Is this a spam/hacker bot or person?

  • I had a user registration this morning by johnsmithuswe. I was curious since my blog is new and small and only has a few registrations total. I found this site which explains well what happened.

    It appears if this is true, the vulnerability was fixed months ago, but I am curious if the registration was done by a person or a spam/hack robot? Is there any way to tell for sure?

    Also, if people can post comments on my site without registering, is there any reason to allow registering at all? I turned off registering for now. Any downside to that?

    Thanks!

Viewing 6 replies - 1 through 6 (of 6 total)

  • If you don’t require registration, which is a wise decision – yuou don’t need to allow registration. I never do.

    No downside to it.

    That’s a spam registration.

    You may want to take a look at this, too: https://www.village-idiot.org/archives/2007/01/10/wp-deadbolt/

    I don’t need or use registration and haven’t had a spam/bot attempt to register yet, but I also upgrade wordpress when a security fix comes out.

    Even my comment section I locked down and I let the antispam plugins do their job and I have’nt had to delete a spam comment for 6 months! I don’t even seem them waiting approval which is a good indication that the antispam is working..

    Thread Starter Will Taft

    (@wt)

    I don’t require registration, so I’ll leave it off for now. I can always register someone manually if they want to subscribe to email or something.

    That link to the plugin looks good if you want something reactive and not proactive. In searching, I don’t find anything proactive to prevent spam registrations. May be that it is a hard thing to implement.

    Anyway, thanks for your replies!

    WP-Deadbolt is as proactive as you make it. Just like the the comment blacklist that already comes with WordPress. Thats one reason there’s another post with a starter list of bad domains.

    Thread Starter Will Taft

    (@wt)

    OK. Maybe the problem is with me because I find I do not spend the time to keep blacklists and whitelists up to date. It seems sort of like trying to keep a virus definition database up to date manually rather than having it happen automatically. Maybe I am not understanding how you do it with WP-Deadbolt. I’ll look at your site again.

    Thanks!

    The Sabre plugin is an appropriate answer to this issue.

    You can check it at https://www.ads-software.com/extend/plugins/sabre

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Is this a spam/hacker bot or person?’ is closed to new replies.