Bots bypass Wordpress registration page

This article will help eliminate the overload of bot created users. They are spamming the registration process by directly posting to the registration url. Changing the default post variables will stop the default attacks, but can still be bypassed with a custom spam user attack. In that case you would need to change the variables again.

Open wp-login.php file and find...

        $user_login = $_POST['user_login'];
	$user_email = $_POST['user_email'];

Add an additional string to the variables like so...

$user_login = $_POST['user_login_123'];
	$user_email = $_POST['user_email_XYZ'];

Next change the following variables to match the string created above...

         <label for="user_login"><?php _e('Username') ?><br /><input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>

to...


<label for="user_login"><?php _e('Username') ?><br /><input type="text" name="user_login_123" id="user_login_123" class="input" value="<?php echo esc_attr(stripslashes($user_login)); ?>" size="20" tabindex="10" /></label>

And...

        <label for="user_email"><?php _e('E-mail') ?><br /><input type="email" name="user_email" id="user_email" class="input" value="<?php echo esc_attr(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>

to...

        <label for="user_email"><?php _e('E-mail') ?><br /><input type="email" name="user_email_XYZ" id="user_email_XYZ" class="input" value="<?php echo esc_attr(stripslashes($user_email)); ?>" size="25" tabindex="20" /></label>

Save

Was this answer helpful?

 Print this Article

Also Read

Stripe Payment Gateway Javascript Error in Wordpress Woocommerce

Error: Please make sure your card details have been entered correctly and that your browser...

Stamps.com Woocommerce Integration

With the Stamps.com WooCommerce Wordpress integration plugin, you can automatically create...

Powered by WHMCompleteSolution