Notifications
Clear all

wpForo 1.x.x [Closed] Problem with sign up of multiple users with enabled recaptcha

12 Posts
3 Users
0 Likes
1,292 Views
Posts: 8
Topic starter
(@farhad)
Active Member
Joined: 2 years ago

Hi,

  • ReCaptcha is enabled
  • Security Preference = Most secure
     
  • WordPress registration = Disabled
  • All settings of the ReCaptcha are enabled

But still we get too many new users registration with inactive status

What is wrong?

Thank you for your help

Topic Tags
11 Replies
dimalifragis
Posts: 2593
(@dimalifragis)
Famed Member
Joined: 4 years ago

Why don't you disable for 1-2 days all that recaptcha thing and see how it goes. You also have several other things enabled, cloudflare and its caches.

Also those users could be fake bot users. This is not related to wpForo.

Posts: 8
Topic starter
(@farhad)
Active Member
Joined: 2 years ago

@dimalifragis

How they can bypas Recaptcha ?

Disabling that option will increase spams by sure

What we can do against those robots?

They are mostly from @inbox.imailfree.cc domain !!

Thank you for your support

dimalifragis
Posts: 2593
(@dimalifragis)
Famed Member
Joined: 4 years ago

I didn't say to disable recaptcha for ever, just for a test 2-3 days.

Bots can't usually bypass recaptchas, but real users of cource can.

If you have an abusing domain like the one you posted, then block it. Simple as that.

I have always been suggesting to protect Wordpress sites with some security plugin, for me akismet and recaptchas do not work very well.

Posts: 8
Topic starter
(@farhad)
Active Member
Joined: 2 years ago

@dimalifragis

I found a strange things,

I was enabled the option : Enable User Registration email confirmation

So those robots can register as inactive users and the system sends emails for confirmation

But now I disabled that option and there isn't any new user

May be there is any problem in the form of User Registration with email confirmation

 

1 Reply
Robert
Admin
(@robert)
Joined: 8 years ago

Support Team
Posts: 10503

@farhad ,

There is no any problem. All spambots are developed for the registration form which doesn't contain password field, and they expect confirmation email. The spambots don't work on this form, this is the only reason.

Page 1 / 2