This is not always due to a hack, mostly, it is a site administrators failure.
I have had a spate of new Users appearing in my User Manager.
I am the only authorised user on my sites (Super User) - so how do these idiot spammers get in; and how to block them in future?
I've received email messages from my website, telling me that a new user has registered.
1. There is no user registration form on the website
2. These appear to be hacks
The symptom checklist is as follows:
Did you turn off New User Registration in the Options of User Manager? Since J3.4.0
The User Registration option is switched OFF by default for new Joomla installations
If you have upgraded from an older version then you've to change it yourself:
On all joomla installations, unless the module code is deleted, the Registration Form is still there even when you don't have a menu item pointing to it. Spam bots are preprogammed with the non sef link to the module (likewise for drupal and wordpress targetting bots)
In Users > User ManagerClick on [Opt ions] (on the right)
on [Component] tab set "Allow User Registration" to No.
If you require users to register but want to cut down on the bot registrations, then on a normal site it is good idea to be using#
the self activation part as a lot of bots use fake addresses and wont be able to confirm their registration.
you can set new registrations to "public" which means they think they have registered but cant do anything until you raise them to registered level.
you can set new registrations to none/disabled
It helps to have captcha installed, meaning one more hurdle for bots and spammers to go through.