[ad_1]
I’m a moderator on a support forum that runs on WordPress.
The site gets a lot of trolls and spammers…which gives the moderating staff fits. We have no reliable way to track user activity or block malicious posts. All we can do is remove undesirable content and ban the account. There’s nothing stopping them from coming back within minutes. VPNs easily get around IP blocks.
The site owner doesn’t know much about website security and asked me to identify possible solutions. I work in cybersecurity but don’t know much about WordPress administration. I’d appreciate any settings or plugin recommendations that would help.
Please be kind. I’m new at this and just looking for some help. Thanks!
[ad_2]
For the user registration, setup email confirmation, so that a users email address must be legitimate.
Setup a WAF like Cloudflare, and block IP ranges used by VPN server farms.
Content moderation is no easy task, good luck! As well as requiring a valid email, you can also block keywords this page has more info https://wordpress.org/documentation/article/settings-discussion-screen/
You could try looking at some plugins recapatcha, cleantalk, akismet, antispam-bee, oopspam honeypot, they might be good places to look.
All the best!
Use a comment spam plugin like Akismet or Anti-spam, and use recaptcha. All are free.