Spam registration attempts

  • Resolved hampalm1

    (@hampalm1)


    3 years ago

    Hi
    I wonder if anyone can help with this
    I have ran a memberships site for 6/7 years now and never had a problem with this until I switched to a new theme recently. The only differing factors are of course the theme but also Elementor and Woocommerce. I am speaking to the theme’s author but I get the feeling they are close to holding their hands in the air, I’ve spoke to my host and they directed me to the theme’s author, I spoke to Elementor and they said it wcouldnt be anything to do with their plugin and because woocommerce was bundled in with my theme I don’t believe i can get support from woocommerce direct so wondered if anyone in the forum might be able to help.
    Baically I am getting absolutely bombarded with SPAM registrations. I have recaptcha installed and email verification and the email verification is the only thing saving me from them getting through at the moment but there are so many, logic would suggest it is only a matter of time before one gets through. Its also filling up my inbox with email notifications which I need and dont want to stop receiving them but its also inconvenient.
    I wondered if anyone might be able to offer any advice ?
    Kind regards
    Andrew

    The page I need help with: [log in to see the link]

Viewing 8 replies - 1 through 8 (of 8 total)
  • Abiola Ogodo

    (@oaoyadeyi)

    @hampalm1

    You can try using Wordfence or Akismet to fight against spam on your site

    Thread Starter hampalm1

    (@hampalm1)

    Thanks Oyadeyi

    I’m already using both and they seem to work fine for what they are supposed to do as I’m only using the free versions so to my knowledge Wordfence doesnt block SPAM registrations. I am reaching out to them on their portals for advice on their plugins. I was hoping for the same from Woocommerce, seeing as the vulnerability is from the registration page. My theme’s author has advised me to change the url of the page, which i have done and am hoping that may resolve it but will have to keep an eye on it.

    Hey @hampalm1,

    Hopefully changing the default URL will help. Most of the time, bots are trained to look for a specific URL to try and register. If that’s different they may not be able to locate it.

    Have you also disabled WordPress registration? If that is enabled, bots can also sign up for accounts at https://site.com/wp-login.php?action=register. You can disable this and still allow WooCommerce customers to create accounts. To do that go to Settings > General and make sure this box is unchecked.

    This won’t affect customers from registering on the account page but it will disable the default WordPress user registration.

    Take care

    Thread Starter hampalm1

    (@hampalm1)

    Thanks for that

    I just tried that address with my domain and the search engine recognised it as a fake address, so it didnt bring up my website ? However that box is ticked. Should I still untick it

    Kind regards

    Andrew

    Plugin Support Sol J. a11n

    (@solstudioim)

    Hi @hampalm1

    I just tried that address with my domain and the search engine recognised it as a fake address, so it didnt bring up my website ?

    I am not sure what you mean. I certainly believe this has nothing to do with search engines.

    My colleague’s suggestion to untick that option is that so bots can not directly use the URL to register for spammy accounts.

    However that box is ticked. Should I still untick it

    It’s better that you keep it ticked, so no bots will be able to use the direct link for account registration.

    I hope that helps!

    If you have any other questions, do not hesitate to let us know!

    Thread Starter hampalm1

    (@hampalm1)

    Thanks Sol
    Bit confused by the tick or untick but I will assume your last comment is the best and leave it ticked unless you want to correct me on my understanding of that ?
    Thanks again
    Andrew

    Hi @hampalm1

    Yes, please. As my colleague stated, it’s better that you keep it ticked, so no bots will be able to use the direct link for account registration.

    Cheers

    Thread Starter hampalm1

    (@hampalm1)

    OK, thanks

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘Spam registration attempts’ is closed to new replies.