Hey, I have a general question.
Ever since I put up my drupal site I've gotten a horde of bogus users registering for the site. Sometimes hundreds a day. They are obviously done with a bot. I've done a bit of searching on the topic and I've discovered that it is a fairly common problem with Drupal, but I can't seem to figure out why anybody would bother.
If I was allowing some sort of comment section, I could see a value for leaving spam and SEO, but I don't. And if the site sent out registration emails conceivably if these were legitimate addresses my site could be blocked, but I don't.
Honestly it seems like a pointless waste of time. But I'm curious, does anybody know why someone is doing this?
Comments
=-=
bots don't discern by what they can or cannot do. They find a registration page and it gets filled out. Beyond that spammers whether bot or human don't know that they don't have any special access until registration is complete. After all if you are registering users and providing a login, there is likely some benefit to that action.
thanks. I kind of suspected
thanks. I kind of suspected as much.
Is there some sort of guide or something for best practices in dealing with this kind of thing?
=-=
if you've no need for users to register to the site, disable registrations.
you can also look at modules such as honeypot.module, adding a captcha and so on.
Thanks....
I'll do that, plus I just found this page, which looks useful.
http://groups.drupal.org/combating-spam-and-bots