Hi Joe.

DotNetNuke Version: 05.04.01 (26)

How to stop spam registration on an old DNN installation.

Countless registration, and then a failed auto-responder mail on a daily basis.
Managed to stop this on later model DNN with the Captcha on registration.

Are there any Captcha feature for DNN 05.04?
Can it be installed?


Cheers


Olle...

I believe that captcha may have become problematic, as I have read numerous remarks recently.

Certainly, the best approach is to update your DNN installation to a modern one. I have also see reference to "re-captcha" but don't know anything else.

One choice is to make resgistration private. Or at least verified.

Finally, if the registrations are coming from a well defined set of IP addresses, you can stop those at the firewall and/or IIS step.

Thanks Joe.

There's a bit for me to work and follow up for me.

And yes, I was afraid you should suggest an upgrade, the website is due for total renewal so that would be saving useful data and then clean out and reinstall.

Where do I set the registration criteria in DNN 05.04?


Thanks!!! Have a great one...


Olle...

It's on the Site Settings page, somewhere. It's moved around but look for "Security" first.

Yes I found the registration settings under “Site Settings” as you suggested Joe.

I also received the following DNN article through my Resellers Choice support team;
http://www.dnnsoftware.com/communit...istrations

Once in there though, I realised that it wasn’t any of the health sites that generated the spam registrations. (Despite the website title “Natural Health, Herbal Remedies”)

The website that generated the spam was a later model of DNN, and as such had the Captcha available. Again your suggestion was correct Joe, and the spam continued even after activating capture.

Seems like the “Captcha Crack” was already a built-in function in this particular spam program.

I then proceeded to set the registration criteria to “verified”. This probably stopped the registrations, but I still get a row of notifications from the auto responder about failed mailing.

I will have to change it again to “Private”, or in case that doesn’t work have to go for the option of remove registration “None”.

It’s a pain, but I guessed is not much to do about the idiots out there making life difficult for us.

Thanks for your help - and have a great one.

Olle…

One more little question;

Now I have over 100 false registrations on the website, are there any easy way to remove these users from the system?

Cheers


Olle..

Olle,

You could go through the Users table and mark them as unauthorized. That will prevent them from logging in.

But there's not an easy way to manage this outside of the database.

Thanks Joe.

But it wasn’t about hundred registrations, second-look can I found it was hundred and 14 pages of registrations.

Deleting them is a tedious two-step process……..
All the way to change the “Delete” and then “Remove” actions into one?

But “Unauthorize” seems to be as messy, and about the same amount of time.

The real option here seems to be to get onto the database?


Just for a bit of information here, the website is mepys.com.

Once I figured out what website that was targeted by the spam, I activated the captcha on the site. This had no effect at all, spam registrations came through as fast and totally uninterrupted.

Obviously a scanning of the captcha was already built-into this bug.

I then tested both verified user registration, and private use a registration, neither of these settings seem to have much effect either.

I eventually put the user registration to “None” and that stopped the registrations.

Cheers

Olle..