How do I deal with this?

xarzu · #1 (**permalink**) 09-04-2010, 10:26 PM

Some "usermane" is requesting a "username" in my wordpress blog.

I did not expect this to happen with my wordpress blog. I do not know if it is just users stupidity or if it is spammers trying to break into my blog. Either way, it is something that needs fixing. Apparently people are trying to log in without registering.

I have been getting annoying email messages that say essentially:

Quote:

SoAndSo (SomeEmail@somewhere.com) has requested a username at MyWebForumAndBlog

h t t p : / / w w w . M y S i t e . c o m

To approve or deny this user access to MyWebForumAndBlog go to...

That is not exactly what it says, but you get the idea. Click here to see an actual message.

So I am guessing that what is happening is that someone just clicks on "log in" and then requests a password instead of clicking on Register. But there are so many of these messages that I have to wonder if this is a spam bot.

On the other hand, the message says it is requesting a username, not a password. So this is some sort of wordpress spam and trick someone is using where they are bypassing the normal login.

And it does not make sense. Think of it. Some "usermane" is requesting a "username". How do they do that?

howboutthat · #2 (**permalink**) 09-05-2010, 12:09 AM

That email is not from Wordpress. You can create an email filter so that you don't receive any email from that domain: arquemax.com

**HTMLBasicTutor** · #3 (**permalink**) 09-05-2010, 12:25 AM

While trying to find an answer to your question, found this:

Quote:

Sabre
Sabre is an acronym for Simple Anti Bot Registration Engine. It's a set of counter measures against spam registration on your blog

Sabre

**ScriptMan** · #4 (**permalink**) 09-05-2010, 05:31 AM

Not absolutely positive but I think you can rename wp-login.php to a unique name that only you know. This will prevent all unauthorized attempts. You may get a lot of 404 errors for the file name that you just ignore. Of course you have to remove the login link in the nav bar also.

If the wp-login script is written to call php_self this will work. I do it with many scripts. Worst case is that it does not work and you have to change the name back.

This may also be some type of phishing effort and if it is blocking the sender is the only fix.

mrsmarshah · #5 (**permalink**) 09-07-2010, 11:31 AM

I did a few searches and what I found out is that it is possibly a plugin trojan. You can check out this WordPress thread for more information. I hope you fix your problem soon.

xarzu · #6 (**permalink**) 01-27-2011, 03:04 PM

Quote:

Originally Posted by ScriptMan

Not absolutely positive but I think you can rename wp-login.php to a unique name that only you know. This will prevent all unauthorized attempts. You may get a lot of 404 errors for the file name that you just ignore. Of course you have to remove the login link in the nav bar also.

If the wp-login script is written to call php_self this will work. I do it with many scripts. Worst case is that it does not work and you have to change the name back.

This may also be some type of phishing effort and if it is blocking the sender is the only fix.

I like this idea.

I am going to give it a shot.

Quote:

Originally Posted by howboutthat

That email is not from Wordpress. You can create an email filter so that you don't receive any email from that domain: arquemax.com

Arguemax.com is my web site. So that idea will not work.

**ScriptMan** · #7 (**permalink**) 01-27-2011, 04:23 PM

Let us know if it works with WP. I know it does with many others.

xarzu · #8 (**permalink**) 01-31-2011, 01:40 AM

I found where the problem is. But I do not know how to fix it. It is not all about adding a new reCAPTCHA. It is about fixing another plugin.

ow Do I Fix This WordPress PlugIn Issue?

I am getting a ton of these automatic requests from “users” requesting username for my Wordpress forum.

http://i67.photobucket.com/albums/h292/Athono/this.jpg

I think these unwanted automatic requests are easily accomplished by this plug-in:

http://i67.photobucket.com/albums/h2...-inplugsup.jpg

I had thought that maybe there was something wrong with my Registration page but now I know this probably is not the problem. As a test, I commented out the registration button on my php login page and even after doing, I still get a flood of unwanted automated requests to register.

In fact, I found the php code in the plugin that sends me this dreaded email address:

Code:

function send_approval_email($user_login, $user_email, $errors) {
	if (!$errors->get_error_code()) {
		/* check if already exists */
		$user_data = get_userdatabylogin($user_login);
      		if (!empty($user_data)){
			$errors->add('registration_required' , __('User name already exists', $this->localizationDomain), 'message');
   		} else {
			/* send email to admin for approval */
   			$message  = sprintf(__('%1$s (%2$s) has requested a username at %3$s', $this->localizationDomain), $user_login, $user_email, get_option('blogname')) . "\r\n\r\n";
			$message .= get_option('siteurl') . "\r\n\r\n";
			$message .= sprintf(__('To approve or deny this user access to %s go to', $this->localizationDomain), get_option('blogname')) . "\r\n\r\n";
			$message .= get_option('siteurl') . "/wp-admin/users.php?page=".basename(__FILE__)."\r\n";

			// send the mail
			@wp_mail(get_option('admin_email'), sprintf(__('[%s] User Approval', $this->localizationDomain), get_option('blogname')), $message);
			// create the user
			$user_pass = wp_generate_password();
			$user_id = wp_create_user($user_login, $user_pass, $user_email);
			update_usermeta($user_id, 'pw_user_status', 'pending');
		}
	}
}

This function is mentioned in the php code as being associated with the register_post command:

Code:

	add_action('register_post', array(&$this, 'send_approval_email'), 10, 3);

So what the heck is a "register_post" command?

I do not like what this function, "send_approval_email" does.

I do not know how this "register_post" message is triggered. Apparently, it can be triggered directly to the server through a URL. THen all the captcha elements are useless as well as any agreements that the user needs to click on are also pointless. How can I add to this function variables that check to see if other items are clicked on in the other plugin?

xarzu · #9 (**permalink**) 02-01-2011, 05:45 PM

I have had some difficulty getting my web site set up the way I want it. It uses WordPress and BBPress. The WordPress uses a few plug-ins. The Plug-Ins do not work the way I want them to do and, after some investigation, I have come to the conclusion that I have to resort to doing some PHP programming.

I am a software engineer as a profession and so PHP would not be much of a challenge for me to grasp. Does anyone here know PHP programming?

For now, what I would like to understand is this. How can PHP set a global variable that can be sent from one web page to another and be used to allow or disallow things? http://www.php.net/manual/en/languag...bles.scope.php shows scope of variables and there is mention of global variables. But I am not 100% sure that this will work in the context of wordpress plugIns. If you set a global variable in one plugIn, can I access it in another plugIN?

moneyonlinesorg · #10 (**permalink**) 02-05-2011, 01:07 AM

One thing I can tell you from experience with wordpress, if you run a wordpress site, there are about 7 plugins you'll want at minimum to help secure it. They are as follows:

WP-DBManager by Lester 'GaMerZ' Chan
WordPress Backup by Blog Traffic Exchange
Login Lockdown by Michel VanDeMar
AntiVirus by Sergej Müller
WP Security Scan by Michael Torbert
Akismet by matt, ryan, andy, mdawaffe, tellyworth, automattic (optional if you have other content spam in place)
Bad Behavior by error, MarkJaquith, Firas, skeltoac

Those are baseline security for wordpress. Hope it helps.