How do I stop bots from creating fake accounts (the easy way)?

  • Since some weeks I am getting fake account registrations on my website, and I don’t know how they can even do it. The my-account page has only login fields, no fields to create an account, and therefore account creation should only be possible on the checkout page of the installed WooCommerce store. This is how it is set up. We have Wordfence installed, but when we activate reCaptcha, nobody can login anymore. reCaptcha gives everyone a 0.0 rating, regardless of bot or human.

    I hoped WP would come with a simple but effective standard procedure like it can be found on pretty much every website today: setting up an account requires besides an email address also a full name, an address, maybe even a phone number, and can be finished only by resolving a captcha. But a full weekend spending online did not help me to find out how to achieve this with wordpress. And Wordfence even in the paid version only offers the invisible captcha what is not working on our website, however.

    How can I achieve that? Having an account setup page which strictly requires to resolve a (simple) captcha by a human?

Viewing 1 replies (of 1 total)
  • Thread Starter volkerforster

    (@volkerforster)

    I deactivated “everyone can register” in WP settings and can confirm that setting up an account during WooCommerce checkout still works. This should keep the bots away.

    But I still would appreciate to have a simple captcha added to the login page at least, maybe also to account creation on the checkout page in WooCommerce.

    Any ideas?

Viewing 1 replies (of 1 total)
  • The topic ‘How do I stop bots from creating fake accounts (the easy way)?’ is closed to new replies.

Tags