August 13, 2019 by Jason Flaherty

Quick Effective Fix for Drupal User Spam Accounts

I’ve used Drupal for a number of years on projects. It is an amazingly flexible and fun to use (as a developer and designer) content management system. One of the biggest aggravations I see is the amount of Spam User Accounts that are created due to the standard path for the user login. There are many way to combat this, however, a quick fix to start with is the Rename Admin Paths module.

Generally you have your site setup at the root of your domain. Drupal creates a default user login at:

yourdomain.com/user

That being the default, there is that simple exploit that spam bots can utilize to bug your user account area. While there are other measures such as Honeypot and Captcha (along with all the extensions to it) that work super well, one of the easiest methods I’ve found is utilizing the Rename Admin Paths module.

Change your /user path to something harder like /buddies or /folks or /friends and the bots will not find your login and hence don’t seem to bug the site as much.

yourdomain.com/friends

Give that a shot and hopefully you will find less automated accounts clogging your user area.