New set of user registrations getting through
-
Over the last week there’s a new menace I’m dealing with. Someone is registering user names on one of our sites and I’ve tried Bam Hammer plug-ins (both types on the repository). One plug in allows you to put in domains, or other phrases to block but today it’s not working. No matter what phrase or domain part I put in the blocking list, they don’t block. Here is a typical user name and email this person/group is using:
Username: 132 793 RYB SBERBANK telegram – @sibbnk
Email: [email protected]
They always have a couple three-digit groups, an all-caps name, most of the time “telegram” is added and some other bit. Sometimes they put web site names in the user name. A lot of the time a .ru domain is used, but not always. Sometimes gmail.com is used.
I’ve got another Bam Hammer running watching the traffic to see when someone shows up and what pattern they’re trying to use to get in. I’m seeing all kinds of trying to visit this page, that page, going for wp-uploads folders, whatever but I’m not getting any idea how to stop this whackamole.
Is this something people are seeing right now? This person seems to be getting around stuff and I don’t have time to dump lots of IPs in my firewall as I watch. Maybe this is a threat that WordFence can add in the next update?
The page I need help with: [log in to see the link]
- The topic ‘New set of user registrations getting through’ is closed to new replies.