I have a simple registration form on my site...
http://livefitrevolution.com/?page_id=656
...and I just got notice from a user that within 2 hours of registering with us, she has been hit with a ton of spam. I searched the forums and could not find anything on this subject specifically. How is someone getting hold of the email addresses of my users and what can I do to prevent it? Thanks...
Jason.
This hasn't been reported by anyone. There is no way for anyone to get the emails unless 1) your web site is compromised and someone has access to it or 2) your database is compromised and someone has access to it.
I wouldn't assume because they filled out that form and they are receiving spam that it is somehow related to Gravity Forms. There is no way for anyone to get to the data unless they have access to your server and database. That is the only place that data collected resides.
Carl...thanks for that. No one else has access to my database or server. I am a one-man operation. I have not done anything to secure my WP install, so I guess I need to look into that. Any suggestions? Thanks.
Only suggestions are to us strong passwords for both your database user password and your FTP passwords. Strong being long with upper and lowercase, special characters, etc. Password generators are useful for this.
As for your WordPress install, create your own admin account and always delete the actual "Admin" user account. This makes it an easy target for hacking if there is an account with the username "Admin". Also make sure your admin access accounts have strong passwords.
However, my first impression is that the user is incorrect and their issues with spam probably have nothing to do with submitting a form on your site.
Awesome. Thanks for the suggestions.
