Membership Plugin

WordPress Membership Plugin

  • Home
  • Documentation
  • Addons
  • Support
    • Quick Setup
    • Documentation
    • Premium Addon Support
    • Paid Support
    • Support Forum
    • Support Forum Search
    • Forum Login
    • Forum Registration
  • Contact

[Resolved] Spam registration forms whilst l have google captcha code addon installed

Simple Membership Plugin › Forums › Simple Membership Plugin › Spam registration forms whilst l have google captcha code addon installed

  • This topic has 9 replies, 5 voices, and was last updated 3 years, 7 months ago by The Assurer.
Viewing 10 posts - 1 through 10 (of 10 total)
  • Author
    Posts
  • February 16, 2022 at 6:15 am #23622
    BevinDev
    Participant

    We have a simple membership plugin and the google captcha for the registration forms, problem is we getting spam on registration forms for the membership levels . All plugins are up to date and WordPress is also latest, why are we getting so much registration spam?

    February 16, 2022 at 6:53 am #23624
    admin
    Keymaster

    The user registration maybe coming form another source. For example, the default WordPress’s user registration system or you may have another plugin on this site that allows user registration.

    Please enable the debug logging feature in our plugin which will show if the registrations are coming from our plugin or not and if they are completing captcha or not. That will be a good starting point to investigate this.
    https://simple-membership-plugin.com/enable-debug-logging/

    Also note that you can still have humans who manually submit a registration form for spam purposes. The captcha can’t block humans who is coming to your registration page and submitting the form correctly. The captcha blocks a spam bot from submitting it.

    February 16, 2022 at 8:56 am #23627
    BevinDev
    Participant

    WordPress Registration is disabled under settings -> General -> Anyone can register is not enabled.

    Wordfence l have blocked the xmlrpc.php file not to allow remote form posting via APIs and also blocked form not having POST in the headers.

    I have enabled debugging on my website [primequest.co.za]

    February 17, 2022 at 7:49 am #23629
    admin
    Keymaster

    I have replied to your email ticket. You can send us the log file there so we can take a look.

    November 30, 2022 at 10:55 am #24828
    marie21
    Participant

    Hello,

    Since around the beginning of 2022, I have also had the phenomenon that “spam” registrations keep coming through the membership registration form.
    The google catpcha protection is up to date and registering without ticking the captcha does not work. Means captcha does its job. There are no other registration options (no comment function or similar)

    Are there really such “geniuses” who enter this manually?

    Did you find out anything about the phenomenon with the debug log?

    Thank you for your brief update on this.

    December 5, 2022 at 11:41 pm #24842
    herrMartin
    Participant

    Had the same problem. Also with deactivated wp user registration.
    the only workaround I found was cleantalk with country blocking. the site is just German and the spam came from China, Russia, Belarus mainly – this helped a lot … unfortunate I have another site where I’m planning to use simple membership -at the moment it is on Patreon and I have paying subscribers from these countries ….

    It would really help to have an flow like
    fill the register form – pay with PayPal/stripe and after receiving the payment the “real account” will be generated.

    December 5, 2022 at 11:46 pm #24843
    herrMartin
    Participant

    btw. an alternative more elaborate hack if you have a vps / root access to the server would be fail2ban, a paid maxmind GeoIP2 subscription for a more uptodate database and then an countryblock build with this. not really trivial and more expensive.

    December 7, 2022 at 2:17 am #24857
    admin
    Keymaster

    Using recaptcha option should solve this. I think you are not using recaptcha due to GDPR related reasons. Have you checked out the recaptcha enterprise option? Their description says that it handles GDPR also.

    We have an integration with recaptcha enterprise (if you wanted to try that option):
    https://simple-membership-plugin.com/simple-membership-google-recaptcha-enterprise-option/

    December 7, 2022 at 9:19 am #24858
    herrMartin
    Participant

    If your site is well ranked in google with a topic spammers love, reCAPTCHA makes not much difference.
    There are services like 2captcha.com, they pay real people to solve captchas and even providing an API to their spamming customers. I would be extremely interested in a better solution than reCAPTCHA and the country blocking I’m doing right now.

    December 8, 2022 at 1:11 am #24860
    The Assurer
    Moderator

    @herrmartin — You can always charge a minimal amount, like $1 for registration. That will cover the cost of processing the PayPal transaction.

  • Author
    Posts
Viewing 10 posts - 1 through 10 (of 10 total)
  • You must be logged in to reply to this topic.
Log In

Please read this message before using our plugin.

Search

Featured Addons and Extensions

  • Membership Form Builder Addon
  • Member Directory Listing Addon
  • WooCommerce Payment Integration
  • Member Data Exporter Addon

Documentation

  • Documentation Index Page

Copyright © 2026 | Simple Membership Plugin | Privacy Policy