Spam registration attempts

  • Resolved hampalm1

    (@hampalm1)


    3 years ago

    Hi
    I wonder if anyone can help with this
    I’m a wordfence user but not sure if wordfence can help with this or not. I have ran amembership site for about 6 years. I recently changed the theme which uses woocommerce for registrations. This problem didnt happen as soon as I started using the theme but not long after. So, recently I started getting absolutely bombarded with SPAM registration attempts and I mean full on attack mode. I have recaptcha installed though not 100% sure its configured correctly and I have an email verification plugin.
    The email verification plugin is the only barrier to entry that is saving me so far however, I have never seen anything like this apart from the fact its making me nervous its also filling up my inbox with email notifications, which of course i want if this happens but its causing me a lot of hassle every day sifting through them.
    I am speaking to my theme’s author but so far they seem at a loss as to whats happening and I’m worried that they seem to be just holding their hands in the air and dissasociating themselves with the problem. Woocommerce came with the theme, so if its anything to do with woocommerce, they should be supporting it. I spoke to my jost and they said its nothing to do with them and to speak to the theme’s author and I spoke to Elementor and they said the same.
    Can anyone offer any advice ?
    Kind regards
    Andrew

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @hampalm1, thanks for reaching out.

    2FA and reCAPTCHA can be enabled for the default WordPress and WooCommerce login/registration pages, but not custom ones so it might be worth checking whether the theme you have installed with WooCommerce implements its own registration form/scripts.

    If you are using Wordfence reCAPTCHA, ensure you have Wordfence > Login Security > Settings > Enable WooCommerce Integration checked. This will also require credentials in the “Enable reCAPTCHA on the login and user registration pages“.

    Wordfence, as an endpoint firewall cannot stop a bot or human from trying to visit and register on your website altogether, but rather deal with the visits appropriately when they happen. Having reCAPTCHA enabled should dramatically reduce amount of form submissions to your registration pages, so you can check whether this is displaying for customers by visiting that page yourself. Once there, do you see any errors in the browser console? You can screenshot any results using a service like Snipboard.

    Let me know what you find out!

    Thanks,

    Peter.

    Thread Starter hampalm1

    (@hampalm1)

    Thanks Peter
    The theme’s author recommended changing the url of the registration page and that simple change seems to have fixed the issue.

    Kind regards

    Andrew

    Plugin Support wfpeter

    (@wfpeter)

    That’s great news @hampalm1, thanks for letting me know!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Spam registration attempts’ is closed to new replies.