Block any sign up | ww.wp.xz.cn

Resolved jscheid
(@jscheid)

5 years, 1 month ago

Hi,

I was wondering if it was possible to block any new accounts on WordPress? Even after I have “Admins require 2FA” activated, new users can register admin accounts without 2FA.
I have the setting “Anyone can register” turned off, so I guess there is another way of adding new users that I don’t know of. I don’t want any other users (no matter their role) out of the system.

Any help would be appreciated.
Thanks!

Viewing 1 replies (of 1 total)

Plugin Support wfpeter
(@wfpeter)

5 years, 1 month ago

Hi @jscheid,

Wordfence mostly keeps an eye on invalid username sign-ins, brute-force attempts or alerting you of admin activity such as logins from new locations/password reset requests.

User account creation is handled through WordPress itself or third-party membership/commerce plugins, but I would ensure WordPress > Settings > General has “Anyone can register” unchecked along with Subscriber (rather than Administrator) being the “New User Default Role”.

It may also assist against the creation of spam accounts to enable reCAPTCHA on login and registration pages: https://www.wordfence.com/help/login-security/#captcha-options

I hope that helps you out!

Peter.

Viewing 1 replies (of 1 total)

The topic ‘Block any sign up’ is closed to new replies.

Tags

1 reply
2 participants
Last reply from: wfpeter
Last activity: 5 years, 1 month ago
Status: resolved