lilguy43uk
Member
Posted 1 year ago #
I have been using TTC for some time now and it has worked a treat. However, now I'm getting a lot of registrations as follows...
Email: articles@slotsmuscle.com IP: 121.54.32.135
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.3) Gecko/20100401 Firefox/3.6.3 GTB6 (.NET CLR 3.5.30729)
Registered: No known problems May 12 2011 15:45:03
And they are getting through. That is they are reading as registered in the registration logs but they never reach the "Unverified Users" page and don't show up when I go to the Users section of the dashboard. I've deleted the plugin and re installed it but to no avail.
Any ideas?
tsimmons
Member
Posted 11 months ago #
I am also seeing this across our blog network -- it appears they try to register twice from one IP address, then move to the next address. The only consistent thing I've found is the user-agent is exactly the same for every single request (so far.)
I don't have an easy answer, but I'm thinking about putting some code in the wp-config.php to block all requests that use that user-agent. It might block some valid users but at this point, that seems more attractive than dealing with literally hundreds of bogus registrations a day.
This is in spite of using SI CAPTCHA Anti-Spam 2.7.2 and Bad Behavior 2.0.43 which are ineffective against this kind of thing. It appears to be either a very sophisticated bot-net (capable of decoding CAPTCHA) or they are using humans or a combination of both.
Good luck &
Cheers,
Toby
