ty and good day
i have a abnormal fake of user registrations


1)I have a problem I noticed that the httpdocs folder is a file named appeared cookie.txt
  (# Netscape HTTP Cookie Files
# curl.haxx.se/rfc/cookie_spec.html
# This file was generated by libcurl! Edit at your own risk.

# HttpOnly_.5-plus.sklep.pl TRUE / FALSE 1477551714 13042af98805856547e5b971fdea067b DzH% 2FLM0pkpAcNmgtSFkkScnhVyPFgYxjZ2inpPLaQmBSDbgxc8kBGgD5ttB3vBH1iLHHTv0Jb3CkQyTU9vMo% 2Fhhve1ia9QZOBE1ohYWn2GrSF3L79T9nrg2e0VMng5qO6d0rPfIRsRJYb0mYPHklMdsfZ2JOGrV4HAiegpE% 2BI% 2BQ% 3D000115)

2) on the side of users I found remarkable recordings false accesses (performed by some script)

3) some of these create groups

HI.

Thank you for contacting us.

1. httpdocs folder is part of your server files structure. It's not a part of JomSocial or Joomla!.
So please, contact with your hosting provider for further assistance regarding this issue.

2. If you have issues with bots that create fake accounts - try to enable reCaptcha. No bot can pass it.
But if still fake accounts will be created it may mean two things:
- accounts are created manually by human... and you can't do much about it. You may use IP blockers to register and block IP used to that account creation. There are a lot of IP blocking extensions for Joomla!
- or your site was hacked and user accounts are created by SQL injection - data is injected straight into database.

3. If they create groups it may mean that they are humans... not bots.

Nevertheless we can't help you much in this issue as it's rather site security and administration. You may purchase Admin Tools Pro to better monitor your site.

2.

1) I had already enable reCaptcha and put access to be authorized by admin

2) I have included in the registration obligation phone number, but I still find recordings without number filled

3) I'm trying to figure out if SQL injection (obviously my request was just to understand your experience about and understand something in more)

HI.

There is one more option.
This still may be bot and your site is NOT hacked.
They just use Joomla! default registration URL:
www.sole-social.com/index.php?option=com...rs&view=registration
So they bypass reCaptcha and all JomSocial fields.
You need to enable JomSocial redirection plugin. Enable in it registration override... and configure landing points for logging in, logging out and failed login (make sure you do that correctly and not set as failed login land page that is available for logged in users only).

ty Michal

i have do... i wait time for know if kill or not user fake... :-)

I am having this issue with JomSocial 4.4 just updated. I have recaptcha enabled. I have 2-3 'fake' ones per day.

Hi, Clint.

Thank you for contacting us.
This may mean that bots are using Joomla! default registration page.
Please, enable and configure JomSocial Redirection plugin and set it to override J! default registration.

It also may be a human user that create fake accounts. Try to use J! extension for IP blocking.

Where does one find this plugin?

HI, Clint.

In Backend -> Extensions -> Plugins.