- This topic has 1 reply, 2 voices, and was last updated 2 years, 2 months ago by
.
-
Posts
-
Hey,
we are facing automated SQL injection attempts on the affialite registration page. This is evident by new registrations that have values of “-1′ OR 2+154-154-1=0+0+0+1 –” for e.g. the city field, or “1-1 waitfor delay ‘0:0:15’ –” for a custom field. As soon as we delete the affiliate application, a new affialiate is registered with same credentials except for the fields that have SQL injection related values. These new registartions are automated, since it only takes a second for the new application to pop up.
We disabled the registration from front-end, however this won’t help. The attacker is still able to create new registartions. How do i prevent the attacker from creating new registrations?Hi, Have you tried this: https://wpaffiliatemanager.com/affiliates-manager-google-recaptcha-integration/
- You must be logged in to reply to this topic.