Bot Registrations

  • Resolved SSVapes

    (@username12)


    5 months ago

    Anyone else having trouble with fake registrations originating from VPNs from all over?

    We need a way to block all VPN traffic to registration and log in pages

Viewing 5 replies - 1 through 5 (of 5 total)
  • Generosus

    (@generosus)

    Hi @username12,

    No issues here. You need to block the UA, IP, or ASN creating the fake registrations. Wordfence does not block VPN traffic nor should it. Best to block the bad actor(s) via CDN and Wordfence.

    For additional info or action you can take, visit this topic. A simple topic search in this forum will provide all the info you need to block the bad actor(s).

    Useful Tip: If most of the fake registrations are coming from a particular country, then best to purchase WordPress Premium so you can block the offending country. If using Cloudflare (free or above version), you can also block the bad actors (IPs, UAs, and ASNs) and countries with a WAF rule.

    Cheers ??

    Plugin Support wfpeter

    (@wfpeter)

    Hi @username12,

    The post above is certainly useful and shows why we don’t block VPNs outright. Generally speaking you shouldn’t need a manual blocking regime as Wordfence works on intent and type of visit. Your own Brute Force or Rate Limiting settings can be tweaked to be as strict/lenient as you prefer – so long as it works for your legitimate visitors without blocking them.

    In terms of bot registrations, it’s very common for them to come through XML-RPC, which can be disabled. “Disable XML-RPC authentication” appears in Wordfence > Login Security > Settings. You can also block this route entirely using .htaccess, provided you don’t use the WordPress app or a plugin that requires it such as Jetpack:

    # Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

    You could also enable reCAPTCHA for registration/logins using our Login Security module to ensure humans are able to complete the form, but it should be effective at blocking automatic bot registrations.

    Thanks,
    Peter.

    Thread Starter SSVapes

    (@username12)

    wfpeter

    (@wfpeter)

    TYVM for reminding me about about xmlrpc. I had made a new .htaccess and did not move that over. I added,

    # Block WordPress xmlrpc.php requests 

    <Files xmlrpc.php> order deny,allow deny from all 

    </Files>

    I’m sure that will clean up the problem.

    Thread Starter SSVapes

    (@username12)

    generosus

    ty for your reply (@generosus)

    i do have ?WordPress Premium. It has blocked over 6k fake registrations in 30 days. However, I was still getting one or two a day.

    I’m pretty sure blocking xmlrpc will clean those up (fingers crossed)

    thanks again

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    i do have ?WordPress Premium.

    You have Wordfence Premium but we all understood. ??

    For pro or commercial product support please contact the developer directly on their site. This includes any pre-sales topics as well.

    https://www.wordfence.com/sign-in/

    As the developer is aware, commercial products are not supported in these forums. I am sure they will have no problem supporting you there.

Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.