Lots of spam registrations withing a few days

  • Resolved salpilk

    (@salpilk)


    1 year, 8 months ago

    I am using CAPTCHA 4WP and have V3 recaptcha enabled on my registration forms.

    In the last few days I have suddenly had about 140 spam subscriber registrations, usually I have an occasional spam registration. Any ideas why this is happening?

    The page I need help with: [log in to see the link]

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author robertabela

    (@robert681)

    Thank you for using our plugin @salpilk

    I am sorry to read about your issue. Can you please answer the below questions to help us troubleshoot the issue?

    1. This is the first time you are using our plugin and you’re seeing a lot of spam, or you’ve had our plugin before, there was not so much spam before and all of a sudden there was a spike in the number of spam registrations?
    2. Is the registration page the WordPress native registration form or a custom form?
    3. Can you send us the URL of the registration form?
    4. Did you specifically enable the CAPTCHA on the rigistration form from the plugin settings?
    5. What version of the plugin. and WordPress are you using?

    Looking forward to hearing from you.

    Thread Starter salpilk

    (@salpilk)

    Hi,

    Thanks for your reply.

    1. I have been using CATCHPA WP for a long time on this site with no spam. The spam user registrations started all of a sudden. I’m not sure what has changed to cause this issue.

    2. Registration form is native

    3. https://www.womeninparenthesis.co.uk/wp-login.php?action=register

    4. in CATCHPA WP setting, recaptcha is enabled for all pages. V3

    5. Version 7.1.1, WordPress 6.1.1

    I think we could potentially disallow “Anyone can register” in the WP Settings, and disable comments, as we don’t really need to allow subscribers. But it would still be good to understand why the spam is happening.

    Plugin Author robertabela

    (@robert681)

    Thank you for the details @salpilk

    If you do not need users to register, I’d recommend shutting down user registrations. That is always the safest bet.

    In regards to the increase in spam, it is hard to tell what could have caused it without analyzing the samples, data etc. For example:

    1. Do you think these registrations were automated (via some automated software) or done manually? It is hard to tell but by analyzing the data and the time intervals in between them you can sort of guess how they were created.
    2. Did you check the Google reCAPTCHA dashboard and statistics to see if there was a spike in number of registrations analyzed? In the dashboard you can see a graph that highlights how many requests the CAPTCHA server received, allowed and blocked.
    3. Do you have information about the source of these registrations? Can you check the web server log file to see where the traffic is originating from?

    By analyzing such information you can get a better idea of what exactly happened, however, as you mentioned in your post, if you do not need user registrations I’d close the registration form.

    Please let us know if you need any further assistance from our end.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Lots of spam registrations withing a few days’ is closed to new replies.