Many users with strange names register, but don’t leave comments. Should I be afraid?

4 Views

Many users with strange names, register on my blog, but don’t leave comments. Should I be afraid, that this might be attack of some sort. Maybe someone found some sort of bug in WordPress which allows to penetrate security?

Are there any actions I should take?

Post Views: 4

Related posts

Leave a Reply

3 comments

  1. Spam bots will always try to register. They basically just input data into any form they can find in hopes it will pull their URL on to your page so they can build trackbacks and score higher in Google rankings.

    There are a couple of things you can do to prevent this:

    1. If you don’t need people to register for your site (most don’t) just turn off new user registration.
    2. Install a captcha plugin for your registration form. It won’t catch everything, but it should decrease the number of bogus registrations you’re seeing. A good one I’ve heard of is Sabre.

    You might also want to read this good article by Lorelle discussing anti-spam techniques with WordPress. It’s from 2007, but the tools and tips are still very relevant.

    First things first, though, would be to delete these bogus users from your database. All they are is clutter … if they’re not real people, they don’t need to be there in the first place.

    • Are there any known vulnerabilities, related to registration? Not currently and not for low privilege accounts in the past.

    • Is it good idea to require registration for comments alone? No, as for me that only gives spam bots more ways to abuse your resources.

    • Why are they registering exactly? Who knows. Spam bots do a lot of strange things.