Dear Alec Smecher,
Thanks for fast reply, we check our system and we have only one admin account and we checked system accoding to Preventing Vulnerabilities in the OJS 3.3.0-20 - #3 by asmecher
In addition, we found another problem. We are using recaptcha_version = 2 for user security. However, we have detected that some fake accounts have been created. We could not understand how they can become members of the system by passing recaptcha_version = 2. Our system sends a validation email to this new fake user and since the email does not reach the recipient, the email system notifies us by email. I am giving some user details below. In config.inc.php, “Maximum number of days before an unvalidated account expires and is deleted
validation_timeout = 14” is selected, but these accounts are not deleted after 14 days, how can we solve this problem?
Thanks
Subject: Validate Your Account
From: QQQQQ editor@QQQQQ.com
Date: 2/14/2025, 8:34 AM
To: montetoombs5 Monte monte_toombs@orange.fr
montetoombs5 Monte
You have created an account with QQQQQQ, but before you can start using it, you need to validate your email account. To do this, simply follow the link below:
Subject: Validate Your Account
From: QQQQQ editor@QQQQQ.com
Date: 2/14/2025, 5:43 AM
To: janibeier74579 Jani jani_beier@gmail.com
janibeier74579 Jani
You have created an account with …
Subject: Validate Your Account
From: QQQQQ editor@QQQQQ.com
Date: 2/14/2025, 6:48 AM
To: taniacreason865 Tania taniacreason@yahoo.com
taniacreason865 Tania
You have created an account with…
