Block false user sign ups

  • Resolved myenglishimages

    (@myenglishimages)


    3 years, 4 months ago

    Over the past two weeks, a large number of sign ups have come from wintds.org email addresses. They are all something like test238043042389@ wintds.org.

    I’ve tried blocking them with WF to no avail.
    I went to Blocking > Custom Pattern > and entered wintds.org in the Hostname, Browser User Agent, and Referer.

    Any advice or guidance is appreciated, especially if I’m simply doing this incorrectly.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @myenglishimages, thanks for reaching out to us.

    Although I cannot commit to development timescales on the forum, we do have a case open for blocking specific email domains from being used during a WordPress registration depending on the site owner’s preference. The block you mention adding does not apply to the email domain being filled in the form, it looks at the source of the actual traffic – so if they’re not physically coming from wintds.org (as referer), they will not be blocked.

    For your reference, Browser User Agent will be the operating system and browser used such as Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:47.0) Gecko/20100101 Firefox/47.0 rather than a URL. You can read more about this here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/User-Agent

    My recommendation for now is to visit Wordfence > Login Security > Enable reCAPTCHA on the login and user registration pages to stem the flow of spam signups. Real humans filling out the form manually should be the only ones getting through once this is in place, so should greatly reduce headaches over seeing randomly generated email addresses sign up.

    Thanks,

    Peter.

Viewing 1 replies (of 1 total)
  • The topic ‘Block false user sign ups’ is closed to new replies.