Specs: Latest version of everything
Joomla 1.5.23
CB 1.4
CB Captcha Plugin 2.3
I am getting KILLED with keyloggers. I have ALL the security loaded I can think of. Accounts are able to register (But at least they cannot verify). I have captcha installed, I have securityImages installed for virtueMart. I had Cedric (At SecurityImages) check it out and we verified that the accounts are coming in through CB registration.
Here is a screen shot. It shows duplicate names (see highlighted).
Can anyone please shed some light on how to kill this?
Please PM backend login credentials and will take a look. Don't see how they're getting past the captcha image at registration unless they're human bots, which there is absolutely no deterrent for. CB Captcha with captcha enabled at registration eliminates most if not all automated bots. It's possible you may need to setup a trap field, which I can assist you with if necessary.
Kyle (Krileon) Community Builder Team Member Before posting on forums:
Read FAQ thoroughly
+
Read our Documentation
+
Search the forums CB links:
Documentation
-
Localization
-
CB Quickstart
-
CB Paid Subscriptions
-
Add-Ons
-
Forge
-- If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
-- If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please
send me a private message
with your thread and will reply when possible!
-- Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
-- My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Have reviewed your installation and Joomla registration was still enabled. In addition to that Joomla registration required no approval and no confirmation. This is likely how spammers were registering on your site. I've disabled this for you and configured CB registration to be independent of Joomlas thus closing the back door registration. Please let me know if you continue to have massive spam registrations as in most cases they do not target CBs registration. In addition to that CB Captcha has 2 layer protection against automated spam bots that'd stop their registration. This will NOT stop manual bots (humans) from registering however.
Kyle (Krileon) Community Builder Team Member Before posting on forums:
Read FAQ thoroughly
+
Read our Documentation
+
Search the forums CB links:
Documentation
-
Localization
-
CB Quickstart
-
CB Paid Subscriptions
-
Add-Ons
-
Forge
-- If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
-- If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please
send me a private message
with your thread and will reply when possible!
-- Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
-- My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
Ahhh..This is what I was afraid of. When we do that while using VirtueMart, it disables the new user creation: "User registration is disabled, it must be enabled in order to proceed." Is now the error I get when I run a test checkout.
You'll need to use the incubator project CB VirtueMart to keep your users in sync. You won't be able to use VMs login or registration as that again presents another back door login. Essentially you've 3 logins and 3 registrations on a single installation. That makes it easy for spammers to sneak in. VM and Joomla would need disabled with CB using the virtuemart incubator project to keep your VM users in sync.
Kyle (Krileon) Community Builder Team Member Before posting on forums:
Read FAQ thoroughly
+
Read our Documentation
+
Search the forums CB links:
Documentation
-
Localization
-
CB Quickstart
-
CB Paid Subscriptions
-
Add-Ons
-
Forge
-- If you are a Professional, Developer, or CB Paid Subscriptions subscriber and have a support issue please always post in your respective support forums for best results!
-- If I've missed your support post with a delay of 3 days or greater and are a Professional, Developer, or CBSubs subscriber please
send me a private message
with your thread and will reply when possible!
-- Please note I am available Monday - Friday from 8:00 AM CST to 4:00 PM CST. I am away on weekends (Saturday and Sunday) and if I've missed your post on or before a weekend after business hours please wait for the next following business day (Monday) and will get to your issue as soon as possible, thank you.
-- My role here is to provide guidance and assistance. I cannot provide custom code for each custom requirement. Please do not inquire me about custom development.
krileon
