How to play super ace jili online.Makakuha ng libreng 700pho sa bawat deposito

Resolved devsaredead
(@devsaredead)

1 year, 8 months ago

May I ask for a 21st century tip on a hot topic?

I have a custom admin url, and yet I get spam registrations as soon as I turn the site off maintenance mode. I don’t want to use captcha/optin solutions, and I have tested it’s not my registration plugin. The only thing that works is disabling “anyone can register”, which of course prevents real users registration. Every spammer is put on hold, and even listed as new subscribers in my newsletter plugin (which is neither causing the issue, I disabled it for testing)

I suspect there must be some lines of code injected, some trojan, but I have scanned throughly and I cannot find anything. Is there a particular spot where to look for?

Viewing 5 replies - 1 through 5 (of 5 total)

Pieterjan Deneys
(@nekojonez)

1 year, 8 months ago

Spam bots are excellent in searching and scraping websites via sitemaps and such to find your login page… I even tested it with a blank WP install and the only change I did with a plugin was changing the location of wp-login.php and still I got a lot of spam registrations.

I have found these links that might help:

https://wpforms.com/simple-tricks-to-eliminate-spam-user-registration/#:~:text=To%20do%20that%2C%20open%20up,user%20registrations%20on%20your%20site.

https://kinsta.com/blog/stop-wordpress-registration-spam/

https://www.anarieldesign.com/how-to-stop-spam-user-registration-in-wordpress/

https://www.malcare.com/blog/stop-wordpress-registration-spam/

Maybe these links have the information you are looking for… Or maybe somebody else in this forum.

Moderator bcworkz
(@bcworkz)

1 year, 8 months ago

There are a number of plugins that might help:
https://www.ads-software.com/plugins/search/stop+spam+registration/

Thread Starter devsaredead
(@devsaredead)

1 year, 8 months ago

thank you but I have implemented all above on a regular basis. My concern is to find and delete a portion of code which must be hidden somewhere. I mean, it’s impossible that I start getting spam the very second I turn the site on. Besides, I wasn’t getting spam before.

It must be a vulnerability in a plugin but of course everyone blames everyone. Reinstalling WP doesn’t help, scanning at server and site level neither.

Where is that nasty code hiding?

Pieterjan Deneys
(@nekojonez)

1 year, 8 months ago

Something you could do is go to updates and click the button “Re-install WordPress vx” (x will be your version number), then all files will be the clean core files. And then if the issue presists it’s most likely a plugin or theme issue me thinks.

Or your website is just known in spambot lists… As soon as the first attacks started on the school website I created it only started to increase…

Thread Starter devsaredead
(@devsaredead)

1 year, 8 months ago

I’m gonna put this topic on “resolved” because I’m not getting anymore spam registrations since my SSL certificate (free “let’s encript” type) updated. I hope it stays so, but I’d appreciate if some expert would throw some light on how can this happen. thanks

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘(yet another) spam registration issue’ is closed to new replies.

(yet another) spam registration issue

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics