Malicious User

  • Resolved Will Bode

    (@willbode)


    3 years, 10 months ago

    I recently went into my WP users and saw there were 4 new accounts with exact strange user names but different crazy email addresses ending in abbuzz.com. My question is:

    How did they end up in my WP User list, the other users who have created accounts on woocommerce are not on the WP User list.

    Is there a way to stop woocommerce users from ending up on the WP Users? I have implemented Ban Hammer with the woo PHP code. but I would like a way to stop this.

    I am also unsure how they were able to create an account without ever actually purchasing. They must have had a valid purchase account and then cancled the order?

    Any suggestions on securing a store from malicious user creation are appreciated.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Stuart Duff – a11n

    (@stuartduff)

    Automattic Happiness Engineer

    Hi @willbode,

    How did they end up in my WP User list, the other users who have created accounts on woocommerce are not on the WP User list.

    All users registered on a WordPress installation are WordPress users and will display within the WordPress Admin > Users section of a WordPress installation. Plugins like WooCommerce do not have their own user system and instead, they use the default WordPress > Users section for all registered users on a site.

    Users can also usually register on a WordPress installation with WooComemerce installed without making a purchase. Those users would display within the WordPress > Users section and have the user role of Subscriber. Users who have purchased products when WooCommerce is installed would have a user role of Customer.

    I hope this helps.

    Thread Starter Will Bode

    (@willbode)

    Ok, so I guess the other people who show up in Woocommerce Customers didn’t create accounts. So that answers part of the question, but not the main question. Thanks.

    Plugin Support Stuart Duff – a11n

    (@stuartduff)

    Automattic Happiness Engineer

    Hey @willbode,

    so I guess the other people who show up in Woocommerce Customers didn’t create accounts.

    If you have Guest checkout enabled in WooCommerce from WooCommerce > Settings > Advanced > Guest checkout > Allow customers to place orders without an account that would not register a user on a WordPress site which you would see at WordPress Admin > Users.

    You would however see those people as customers listed in WooCommerce > Customers.

    Plugin Support Stuart Duff – a11n

    (@stuartduff)

    Automattic Happiness Engineer

    Hey?@willbode,

    We haven’t heard back from you in a while, so I’m going to mark this as resolved – if you have any further questions, you can reopen it again if you need be.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Malicious User’ is closed to new replies.

Tags