Mysterious registrations

  • Resolved G Hinson White

    (@g-hinson-white)


    11 years, 11 months ago

    I’ve been getting one or two new registrations each week but there are no comments or posts by these people. Reading the blog/forum does not require registration but posting does. Since they are not posting, I’m wondering if somehow, this group is using my blog for some nefarious works. Is this something I should be worried about?

    My site is https://www.RBCForum.com

Viewing 8 replies - 1 through 8 (of 8 total)

  • It could be spam bots registering on the site. Take a look at the user names and email addresses they’re using. If the user names look like a bunch of random letters and numbers and the email addresses are from free email sites, they are more likely to be bots.

    It is a creepy feeling to have a bunch of such registrations, though if you keep your WordPress installation upgraded and use secure user names (not “admin” for the administrator account, for example) and passwords, you’re probably okay. You are running the kind of site that is somewhat of a lightning rod for attacks. I would certainly have a backup routine in place for the site files and database so that if you do get hacked, you will be in a position to rapidly put things back to rights.

    You can try a plugin like Stop Spammer Registrations to try to prevent them from registering. It sure would be a good idea for a potentially controversial site.

    Thread Starter G Hinson White

    (@g-hinson-white)

    This is a dumb question, but what do the bots do?

    That’s not a dumb question at all. The most common thing they do once they register is start posting all kinds of spam comments containing links to sites, advertisements, and other garbage. There may be some that utilize hacks on vulnerable plugins or poorly maintained sites to actually get admin access and have their way with your site in a variety of ways I don’t like to think about. ??

    The fact that they haven’t done anything on your site just may mean they haven’t been used yet or they didn’t find the vulnerability they were looking for if they had more malign intent/more capability. These days, most of the registrations are automated, the successful ones go in databases that are then sold to spammers who use them for paid advertising campaigns. They may just be waiting until there is an advertiser that matches up with your site.

    Thread Starter G Hinson White

    (@g-hinson-white)

    Thanks a bunch. Time to install a CAPTHA plugin I guess. That should stop the registrations. Thanks so much for your responses.

    Actually, all of the CAPTCHA’s have long since been cracked by the spam ‘bots. You really need something more. Plugins like Akismet and Stop Spammer Registration actually go way beyond a simple CAPTCHA, which is what you need these days.

    If you do not have a need for “users”, simply turn off registrations.

    From admin, go to Settings, General and uncheck ‘Anyone can register’.

    Thread Starter G Hinson White

    (@g-hinson-white)

    linux, I have Akismet installed but have now also installed ‘Stop Spammer Registration’ and so far, no new registrations.

    Gabe, I need the users because I want to generate discussion/debate but need to be able to keep it civil. Registration helps with that.

    You should be in good shape now.

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Mysterious registrations’ is closed to new replies.