Thread

I’m the administrator for our companies EE 2.1.2 account. I received a email the other day with notification that a new member had registered. I don’t no this individual and completely unaware how he was able to gain access to our EE software infrastructure. No one else within our organization added them as a member. I proceeded to delete the membership only to have them register again today.

How would someone be able to gain access to our EE without knowing our login security info, and how do I combat this issue?

Thank you for your time.

If you didn’t change the member profile triggering word they’re probably just guessing at the URL to the registration forms.  You can also turn off member registrations.

Is there away to turn off member registration without affecting new member registration in the member group?

Thanks!

Sorry, I’m not following.  You can’t have member registration both on and off.

v3imaging,

We have a nice article by Lisa here that covers preventing registration spam.

EE Blog : Fighting Registration Spam

Also I can recommend the Securing ExpressionEngine2 by Mark Huot. It gives some great advice about locking down an EE site.

Thank You!

So v3imaging, is this enough info to assist in understanding what options you have?

Yes! Thank you for all your help.

Glad to hear. Feel free to start a new thread if you have any more questions.