I have a small site with about 400 users. I have recently purchased CBSubs and am getting ready to launch it. At the same time, I installed a component by Joomla Customs called CB Store which allows users to sell downloadable products (though my users might be selling a physical product). I noticed that I have suddenly been getting a rash of spam registrations, and read on another post how they can escalate even to the point of affecting my CBSubs limitations. I couldn't figure out how they were getting in since I have the captcha installed, but they are at the rate of 20-30 a day and increasing. I also tried installing Spammer Blocker (Fly06) - but that hasn't stopped them either (Though I am getting an error that the server isn't being accessed. I don't know if that's a bad setting on my part, or something on the software's part).
Then, today, I noticed that these spammers - who are never approved or confirmed - are somehow adding products to the profile store. I presume this is all done through some script or robot? (I know nothing of how these people work). So I have temporarily unpublished the store, but am wondering if there is something I can/should do to stop this. Do others who have the store have this problem? It's very frustrating, especially since I've had few problems with this in the past. The store option is very valuable to me and I'd like to keep it. I currently have it set with monies going through me, so they wouldn't get anything anyway, but it's rather time consuming to go in every day and delete all of this junk, not to mention the worry that they are also accessing things that should be locked down. Suggestions?
Sounds like you have people hitting your Joomla registration form.
If on Joomla 1.5 you need to disable registrations through the global configuration parameter.
(the never approved or confirmed information leads to this conclusion).
BTW - You can manually delete these users from your CB User Manager backend.
And you can use CB Captcha to help the CB registration form stop robot spammers (human ones can still get through of course)
Yes, I'm on Joomla 1.5.23. I did have registration on. It seems like I had it on for a reason at some point. It's been so long, it may be something I no longer use. It does seem as if once I turned the CB Store off the spamming stopped dead, so there may be something to do with that. The spamming stopped before I turned registration off. I'll post about that over at Joomla.org.