Everyday now I get between ten and fifteen new registrations (subscribers) on my wordpress site. All of them have dodgy names and equaly dodgy email addresses. I have no doubt in my mind that these registrations are testing the security of my site. This activity seems to have increased substancially in the last couple of months. Are other WordPress users experiancing similar registrations and are there any security issues I should be looking at to ensure no-one gets in! I have Akismet 2.1.5 loaded and activated. Is there anything else I should have done but not…?
First question that pops to mind: Do you have a compelling need to allow registrations? Why not just disable them?
I do have a compelling reason to allow regisrations from folk who are interested in the topics discussed on the blog.
Today I have have had over twenty bogus registrations and the problem is getting worse…
So I ask again;
Are other WordPress users experiancing similar overert registrations? If so, what has changed in WordPress to attract these idiots/robots?
why does something need to have changed in wordpress? and what kind of twisted logic do you apply to suggest that anything is attracting them?
I’d love to get a grip on that.
Maybe it’s what you’re writing. Have you posted a picture of yourself on your about page? I bet that’s attracting them.
Automated hacking attempts have been around since the the internet went live. Google the term “script kiddie” for some insight.
If you don’t like the automated registrations, do something to make it harder for robots to register. Either a) disable registrations since they’re pretty much pointless for the VAST majority of cases, or… b) install a user-registration plugin which employs ‘captcha’ or another method of human-verification.
Actually, they’re trying to get access so that they can post ED pill and pron advertisements all over your site. Do you have the bad behavior plugin?
Why has something changed in WordPress…. Quite simply because until I upgraded from version 2 to version 2.5.1, I got maybe one suspicious registration a month, if that, and upon upgrading I am suddenly and instantly swamped with them. That is why I believe something has changed in WordPress. (I hope you can get get your head around that!)
My blog is very boring, heraldry, no pictures of me or anything provocative to attract anyone other than those interested in the grentle science. Also the site has been around for six years and has been a WordPress blog for well over a year.
I am fully aware of auto-hacking but I have never been subjected to it on this site (or any others come to that). Interestingly enough, I still have two WordPress 2 blogs and neither of them is being hit by phoney registrations.
I will be installing a verification plugin but wanted to make the point that there appears to be something in the code of the newer version of WordPress which is attracting the undesirables like a magnet!
Thanks ‘void’, I had worked out what their intention might be….
its just spam bots, and any sort of extra field, aka a captcha will offset their registrations.
fwiw, the popularity of your blog doesnt matter, to spammer or hackers.
I know about a blog on a site that gets 60k unique visitors a day, thats running an extremely insecure version of wp — not an issue, _yet_.
well, its not *just* spam bots… saying that is misleading. It is also hackbots looking for privilege elevation.
it is MOSTLY spambots…
I think anyone who spends a minute thinking about this though, will realise why the latest version is more affected then some prehistoric one though.
If you’re making a bot, and the registration form changes a little, what do you do? stick to the old 2.0 version of your bot, or change your bot to increase your chances?
how that constitutes an invitation by wordpress is beyond me. Get your head around that.
It is also hackbots looking for privilege elevation.
bullshit, and i have months of logs to prove that, sorry.
registrations spam is just that – registration spam, it started on forums, and its carried over to blogs.
Compare your next 20-30-50 spam registrations to this chap’s list:
you have months of logs to prove it for your own site(s) (maybe).
don’t throw that term around with me Whoo, I’m not one of these rag dolls. People aren’t hacking their own sites, you know.
People aren’t hacking their own sites, you know.
And you think that you have to be registered to do .. what? Very few wordpress exploits require you to be registered member.
And honestly, you think you can back up what youre saying, please do — I would love to see something thats verifiable, that shows a fake registration followed by some sort of attempted exploit, from the same IP.
Not gonna happen.
Furthermore, no, I have logs to prove it for my site(s) and the 15-20 sites Ive helped get unhacked.
Oh for crying out loud, obviously it isn’t a requirement to be registered to be hacking, but if you think they’re not trying that *as well* you’re miles off course.
I also love that you said “Very few wordpress exploits require you to be registered member” That’s a gem. So we should just ignore those few and tell everyone that its “just spam?”
It’s happened historically, and it’ll probably happen again. The fact that there isn’t a current exploit based on subscriber-level access doesn’t mean they won’t find one.
And just because you threw the term ‘bullshit’ at me, I’m going to have a quiet giggle about your 20 websites being any kind of representation of the internet, that is, assuming you could even identify an attempt at privilege execution from a registered user via your extensive logs from websites you haven’t controlled until after the mess occurs.
Whoo, you were wrong… occasionally defending your wrongness until your ears bleed isn’t the best course of action.
All I said was that you shouldnt speak in absolutes, because its misleading.
As for your request for proof, you could have included that instead of crying ‘bullshit’ earlier. Now I’m not really inclined to do your googling for you, especially since you KNOW there have been exploits in the past relating to registered users.
And even if there NEVER WAS an exploit relating to registered users, you can bet you ass it’s being tested every day, which makes your “its just spam…” comment that much worse.
It’s never *just* anything.
aww cmon ivovic ..
I’m going to have a quiet giggle about your 20 websites being any kind of representation of the internet,</blockquote
And yours is? what?
but if you think they’re not trying that *as well* you’re miles off course.
where? where your evidence?
I will give you one concession, the “just” wasnt a good word to use, of that I agree.
Like this better?
99.9999999999999999999999999999999999999999999999999999% of those are spambots.
whoo, you’re a bigger person than this…. I hope.
I’m not going to argue with you… I’m not even going to bother guessing which of these links you’ll deem reputable enough.
And before you come at me again, think about the plugins and their stringent user-security checking…. or better yet, just pull your head in, you’re starting to piss me off.
you…were…wrong to say that it’s just spam… it’s never *ever* just spam.
- The topic ‘Are ‘web robots’ testing my wordpress security?’ is closed to new replies.