We use cookies to help make our site work properly and to analyze how our site is used. Some are optional, but none contain your personal information, and we don't use any for ads. You can view our cookies policy, manage your cookie preferences, or consent and dismiss this banner by clicking agree:

Agree
ExpressionEngine CMS
Open, Free, Amazing

Thread

This is an archived forum and the content is probably no longer relevant, but is provided here for posterity.

The active forums are here.

Unauthorised Members Registering

March 01, 2011 11:16am

Subscribe [2]

  • #1 / Mar 01, 2011 11:16am

    Peter-Stanbury

    60 posts

    Hi,

    I running EE with multisite manager:

    ExpressionEngine V 1.6.7 Build: 20090320
    Multisite - V 1.1 Build 20081024

    I have three sites:
    ComicaFestival.com (primary site)
    PaulGravett.com
    Escape-Books.com

    I have noticed a problem with spammers (I assume) being able to register and activate their membership - maybe 20-30 a day. Luckily I haven’t assigned any privileges to the ‘members’ group they are registering as, but it is very disconcerting that they are able to do so and activate their registration rather than be ‘awaiting activation’.

    Reading the user guide, I see that each site has a pre-configured membership login page:
    http://escape-books.com/index.php/member/profile/
    http://paulgravett.com/index.php/member/profile/

    I think I have managed to switch off the ComicaFestival site member login screen by accessing the ‘Admin > Members and Groups > Membership Preferences’ screen and setting ‘Allow new member registrations?’ to ‘no’.

    However when I switch to the other two sites and make the same adjustment, I cannot ‘update’ the screen. I receive the following error:

    “The following path you submitted is not valid:
    /content/HostingPlus/c/o/comicafestival.com/web/images/signature_attachments/”

    Could you explain to me how unauthorised visitors are able to register and activate their regisitration, and what I should be doing to prevent this.

    Many thanks,
    Tim

  • #2 / Mar 02, 2011 9:39am

    Sue Crocker

    26054 posts

    Hi, Tim.

    When you attempted to make the changes, EE looks at the paths for certain additional settings, and verifies they are correct. In this case, it’s trying to find the system path for Signature Attachments. You’ll need to correct that path.

    Where Am I? is an article I wrote that will help you figure out what your system path is.

    Does that help?

  • #3 / Mar 03, 2011 5:43am

    Peter-Stanbury

    60 posts

    Sue,

    Okay. I know my server location. No problem there.

    I guess what I was finding odd was why those setting had to be fixed at all. I have now updated all the settings in the Members section, and my change to the Membership Preferences was accepted. Hopefull that will now stop those spammers.

    Also, perhaps by default, EE shouldn’t allow new members registerations, so that administrators have to positively allow them. Just a thought.

    Many thanks, for your help.

    Tim

  • #4 / Mar 03, 2011 10:52am

    Sue Crocker

    26054 posts

    Hi, Tim. In recent builds of EE registration is turned off initially. It makes it easier, for sure. Think of those settings as a mother who checks her child to make sure their coat is buttoned correctly before letting them out of the door. 😊 More of a while you’re making changes, let’s make sure similar items are correct.

    Don’t hesitate to post again as needed.

.(JavaScript must be enabled to view this email address)

ExpressionEngine News!

#eecms, #events, #releases

© Packet Tide, All Rights Reserved. Legal Notices

Username

Password

Forgot password?
or Register