Hello mogibb63,
If your website doesn’t have a need for user signups, disable WordPress user registration so you don’t have to deal with spam users by navigating to
Settings >> General and ensure Anyone can register isn’t checked in “Membership”.
The default signup of WordPress located at
https://yoursite.com/wp-login.php?action=register is often a target for spammers and bots as they are programmed to go looking for that link to register fake users.
1) Redirecting requests from the default register page to a custom page.
2) Google’s reCAPTCHA
3) Akismet is a spam-fighting service that protects millions of WordPress sites from not just comment and contact form spam, but also spam of any kind.
4) Admin New User Approval
Hope this helps.
Thanks.
To me, this issue looks like a hacked website.
Also, if your website is http://mostravelclub.com/ it is producing a blank screen at the moment.
I would agree that this is probably a hacked website. New registrations should never come in as keymaster or admin automatically.
First check your settings by navigating to
Settings → General and ensure Anyone can register isn’t checked in “Membership”.
Then carefully follow this guide. When you’re done, you may want to implement some (if not all) of the recommended security measures and start backing up your site.
Hope this helps.
