Nice plugin but already hack by bot

  • This is very nice plugin, but already hack by bot, every website I have install this plugin, many robots register for accounts every day, and all restricted registration of plugins on wordpress also can’t stop this issue, but only their $29 addon can stop these robot(claim by their support).

Viewing 12 replies - 1 through 12 (of 12 total)

  • Hi,

    Can you let us know which addon you are referring to? We have reCaptcha addon to prevent this and it’s free of cost. You might have to take extra security precautions for your site if you are getting more and more fake registrations.

    Regards,
    Patrik

    Thread Starter Todd White

    (@hpek)

    all my website have reCaptcha.

    Plugin Contributor Paolo

    (@paoltaia)

    Hi Todd,

    sorry to hear about this. reCAPTCHA should be able to block Xrumer from registering spammy users.

    I don’t know exactly what’s going on and I’m sorry that our support team suggested buying add-ons for users’ moderation and restriction that have nothing to do with blocking spam registration. They should have escalated the problem to the developers’ team to see why reCAPTCHA is not doing its job instead.

    I asked the developers to follow up, they’ll contact you directly through our support system.

    Thanks for your patience.

    Plugin Contributor Paolo

    (@paoltaia)

    Hi again Todd,

    apparently there are already tools that allow bots to bypass reCAPTCHA. We added a honeypot that on top of reCAPTCHA should help to stop most of them. Please let us know after installing the new version if you see any improvements. If you do, we would appreciate it if you could update this review…

    Thanks

    Does v1.2.2.6 already have honeypot?

    wp_user1

    (@wp_user1)

    Where do I find a honeypot option?
    We don’t want to use reCaptcha because of privacy settings..

    • This reply was modified 4 years ago by wp_user1.

    Hi,

    Honeypot is already implemented and there is no setting for that.

    Regards,
    Patrik

    I don’t know guys, maybe I do get less spam registration, but not by a lot. Even with the new honeypot and strictest recaptcha settings I still get daily spam registrations. Would be nice to find some extra solution for this problem.

    Hi,

    Can you check with your hosting provider? As they have some firewall that can prevent access from restricted IPs or frequent calls from IPs.

    Regards,
    Patrik

    Hi, Patrik, yes, I am on Cloudways and they do have bot protection, however I recently managed to solve the bot problem another way, by disabling login and registration pages (just trashing them). So instead for registration and login I use built-in pop-up modal and that solved the problem. No spam anymore. Probably a better way would be simply to redirect those pages, to home page or something else so that bots couldn’t find the registration form.

    Do you think this is a good long term solution? Or popup modals are not all browser compatible?

    Would appreciate your thoughts on that,

    Thank you.

    • This reply was modified 3 years, 9 months ago by woorooo.

    Hi,

    This can work for your site if you are using login and registration forms of popup only as bots may be targeting login or register slug in the page URL. We are using the bootstrap modal for popup so it should be compatible with all major browsers.

    Regards,
    Patrik

    Sounds good to me, thanks a lot ??

Viewing 12 replies - 1 through 12 (of 12 total)
  • The topic ‘Nice plugin but already hack by bot’ is closed to new replies.