Blogspot Robot

  • Resolved gmcoleman

    (@gmcoleman)


    6 months ago

    I’m being hit with registrations every 30 minutes. They have random emails and usernames but have one word “blogspot” in common on all in the username. See example below. How can I block these attempts please?

    “New user registration on your site MARIJUANA HANDLERS?:

    Username: https://www.sbeevf.blogspot.ca – 40 930 USD PEPE kro

    Email: [email protected]

    The page I need help with: [log in to see the link]

Viewing 5 replies - 1 through 5 (of 5 total)
  • fjpmaia

    (@fjpmaia)

    I’m having the same problem. Started today.

    Thread Starter gmcoleman

    (@gmcoleman)

    I think I fixed it. I did this:

    I  think the hackers are using this URL to register:

    https://marijuanahandlers.com/wp-login.php?action=register

    So I added a Redirect plugin.

    Replace my URL with yours

    Plugin: https://redirection.me/

    fjpmaia

    (@fjpmaia)

    Our website already redirects the login page to the home page. We use another login page. Maybe some plugin is registering the user.

    fjpmaia

    (@fjpmaia)

    You are right! The page visited is /wp-login.php?action=register. I don’t know how it was registering, I tested it and it was redirecting. I blocked the IP.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @gmcoleman,

    There are a couple of things you can try to stem the flow of spam registrations. I have seen rogue users potentially trying to come through XML-RPC, which can be disabled. “Disable XML-RPC authentication” appears in Wordfence > Login Security > Settings. You can also block this route entirely using .htaccess, provided you don’t use the WordPress app or a plugin that requires it such as Jetpack:

    # Block WordPress xmlrpc.php requests
<Files xmlrpc.php>
order deny,allow
deny from all
</Files>

    You could also enable reCAPTCHA for registration/logins using our Login Security module to ensure humans are able to complete the form, but it should be effective at blocking automatic bot registrations.

    Thanks,
    Peter.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Blogspot Robot’ is closed to new replies.