conjunction with Contact Form 7 with great results. It will create a php mail engine for you if you need one/haven't built one already.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
I'd like to use the data from my wordpress site in an API form. Maybe REST with JSON output. I'm wondering if there's any plugins that automatically make the wordpress data accessible from outside the site its running on, similar to the way most web APIs work.
WordPress is basically a REST-powered platform to begin with. You enter a URL with a particular query string (sometimes buried in a 'pretty permalink') and the system returns a semi-static resource based on the layout and structure defined in your theme.
To build it into an 'API' you'd need to first identify what information you're returning and how you want to structure it. Do you want people to access your data via a typical link (http://blog.url/?post=xxx&category=xxx&whatever=xxx)? Or do you want to keep running a typical blog but allow API access through another mechanism?
If you want the second route, you could always hook a plug-in into WordPress' built-in XMLRPC service. Then users will make a request of something like http://blog.url/xmlrpc.php?resource=xxx&variable=yyy&somethingelse=zzz and your site would return whatever information you want (though this would be SOAP, not REST ... so it's really up to you).
See my answer here for a specific example with WordPress code ...
I have used this REST/JSON API plugin with some success, so while not for creating an API, you could possibly pull it apart and change it to your needs? This plugin seems to only support output, and not input (comments etc). There also seems to be discussion regarding creating similar api plugs for both input and output, and that might be one way to go, also. Have fun!
Yes there is a way, and I just found it!
You can go here: http://developer.wordpress.com/docs/api/
all you have to do is fill in your website into a request like:
https://public-api.wordpress.com/rest/v1/sites/$yourSiteHere/posts/
and you'll get a beautiful JSON back.
You can post comments, get data, and add queries pretty easily.
If you want to do more that requires login, you can use oAuth.
API Endpoints wordpress plugin lets you construct any API out of your WordPress site.
If you are a Wordpress plugin developer and you need a RESTFul API maybe thermal-api.com can help you: Wordpress plugin to connect to a REST API?
But I think the best way is using WP-REST-API: http://v2.wp-api.org/extending/adding/