Support

Admin Tools

#18019 Spurious User Accounts being created

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 01 November 2013 04:22 CDT

Thursday, 31 October 2013 18:50 CDT

user78646
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? YES
Have I searched the tickets before posting? YES
Have I read the documentation before posting (which pages?)? YES
Joomla! version: 3.1.5
PHP version: 5.3.26
MySQL version: 5.5.32-cll
Host: serversinseconds
Admin Tools version: 2.5.8

Description of my issue:
Hi there, I was having problems being hacked whereby my users were being continual'y renamed to 'mca' and passwords changed. I installed your Admin Tools and this seems to have been resolved but I get daily 'security exception messages' - even though i have included these IP's in the blacklist which I thought would resolve this. Is there anyway to to setup to ignore the 'security exception' message for those IP's already entered in the blacklist?

Now I have a different problem. This morning I notice that a number of spurious accounts had been created. Obviously this is now someone else trying to get in via other means. I think I have all the security features turned on, but I would be happy to pay you to look at the site personally to check that everything is setu as it should be.

Many thanks
Regards
Dave

Friday, 01 November 2013 04:22 CDT

nicholas
I believe that you forgot to enable the blacklist in the Configure WAF page. By default the blacklisting feature is disabled for performance reasons: IP white- and blacklist checks require one additional database query each. If you are not using these features (like most of our clients) it makes no sense taking the performance hit of these extra queries.

Regarding the spurious users, I wouldn't worry too much about it. Joomla! allows you to register new users as long as you know the URL you have to submit the form. Even though these users are created they are a. simple Registered users which do not have administrative privileges on your site and b. not activated, as the automated program which created them cannot validate the (fake) email address. You can't stop that from happening unless you disable user registration in your site's back-end, Users, Options. But it's nothing to worry about, anyway.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!