Spam Registrations Persisting Despite reCAPTCHA Activation

  • Resolved hellopawan

    (@hellopawan)


    3 weeks, 5 days ago

    Hello WebFactory Support,

    I am using the Advanced Google reCAPTCHA plugin on my WordPress website to prevent spam registrations. I have configured the plugin and enabled reCAPTCHA on the user registration form, but I am still experiencing a high volume of spam registrations from a couple of days.

    Here are the details of my setup:

    • Plugin Version: v1.27
    • WordPress Version: 6.7.1
    • reCAPTCHA Type: v2 Checkbox

    Issues Observed:

    • Despite reCAPTCHA being enabled, bots are still managing to register.
    • I have verified that the reCAPTCHA box appears on the registration page and does not show any errors.

    Troubleshooting Steps Taken:

    ? Checked API keys and re-entered them.
    ? Tested registration form in an incognito browser to confirm reCAPTCHA appears.
    ? Enabled: Block bad bots an option inside Firewall tab into the Advanced Google reCAPTCHA plugin.

    Could you please provide guidance on how to resolve this?

    Your assistance would be greatly appreciated. Looking forward to your response.

    Recent users registerd screeshot attached:
    https://ibb.co/hRdLZ398

    Best regards,
    Pawan M.

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Alexandru Tapuleasa

    (@talextech)

    Hi,

    I this case there are 2 reasons I can think of:
    1. The spammers are manually registering and checking the box
    2. There is another way to register on the website, like a registration form in another plugin that doesn’t display the captcha and handles the registration independently.

    Thread Starter hellopawan

    (@hellopawan)

    Thanks for your response. I have reviewed your suggestions and performed the following checks:

    1. I verified that all registration forms on my site are protected by reCAPTCHA, including WooCommerce.
    2. I checked whether registrations were happening manually, but the volume suggests automated spam.

    Could you please confirm if the plugin has any known bypass issues or recommend any additional security measures?

    Looking forward to your advice.

    Plugin Author Alexandru Tapuleasa

    (@talextech)

    I don’t have any ideas ??

    Captcha itself is not a fool proof solution. I see you now have reCAPTCHA v3 enabled instead of v2. That uses a spam score instead of the challenge so it might help or it might make things worse depending on who is spamming your website and how.

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.