Hello all,
I just realized today that something has been spamming account creations on my wordpress site for quite awhile now. There’s quite a few accounts on there now, tens of thousands. I have shut off account creation, except for paying customers at the checkout and this stopped the account creation attack. I also have suspicions that bots are clicking ads going to my site, wasting my Google Ads money. I am using ReCaptcha, but it didn’t seem to be doing anything.
I’ve heard using Cloudflare is a good option, as well as blocking certain countries that a lot of spammers come from. Seen several other solutions in other posts, but I wanted to get a newer discussion going to see if anyone else has had recent issues with this.
My business is very small and I don’t know a ton about this stuff. Just trying to protect my site and not waste my ad money.
What is the motivation for these bot farms to target sites and spam thousands of accounts? Is there a financial incentive?
Any advice or suggestions are welcome.
[ad_2]
Cloudflare WAF rules.
Honeypot plugin.
https://wordpress.org/plugins/honeypot/
Never fails on me.