Why are bots able to activate the account even after installing the plugin?

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #101515
    An
    Guest

    Hi,

    I’m having a strange issue where I’ve installed the plugin, and it’s working nicely, user need to verify via email to complete registration.

    However the strange thing is I keep getting spam registrations with random usernames like vsfwokpersfsl with some made-up email, and the status is Verified !!

    Is it possible that the verification process is hackable by bots? Any thoughts? I think these spam registrations are done by bots, and I doubt that the email addresses are real.

    Can you please help advice?

    Thanks!

    #101516
    Zohaib
    Participant

    Hi,

    Actually, one of the major use cases for the plugin is to stop such bogus registrations. It is not possible to skip / workaround the verification process as each user get’s a uniquely generated link in their email for verification.

    Are you using the standard WooCommerce / WordPress registration or a plugin?

    Here are a few options you could try to enable in the plugin’s settings:

    General > Block unverified login
    General > Current registered users > Verify accounts for current users
    General > One-time activation link > Enable

    Under the Compatibility options do check if you have enabled compatibility with any other plugin.

    Please let me know if you continue having trouble with this.

Viewing 2 posts - 1 through 2 (of 2 total)
  • You must be logged in to reply to this topic.