fish911

Hey thanks for the response, infopro and SiteOx I do currently have reCaptcha enabled. I've been reading over the threads suggested above I've yet to finish them but from what I've gathered so far is someone / some script is using an out of date SQL injection, I figured I might see some of this behaviour when I reviewed the query strings =? equals some number or something close. I did add a security question although I'm not sure if that will make any difference. it's seems the guy / script " DMASTERPIECE " has been doing this for quite sometime. I will continue reading the threads suggested above and see what I can do to over come this issue, I'm completely open to suggestion and really appreciate them. Thanks for the response

Hi First let me say if this is posted in the wrong location , please advice me of the correct thread and I will repost the topic.. I'm new to whmcs, my problem is I have been getting lot's of bogus accounts being made since last night, as soon as I remove / delete the account and block the IP another one or two is created.. I have my settings set to purchased must be completed before a new membership can be made. How can I prevent new accounts from being made? They are using emails and usernames such as Email Address: whmcs0day@gmail.com Password: whmcs0day@gmail.com Also user-names such as 404/403 I read as much as I could about this and learned it's some kind of man in the middle? Trying dump my account holders CC information? Can someone please tell me the steps or point me in the correct direction to prevent this 0-day attack crap. I really need to prevent this and protect my clients data Thanks for any help in advance Fish911