The launch went better than expected, but a few days later people were registering on the site, which would have been great, except that there was no registration form on any of our pages.
At first I jumped to the conclusion that people were hacking their way in through a 3rd party component. After updating everything I could find to update and installing extra security measures, the solution made me feel really stupid.
I was checking the links to this site when something caught my eye. There was a url from the recent site ending in:
If you have some kind of 3rd party sef extension the url maybe something different, or:
As I never really use the frontend login I completly forgot that it is a component and unless it's switched off in your global configuration, people can sign up to your site.
Global Configuration => System => Allow new user signup........NO
I hang my head in shame and refuse to tweet this post!
You can get the Joomla for Dummies book for half price at the moment in the UK Click here!