Notifications
Clear all

wpForo 1.x.x Problem with sign up of multiple users with enabled recaptcha

12 Posts
3 Users
0 Likes
434 Views
farhad
Posts: 9
Topic starter
(@farhad)
Active Member
Joined: 6 months ago

Hi,

  • ReCaptcha is enabled
  • Security Preference = Most secure
     
  • WordPress registration = Disabled
  • All settings of the ReCaptcha are enabled

But still we get too many new users registration with inactive status

What is wrong?

Thank you for your help

wpForo Version
latest
WordPress Version
latest
7.4
Topic Tags
11 Replies
dimalifragis
Posts: 1830
(@dimalifragis)
Noble Member
Joined: 3 years ago

Why don't you disable for 1-2 days all that recaptcha thing and see how it goes. You also have several other things enabled, cloudflare and its caches.

Also those users could be fake bot users. This is not related to wpForo.

Reply
farhad
Posts: 9
Topic starter
(@farhad)
Active Member
Joined: 6 months ago

@dimalifragis

How they can bypas Recaptcha ?

Disabling that option will increase spams by sure

What we can do against those robots?

They are mostly from @inbox.imailfree.cc domain !!

Thank you for your support

Reply
dimalifragis
Posts: 1830
(@dimalifragis)
Noble Member
Joined: 3 years ago

I didn't say to disable recaptcha for ever, just for a test 2-3 days.

Bots can't usually bypass recaptchas, but real users of cource can.

If you have an abusing domain like the one you posted, then block it. Simple as that.

I have always been suggesting to protect Wordpress sites with some security plugin, for me akismet and recaptchas do not work very well.

Reply
farhad
Posts: 9
Topic starter
(@farhad)
Active Member
Joined: 6 months ago

@dimalifragis

I found a strange things,

I was enabled the option : Enable User Registration email confirmation

So those robots can register as inactive users and the system sends emails for confirmation

But now I disabled that option and there isn't any new user

May be there is any problem in the form of User Registration with email confirmation

 

Reply
1 Reply
Robert
Admin
(@robert)
Joined: 7 years ago

Support Team
Posts: 9912

@farhad ,

There is no any problem. All spambots are developed for the registration form which doesn't contain password field, and they expect confirmation email. The spambots don't work on this form, this is the only reason.

Reply
Page 1 / 2