I am reporting https://www.drupal.org/node/2365547 to moderators because:
We have actually migrated from WordPress and now using the Drupal 8.13. We do check for updates everyday and keep upto date. Recently we observed that some Anonymous users are trying to add user accounts through (http://technobrain.com.sg/user/register?q=user/register) clean-urls – which are allowed by default. We are worried that they could takeover the access rights as well.
We are not sure how to avoid these kind of intruders. Please advise If there is a solution. Otherwise take note with high priority and provide an update.