Skip to:

Pre-Installation: Spam and User Numbers

  • Hi All

    Could someone please tell me how well BBPress works in fending of spam registrations please? Is it a case of using every means possible or is there a flawless way of doing it?

    I am also wondering is there a user limit for BBPress. i.e. How many users would it support please? 100,000 – 1,000,000 or more?

    I have a client that has been told that she will get a 1,000 spam registrations a day and that open source software cannot support more than a few thousand users. I want to direct her to this post. So hopefully we can encourage her.

    Many thanks


Viewing 9 replies - 1 through 9 (of 9 total)

  • Olaf Lederer


    I have more than 1000 registrations now, I’m not sure what happens if some but will start to register fake accounts. If this becomes a problem you need to something else.

    bbpress works with akismet and this works fine on wordpress



    The bb_users table uses an unsigned bigint for the user ID which allows numbers up to 18,446,744,073,709,551,615. How many people are there in the world?

    You would have more of an issue with hardware and bandwidth than you would with any kind of limit that is built into the software.

    Sam Bauers


    That’s right, enough room for every person on the planet to have 3 billion accounts in your installation.

    Any guess on how much space say 100,000 users (spam and real) would take in actual database space? If it is a small amount, then why even worry about deleting them :)


    Olaf Lederer


    Because we are talking about spam and bbpress, at the moment I don’t have problems with spam (I guess the spammers didn’t about my forum)

    how is the spam protection works it the same way as in WP? In WP akismet is filtering more than 99% of the spam.

    Here in bbpress it’s different: a well written spam post is not “under moderation”

    The spam post isn’t under moderation, but spam posts that are well written in WP are not either as they display immediately. I can tell you this though, on support forums there are very few “spambot” posts that make it past akismet. I have a couple small forums myself, but I have never had a post get past akismet except posts that don’t have any bad words or links which really “could be” real user posts. Even that number is pretty low. I have more problems with spam registrations, but livibetter’s “enhanced registration” plugin took care of that :)




    As an experiment, I created 1000 users automatically with long text for the username, website, interests, email, etc. I also inserted meta info for them (so, 1000 new user rows, 4000 new meta rows.) I checked the size of the Data_length and Index_length in MySQL.

    With 5 users, I had this:

    bbpress_users Data_length: 524 bytes

    bbpress_users Index_length: 3072 bytes

    bbpress_usermeta Data_length: 708 bytes

    bbpress_usermeta Index_length: 5120 bytes

    With 1005 users, I had this:

    bbpress_users Data_length: 384,524 bytes

    bbpress_users Index_length: 142,336 bytes

    bbpress_usermeta Data_length: 280,708 bytes

    bbpress_usermeta Index_length: 146,432 bytes

    So, 1000 additional fake user registrations used about 1MB of disk space. In reality, the data I used for the fake registrations is far longer than any spam registration I’ve ever gotten. In fact, the average row length for bbpress_users went from 107 bytes to 382 bytes since the fake data I used was so ridiculously long. The bbpress_usermeta didn’t go up as much: from an average row length of 52 bytes to 69 bytes.

    Bottom line: 1000 spam registrations, if they actually did occur, would not hurt anything at all. To prevent those registrations in the first place though, I would use Akismet and the “enhanced registration” plugin. Then you don’t need to worry about the registrations at all.

    Thanks for all the feedback. Very helpful.

    Olaf Lederer


    Hi Trent, thanks for the feedback!

    just checked the suggested plugin and using some activation code makes sense. Is this something for the bbress core version? And is this really needed? At the moment I have ~50 new registrations a day because people need to register to download some PHP classes from my website.

    Sure some of them have entered their URL to the profile, but this is not accessible until thy made a first post.

Viewing 9 replies - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.
Skip to toolbar