WordPress.org

Ready to get started?Download WordPress

Forums

Registration Bots (4 posts)

  1. Illumin
    Member
    Posted 3 years ago #

    Hi,

    I've been getting an increasing number of registrations from what appear to be bots, see below:
    ===
    19:21:46 ->/wp-login.php?action=register
    19:21:49 ->/wp-login.php?checkemail=registered
    19:21:50 ->/wp-login.php
    ===
    Within a matter of seconds they are registering, confirming registration, and logging in. Email doesn't work that fast, so it's not a real person clicking on a confirmation email. Bots, or hackers, should not be able to access "/wp-login.php?checkemail=registered" directly, right?

  2. Bots can access whatever they're programmed to access. Try using this plugin to prevent the behavior:

    http://wordpress.org/extend/plugins/bad-behavior/

    If that's not enough, add a CAPTCHA:

    http://wordpress.org/extend/plugins/si-captcha-for-wordpress/

  3. 300
    Member
    Posted 3 years ago #

    Unfortunately there's also a Captcha bypass program available for a low price that makes Captcha systems useless.

  4. Unfortunately there's also a Captcha bypass program available for a low price that makes Captcha systems useless.

    If we're thinking of the same program, it's only effective on weak captchas that don't obstruct the characters. The plugin that I linked to has an adjustable difficulty which can obstruct the characters in varying degrees.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.