WordPress.org

Ready to get started?Download WordPress

Forums

[resolved] Is this a spam/hacker bot or person? (7 posts)

  1. Will Taft
    Member
    Posted 7 years ago #

    I had a user registration this morning by johnsmithuswe. I was curious since my blog is new and small and only has a few registrations total. I found this site which explains well what happened.

    It appears if this is true, the vulnerability was fixed months ago, but I am curious if the registration was done by a person or a spam/hack robot? Is there any way to tell for sure?

    Also, if people can post comments on my site without registering, is there any reason to allow registering at all? I turned off registering for now. Any downside to that?

    Thanks!

  2. moshu
    Member
    Posted 7 years ago #

    If you don't require registration, which is a wise decision - yuou don't need to allow registration. I never do.

    No downside to it.

    That's a spam registration.

    You may want to take a look at this, too: http://www.village-idiot.org/archives/2007/01/10/wp-deadbolt/

  3. iscifi
    Member
    Posted 7 years ago #

    I don't need or use registration and haven't had a spam/bot attempt to register yet, but I also upgrade wordpress when a security fix comes out.

    Even my comment section I locked down and I let the antispam plugins do their job and I have'nt had to delete a spam comment for 6 months! I don't even seem them waiting approval which is a good indication that the antispam is working..

  4. Will Taft
    Member
    Posted 7 years ago #

    I don't require registration, so I'll leave it off for now. I can always register someone manually if they want to subscribe to email or something.

    That link to the plugin looks good if you want something reactive and not proactive. In searching, I don't find anything proactive to prevent spam registrations. May be that it is a hard thing to implement.

    Anyway, thanks for your replies!

  5. whooami
    Member
    Posted 7 years ago #

    WP-Deadbolt is as proactive as you make it. Just like the the comment blacklist that already comes with WordPress. Thats one reason there's another post with a starter list of bad domains.

  6. Will Taft
    Member
    Posted 7 years ago #

    OK. Maybe the problem is with me because I find I do not spend the time to keep blacklists and whitelists up to date. It seems sort of like trying to keep a virus definition database up to date manually rather than having it happen automatically. Maybe I am not understanding how you do it with WP-Deadbolt. I'll look at your site again.

    Thanks!

  7. dlo
    Member
    Posted 6 years ago #

    The Sabre plugin is an appropriate answer to this issue.

    You can check it at http://wordpress.org/extend/plugins/sabre

Topic Closed

This topic has been closed to new replies.

About this Topic