Osclass is Registering Spam Users Without user-register.php file

Osclass is Registering Spam Users Without user-register.php file

Osclass is Registering Spam Users Without user-register.php file.
Recently I have noticed that my osclass sites had registered 20-30 thousands spams users.
I tried all spam plugins, captchta solutions. It did not stopped spam registration.

Finally I have removed user-register.php file from theme folder. I have schocked. It is still registering spam users.

How this is possible without user-register.php, it can be registered?

Removing user-register.php doesn’t help, spammer can still make post request.

List the plugins and theme with versions you are using( Active while you are getting those spam registration).
Your site url?

site : www.antalya-dolphinarium.com/index.php / uses osclasswizards 2.0 theme uses

current plugins installed :
Bread crumbs
Cookie Consent
Embed Youtube videos
Google Maps
Multi currency
Open Graph
Simple Social Share
Better Sitemap ( your plugin )
Google Image Sitemap

Update : I have disables / removed all plugins, I have changed to Shopclass theme and entered captchta codes on theme dashboard.

I am still receiving spam registration.

Changing theme will not help if it’s something related to Osclass, Can you share access logs,
specially at the time those accounts are registered.

https://gofile.io/d/QW9DwW you can download latest logs hosting stats show,
If you want, I can give DIRECTADMIN / Osclass password and you can inspect / check…
It is really strange this.

https://gofile.io/d/djLz6P this is also DEBUG error records of today!

Hi navjottomer,
did you able to check?

I checked it, your debug errors are fine but access logs are showing POST requests made to your site. Need more time.
BTW deleting user-register.php will not help as Osclass will use gui folder to find user-register.php.

This problem I am facing with my all Osclass sites(15), access logs of all of theme are showing POST requests. What does it mean?

I want to remove all Osclass sites. What to do in this case?

I found source of problem I guess,
I was checking database tables, bottom of database I see a table different than usual Osclass table names.
I have removed it and now spam registration stopped.
Sorry I had forgetten to take a secreenshot of this table!

How this is possible, I can not understand. Can an Osclass expert comment about this?

What I checked, that osclass was functioning fine. I couldn’t found the way to bypass recaptcha in any recent version of osclass.
It may have something to do with your installation. Any script which has access to your database can bypass the osclass inbuilt security.

I found database secreenshoot, bottom there is a table " sph_counter ",
I suppose that this is not related with oclass.
After removing this + an another similar named table in the middle ( I do not remember name ), spam registration stopped.

sph_counter is safe, created by shopclass theme for Sphinx Search Engine

xevil + xrumer breaks recaptcha, you need to close user profiles from indexing and use a hidden field during registration to drop bots.