For some reason I keep getting strange customer accounts into my Magento installation. I recently did a fresh install, so I am on version 188.8.131.52.
- I have changed the Admin URL
- I have blocked the downloader folder in .htaccess
Still I am getting these accounts. The email addresses all end with .ru.
What else can I do to stop this?
Solved! Go to Solution.
You can try following,
1) Inform your hosting provider to scan your application for any viruses or Trojans.
2) Check the Magento files and folders permissions once and set those to recommended one.
3) stop using FTP, use SFTP instead.
4) Do not use Magento default admin url.Use a custom url for the admin panel access.
5) Change all the user names and passwords for the cPanel,FTP (better do not use it).
6) If you worked with some third party for development work on your Magento installation then change all user name and passwords. Also change all the admin access granted to them.Any users created for SOAP and REST api access.
7) Add IP restriction to your Magento admin so that it can be accesses from a particular ip address only.
8) Restrict your files under following location from being visible publicly by accessing in browser url.
9) Enable captcha on customer registration form.
10) Also visit https://magento.com/security
Try above mentioned point and see if it help you or not.
Nope, I have already been through all this. Still getting about 10 new .ru accounts per day
I'm not sure if you considered this but maybe the users (or bots) register for an account from your website's frontend?
There's a Registration or Create An Account page with the URL "/customer/account/create/" at your website's frontend which allows anyone to register for an account.
If this is the page they register for an account, you can try to prevent bots from auto registering for an account by enabling CAPTCHA in your Magento Admin --> System --> Configuration --> Customers --> Customer Configuration --> CAPTCHA.
Do make sure you select "Create user" under "Forms" for the CAPTCHA to be used in the customer registration page.
You should check MageFence extension http://www.extensionsmall.com/mage-fence-security.html
One of the features is " Send email alerts about suspicious activities - changed files, brute force attacks and unauthorized users."
I believe I have it solved now. I did make a bunch more changes, so I am not 100% sure which one fixed it, but I think the customer CAPTCHA was not setup right, which it is now, and I get no more of these funny accounts.
(with .ru accounts I meant that the email address ended with .ru)