BuddyDev

Search

[Resolved] bursting relationship

  • Participant
    Level: Enlightened
    Posts: 126
    Hervé on January 29, 2019 at 7:12 pm #20569

    Hello,

    Several buddypress members have just complained (some with a disabled account) that they have received more than 1000 emails informing them of acceptance to become “friends”
    I did not activate the logs. I have the latest versions of worpdress, buddypress … as well as “All In One WP Security” plugin
    Do you have an idea how was it possible?
    and what interest for a hacker?
    Regards

  • Keymaster
    (BuddyDev Team)
    Posts: 24623
    Brajesh Singh on January 30, 2019 at 12:36 am #20573

    Hi Herve,
    It is a common issue on BuddyPress. There are bots to do it.
    This is why we created Friendship restrictions plugin.

    You do have our membership, so I will suggest using

    https://buddydev.com/plugins/buddypress-friendship-restrictions/

    Just rate limit the number of requests a user can send per hour and it will limit the damage.

    Regards
    Brajesh

  • Participant
    Level: Enlightened
    Posts: 126
    Hervé on January 30, 2019 at 8:36 am #20583

    Hi Brajesh
    Ok thanks for the answer and the plugin 🙂
    I do not understand
    why do pirates do this ??
    why BP does not forbid it immediately?
    why is it possible if access to the profile is restricted to the member?
    Regards

  • Keymaster
    (BuddyDev Team)
    Posts: 24623
    Brajesh Singh on January 31, 2019 at 2:48 am #20605

    Hi Herve,
    You are welcome.

    Pirates do it because they believe they can swindle people and BuddyPress is a development in progress, so they may add it in future.
    For now, It is not available and that’s where we come to provide the functionality.

    Regards
    Brajesh

You must be logged in to reply to this topic.

This topic is: resolved