- ReCaptcha is enabled
- Security Preference = Most secure
- WordPress registration = Disabled
- All settings of the ReCaptcha are enabled
But still we get too many new users registration with inactive status
What is wrong?
Thank you for your help
Why don't you disable for 1-2 days all that recaptcha thing and see how it goes. You also have several other things enabled, cloudflare and its caches.
Also those users could be fake bot users. This is not related to wpForo.
How they can bypas Recaptcha ?
Disabling that option will increase spams by sure
What we can do against those robots?
They are mostly from @inbox.imailfree.cc domain !!
Thank you for your support
I didn't say to disable recaptcha for ever, just for a test 2-3 days.
Bots can't usually bypass recaptchas, but real users of cource can.
If you have an abusing domain like the one you posted, then block it. Simple as that.
I have always been suggesting to protect Wordpress sites with some security plugin, for me akismet and recaptchas do not work very well.
I found a strange things,
I was enabled the option : Enable User Registration email confirmation
So those robots can register as inactive users and the system sends emails for confirmation
But now I disabled that option and there isn't any new user
May be there is any problem in the form of User Registration with email confirmation