by admin » Mon Mar 23, 2015 2:54 pm
hello, the Spam users usually do not come through VM or OPC registration. They usually find an extension on your system such as com_users (joomla core registration) or Community builder or else, towards which they send data that can automatically register the user.
OPC redirects and closes connection if the captcha is enabled and thus no additional code is triggered after this. I cannot say the same for Joomla core registration.
Further more, it's quite popular in low income countries to hire real persons to do the spam registration and such no captcha would help you. They usually try to build backlinks from your site or get a list of your registered users if the system allows it.
i suggest to investigate the Apache Access Logs and PHP access logs to see through which part of the system, they register. Or just add a POST/GET capturer for 24 hours that would build logs of what data does the attackers use. (24 hours can easily cause 200gb of POST/GET data on a visited site, so you rather have a separate HDD or partition for this)
Because VM is known to cotain a few security issues, it's recommended to update it to the latest 2.6.x or 3.0.x branch, the same is true for all Joomla versions.
Secondly - which captcha are you using? is it of type "captcha" within the joomla plugin management, or is it just a "system" plugin? I would suggest to try the core captcha for this (it's recaptcha as well)
Best Regards, Stan