We keep getting masses and masses of spam registrations (not email) and I was wondering if anyone knows a way to stop this. We disabled registration but it still keeps happening.

First Name xanax 05mg
Last Name cdbwvcbgdndmlchadles
Company Name qqyuvcbglspnwqkrtlxw
Email Address uoaddpf@mfeed.com
Address 1 zbjldqmhbqzsgynbaphl
Address 2 hxzdnjvgvsdvtmgxdsef
City NY
State NY
Postcode 10029
Country AX - Aland Islands
Phone Number 32961

Is an example of what we are getting.

These settings may help you.

1) WHMCS admin panel -> Setup -> General settings -> Other -> Allow Client Registration.

2) Setup -> Banned Email

3) Setup -> Banned IP

4) Setup -> General Settings -> other -> Enable Captcha Form Protection.

5) setup -> Custom Client Fields -> Ceate a filed and make check "Required Field" and "Show on Order Form".

6) setup -> Fraud Protection

That looks like a bot that's hitting the registration submission page directly instead of going through the WHMCS site page to sign up. You should bring this to the attention of the developer, in case there's a hole in the checking process allowing this.
If it hit one, more will follow...

Just curious... What version of WHMCS are you running?

These settings may help you.

1) WHMCS admin panel -> Setup -> General settings -> Other -> Allow Client Registration.


That's your best option to fix this issue!

If you check your httpd log files, you'll then see they are trying mysql injection attacks.

Just curious... What version of WHMCS are you running?

We were running 4.0.2 now we are running 4.1.1 and it is not happening (or at least its not happened for 1 day but that does not mean its stopped)

Check the IP, block it on the server from the firewall. Alert WHMCS developers with logs etc so they can put a stop to bots from submitting the forms.