| User | Post |
|
9:34 am
April 27, 2012
|
Finance Yoga
| | Kentucky | |
| Member | posts 86 | 
|
|
|
Hey there gang, I am getting a lot of spam via my contact form on financeyoga, in my email. Every day I get at least 10-15 emails from "szpohvsnhp" with a message like "iuehoiuh" with some html that wasn't coded into the email.
Any suggestions as to how to combat it? Thanks in advance.
|
|
|
|
|
11:25 am
April 27, 2012
|
Money and Risk
| | |
| Member | posts 73 |
|
|
|
Just ignore them & delete the emails. You can't do anything about it. I get a couple of hundreds of those a day.
They're testing the WP site to hack in. My sister's site got hacked, hijacked and redirected to another site. She ended up deleting the entire site and gave up on blogging.
Just make sure that your password is at least 12 digit/letter comb long.
|
|
|
|
|
11:29 am
April 27, 2012
|
Sustainable PF
| | |
| Member
| posts 2759 |
|
|
|
Post edited 11:30 am – April 27, 2012 by Sustainable PF
Try a different contact form plugin (one with a captcha). I used 'Fast Secure Contact Form' and get no spam.
SPF Contact Page
|
|
|
|
|
11:37 am
April 27, 2012
|
Finance Yoga
| | Kentucky | |
| Member | posts 86 |
|
|
|
wow, i'm changing my password now thanks! I see a lot of people have a captcha code for their contact forums to combat spammers, does that not work?
|
|
|
|
|
11:40 am
April 27, 2012
|
Finance Yoga
| | Kentucky | |
| Member | posts 86 |
|
|
|
Thanks, Im checking that plugin out now.
|
|
|
|
|
12:51 pm
April 27, 2012
|
The College Investor
| | San Diego, CA | |
| Admin
| posts 1935 |
|
|
|
Use Fast Secure Contact Form and make sure you use Akismet and GASP.
|
|
|
|
|
8:14 pm
April 27, 2012
|
The Frugal Toad
| | |
| Member | posts 587 |
|
|
|
I also use Fast Secure Contact Form and do not get spam. I would also recommend installing Login Lockdown plugin to slow hackers from attempting to login to your Wp admin panel. After 3 wrong login attempts it locks your site.
|
|
|
|
|
3:17 pm
April 28, 2012
|
Michelle (Making Sense of Cents)
| | |
| Member | posts 400 |
|
|
|
Wow I'm definitely changing my password also.
|
|
|
|
|
7:48 pm
April 29, 2012
|
sooverthis
| | Kentucky | |
| Moderator
| posts 1041 |
|
|
|
The most important thing is to create a new user other than "admin." If you use the Limit Login Attempts plugin, you'll get an email when someone tries and fails to login. 99% of the time, they try "admin" to login.
On topic, I use Formidable Pro with the math captcha addon and spam has disappeared completely.
|
|
|
|
|
7:33 am
April 30, 2012
|
Rianka D.
| | DC | |
| Member | posts 16 |
|
|
|
Thanks all for your suggestions! Changed my password and adding another email besides "admin".
|
|
|
|
|
4:43 pm
April 30, 2012
|
Marissa
| | |
| Member | posts 385 |
|
|
|
I get 1-3 comments a day, but that number is a lot of lower than it used to be. GASP did wonders.
|
|
|
|
|
5:09 pm
April 30, 2012
|
Money Counselor
| | |
| Member | posts 233 |
|
|
|
Regarding changing the default 'admin' username: The link below is to handy, if a bit dated, instructions for accomplishing this (which I haven't yet tried), but based on the comments, they apparently work–in case any of you are as ignorant as me about such matters and have to Google everything! 
http://bit.ly/IDcHs0
You sure wouldn't want to overlook that last step of attributing all posts and links to the new user you set up!
Thanks for the tips on the contact form too. I've added a quiz to mine to combat spam. I just hope my readers aren't stumped. 
|
|
|
|
|
11:16 am
May 1, 2012
|
Eric – PersonalProfitability.com
| | Portland, OR | |
| Member
| posts 2120 |
|
|
|
Definitely delete your "admin" user and use a different user name plus limit login attempts. CAPTCHA helps as well. Also, backup, backup, backup!
|
|
|
|
|
8:44 pm
May 1, 2012
|
Finance Yoga
| | Kentucky | |
| Member | posts 86 |
|
|
|
|
9:49 pm
May 1, 2012
|
Money Counselor
| | |
| Member | posts 233 |
|
|
|
Finance Yoga said:
How do you backup?
I'll post what I do in the hopes that others will poke holes in it and I can improve.
- I use the 'Wordpress Backup to Dropbox' plug-in to do a weekly scheduled back-up to Dropbox of my site's files from my host's server.
- My host offers a database back-up utility. I run that manually once a week, which backs up my database to the host's server. (This database back-up file is included in my Backup to Dropbox routine in #1.)
- Once a month I use the host's FTP tool to manually copy the contents of the wp-admin, wp-content, and wp-includes directories into a wp-backup directory I created on host's server. (Again, all of these, including everything in the wp-backup directory, are included in #1 above, so are backed up to Dropbox.)
- Once a month I copy all of the Dropbox files–which I think constitutes my entire site–to an external hard drive I keep in my desk. So I've got it all in two different places, not including and separate from my host's server.
Overkill and redundant? I hope so. I'd really appreciate it if people can identify the vulnerabilities here. The hacking stories on this forum have scared the heck out of me. Thanks.
|
|
|
|
|
4:31 am
May 2, 2012
|
Finance Yoga
| | Kentucky | |
| Member | posts 86 |
|
|
|
That sounds like a great idea. I don't think you can ever be too careful. I have my own FTP client on my computer, should I back it up through there and then go to hostgator to back up my system?
|
|
|
|
|
12:30 pm
May 2, 2012
|
Paul @ Make Money Make Cents
| | |
| Member | posts 54 |
|
|
|
Login
Search 
Home
Print this Topic 
Topic RSS 
