I’ve had a couple of webmasters contact me recently, concerned about unexpected emails announcing unexpected user registrations on their sites, so I thought it might be worth a quick post here explaining things.
In most cases, this is happening because of spam user registrations. While this can be a nuiscance, it isn’t really a major cause for concern. Users (and spambots) can only register as subscribers (unless you’ve deliberately set things up differently), so they don’t have any admin privileges. I have heard it said that if a site was going to get hacked, it may well come through a spam user, but I don’t know if that’s true tbh. However, it’s easy enough to get rid of spam users if you want to. First of all, head over to ‘Users’ – ‘All Users’ and delete any users that you don’t want – make sure you leave all your lovely contributors’ accounts – plus our iChurch support one – intact, though! Then you have two options:
1. If you want people still to be able to register, you can install a plugin that will help to reduce the spam registrations, or
2. If you’re happy manually adding any registrations that are genuine, you can just deny permission to register at all from the outside. This is done by going to your General Settings, where you need to deselect the box next to ‘Anyone can register’ – simple as that!
Here’s a post from the WordPress forums explaining what is going on: http://wordpress.org/support/topic/whats-the-point-of-spam-user-registration, and here’s a really helpful geeky blogpost on how to address the issue: http://www.probloggingsuccess.com/combat-spam-user-registration/.
I hope that all helps – happy spamfighting!
- You must be logged in to reply to this topic.