It was commenting spam, pink-back/track-back spam… and now after user login required to comment, it comes the registration spam.
There is just a new WordPress plugin called “Stop Spammers” with latest updated in 2014-01-04. It looks like it includes quite a bit checking including http://www.stopforumspam.com, Project Honeypot, BotScout and etc. It will be interesting to check the source code to see how it is implemented.
For my site, I previously customized the code to force user activation from a custom table before storing user information into wp_users; but it looks like a 50 / 50 working. Some spammers can still have their automatic script to check Email and activate the account automatically (I am assuming…); or they are bored enough to manually click on it just to get my attention to show they can still spam…
So here comes my new update by using http://www.stopforumspam.com as well with email and ip check. Here is the quick API usage page http://www.stopforumspam.com/usage. By checking how it can be used, the rest of PHP code is fairly easy with WordPress action/filter to customize the registration process. So now spammers can not even get into the pre-user-reg table I made…lol unless the spammer Email and IP is new to stopforumspam.com.
Later when checking with other useful resource, I will keep updating this WordPress Registration Spam Follow Up.
Cheers and Happy Web Development.