Hi there, I think you need to get rid of this guy, if he’s been emailing you, then you could simply reply to him that he needs to re register and use this plugin.First change his password or delete the account, email him and ask him to register again.
http://wordpress.org/extend/plugins/ttc-user-registration-bot-detector/
for all registrations it takes the ip address and email address.
once you have them, add them to the lists and block him once and for all,I found this very useful, as I’ve recently had a plague of multiple registrations from the same ip address.
hope you get there, but I would certainly get rid of him.
mike.
Thank you, Mikey1. I’ve banned every IP he has tried, and in fact my server has now banned large swaths of Central America just for him. He continues to use proxies, which we’re also banning, but he is rabid and quite literally insane, with nothing to do with his time but try to ruin my day. Yeah, it’s flattering really. 🙂
So, the main problem is that to request a password reset, you do not need to have an account. All you have to do is click a link and enter a user name or email address, and the system will send an email to that account with a link to reset the pw. That means that the solution is not to ban this user, but to strengthen the code so that he and his scripts are stopped. A good CAPTCHA should do this, but I’m unfamiliar with the code. I’ve found a simple tutorial and will start learning the code (this is how I solve most problems with the software), but I hoped someone here had already gone through the process and had something I could implement a little more quickly.
In the meantime, I’ve edited the wp-login.php to disable automatic password reset. I’d rather a few people have to wait to reset their passwords than to have hundreds of users continually spammed by my own site.
Hi again, I hope it works out,
Don’t let him ruin your day 🙂
all the best. mike
Well, thanks for the kind thoughts, mikey. I’m surprised no one else here has any input on this, and especially surprised that no other jerk ever pulled this same crap on someone else. Ah well, looks like I’m on my own!
I have not had this problem, but there definitely needs to be some kind of captcha and/or askimi type of fix. I think this could be a major problem.
