Attack? /index.php?do=/user/register/

Is “/index.php?do=/user/register/” some kind of hacker break in attempt?

It showed up today from a Russian IP address.

That or it could be an attempt to create multiple spamming accounts on a forum or CMS setup, that will later login and post spam on threads/comments

It will only have an effect if your index.php is coded to do something with the ‘do’ parameter value. Otherwise, the browser will simply display the contents of index.php and ignore the parameter. Or it gets a 404 if index.php doesn’t exist.

Yes it’s an attempt to spam. The spam bot will have a list of urls for various forums and CMS’s to try to register fake users and and then post spam.