Strange new user behaviour

  • observer144

    (@observer144)


    10 years, 7 months ago

    In the last 6 hours, I’ve had two new user accounts created that immediately go through a change password process. In 5+ years no account has ever done that, and now 2 in 6 hours. Because both accounts were from mail.ru, I am highly suspicious of this.

    I’ve checked my administrator (non default account name and long password) and it seems fine. I’ll check that there are no new files on the server later today.

    Anyone else seeing this and should I be concerned? I was concerned it was some new probe for vulnerabilities.

    thanks,
    -r.

Viewing 2 replies - 1 through 2 (of 2 total)
  • juggledad

    (@juggledad)

    10 years, 7 months ago

    As of 4.3 when a user registers, they can not choose a password, instead a link is sent to their email address where they can choose a password. This is probably what you are seeing.

    To verify, try creating a new user yourself and see if it gives the same result.

    p.s. if you are not serving russia, I’d be inclinded to blow away those users.

    David_G

    (@questas_admin)

    10 years, 7 months ago

    Might I suggest adding Bullet Proof Security to your website. Never had a problem with hackers or spam bots since. Better yet get the PRO version, great support and not that costly.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Strange new user behaviour’ is closed to new replies.