Thanks Joe

I am on Version 7.3.4.  But I am still getting spam registrations.

I have created a new registration page and added it to all my sites requiring registration, changing the registration page spec to the name of my custom page.

I have added the web.config denyQueryStringSequences for ctl=register and for register

I have added the dotnetnuke.config blockrequests filter:

        <rule servervar="HTTP_URL" values="(?<=\?)ctl=register|(?<!\?)/register" operator="Regex" action="NotFound" location="" />
But I still get redirected to the new registration page when I request domain.com/register or domain.com/ctl=register

Can anyone think what I'm doing wrong?

 >>>>Edit <<<<

I changed the blockrequests filter to URL in stead of HTTP_URL and now the URL /register is rejected, but the /register.aspx still gets redirected to the custom page.

The custom page is named 'New Account' so register does not appear in the name anywhere.

?????

Thanks Joe

As I said, I am using 7.3.4, but those errors are still clogging up my error log.

I have tried putting the rawurl or parts thereof in the DNN site filters and in the denysequencestring section of web.config.

E.G. - General exception

(note: I have deleted user 5066)

System.Web.HttpException (0x80004005): Not Found
   at DotNetNuke.Modules.Admin.Users.ViewProfile.OnInit(EventArgs e)
   at System.Web.UI.Control.InitRecursive(Control namingContainer)
   at System.Web.UI.Control.AddedControl(Control control, Int32 index)
   at DotNetNuke.UI.Modules.ModuleHost.InjectModuleContent(Control content)
   at System.Web.UI.Control.EnsureChildControls()
   at DotNetNuke.UI.Containers.Container.get_ModuleControl()
   at DotNetNuke.UI.Containers.Container.ProcessModule()
   at DotNetNuke.UI.Skins.Pane.InjectModule(ModuleInfo module)