veebles
Forum Replies Created
-
Sorry for the delay in responding.
Thanks!
I’ll give these a try.
Hi @wfgerald,
Here are some images. Hope i did this correctly.
I was pretty excited, because for TWO DAYS after i tried the method for the FIRST image i just provided, I have no repeat spam. But this morning someone from
created an account. the URL named a.get-bitcoins.online
was previously blocked.So back to square one, I guess.
I didn’t try the livestream thing you requested. It was difficult to find, and when I did, I wasn’t sure what you needed.
Sorry, I’m a “low information” user!
I’ll try your above suggestion today, with *rambler* etc and will report on progress to you.
-
Here is a VERY interesting fact that I haven’t mentioned yet:
When “normal” or “legitimate” users create an account on my site using the standard “create account” form, I (as admin) receive THREE emails, showing different information about the user.
However, these fake accounts only include ONE email.
How are they bypassing my create account system?
I’ve tried to find a way they can do this with one one email being delivered to me, but I can’t so far.
This is even more disturbing than the inconvenience to the spam accounts. How are they doing this?
Thanks for your help. Am looking forward to yur response!
Thanks so much for your reply and commitment to helping me.
I was taking some screenshots for you, but then I stumbled o n a DIFFERENT section in WordFence that seems appropriate for listing domains to be blocked. I’m giving this a try.
How do I attach screenshots to send to you?
Thanks!
Thank you @wfgerald,
The problem is that these hostnames are NOT working at all!
With the IP address blocking, I usually see 2-32 blocks AFTER they are listed. This shows that it is working properly.
With the hostnames blocking:
(1) Only ONE has successfully produced an added block count
*wanadoo.fr (10 blocks to date)(2) I almost always get another login attempt by someone from the domains I’ve tried to block in this way (but with a different sender@).
Any thoughts or advice?
Thanks so much!
Thanks SO much!
Unless you can think of a compelling reason NOT to – I’d like to continue using the format I showed you in my example above. I think this is working – awesome!
I have another question – can you help by answering here, or is it more useful to the community if I post another thread?
My attempts to block using Wordfence Advance Block for email addresses have not been successful. These seem to be reappearing.
The * sign takes the place of the individual sender’s name that appears before the @ sign.
Have I formatted improperly?
Do you need more information?
Hostname – *rambler.ru
Hostname – *maillinked.com
Hostname – *traveller.com*
Hostname – *a.bali-traveller.com
Hostname – *h.bali-traveller.com
Hostname – *a.get-bitcoins.online
Hostname – *a.get-bitcoins.club
Hostname – *g.dietingadvise.club
Hostname – *exorank.com
Hostname – *g.brainboostingsupplements.orgAgain, THANKS!
Thanks so much Gerroald, for your quick response!
I’m still confused…
I apologize, but I didn’t see the merit of the CIDR conversion you referenced. I’m sure it’s just my ignorance…
Wordfence already gives me the IP addresses of user I want to block. (so I don’t think I NEED CIDR??).
I’ve noticed some patterns:
I would like to try blocking THIS range (for example), and see if it works. Then I can learn from this to add more.
5.157.15.79
to
5.157.26.154
On WORDFENCE, what is the proper format to block this range?
Is this proper?
5.157.15.79-5.157.26.154
I just entered this (above) and it was “accepted” by WordFence.
Crossing my fingers here).
Thanks for your help! Do you think I got it right?