I have been combating for the past few days now users that are being injected into the site. I am running 4.1.3 .

The website is

http://www.revans-legacy.com

Any help would be greatly appreciated.

Disable recapcha and quick registration via facebook.

Use Q&A instead.

I had q&a at first when it started happening thought rechaptcha would be better. Seems they are injecting fake users.

The ips they are using dont match google analytics. Half are russian and half are india with some france. Yet i have no hits from thos countries.

I reinstated the question and disabled facebook.

These are fake accounts 100%

--------------- Added 1303245243 at 1303245243 ---------------

Bump... they are still getting in.

I cant figure it out. Ive done what u suggested and still no dice. 2 more just made their way in.

You're using the stock 1000% completely use Image Verification, you need to use Q&A.

rechaptcha is broken/hacked since half a year at least! Google for "recaptcha broken" to find out more.

There is plenty of exploit code around. Use something else....