Beginners Guide: Stop WordPress Registration Spam

When deciding to set your WordPress blog to open registration you have to first consider the fact that you will eventually get inundated with false bot users who create profiles and inundate your subscriber tables with useless members.  Many of these spam WordPress registrations are easily identifiable by their .pl or .ru email extensions and lack of a gravatar or any profile information ever filled out.

The easiest defense for WordPress registration spam is a good offense, it is much more time consuming to have to cleanup hundreds of rogue registrations and implement the filters later.  That being said it is always a good idea to use one of the following methods outlined in this article to help reduce the amount of registration spam on your WordPress blog.

It is highly recommended that if you set your blog to open registration the default account state is “subscriber” instead of contributor.  This will at least not allow the user to publish any articles which could cause spam articles showing up in your pending or queue to review.  If your site uses some sort of classified theme then you may have no choice but to have a default account with the permissions to publish classifieds (posts) so you just have to be extra careful and make sure you have anti-spam registration measures in place.

Cleaning Up Spam WordPress Registrations

User Spam Remover is the preferred plugin for automatically wiping out and deleting spam users on a site that already has a ton of spam registrations.  This plugin allows you to automatically remove accounts that have never been used or accessed in X number of days that you specify.

This is a great way of just cleaning out accounts that say have never been touched in 30 or 60 days, and will keep your user database tables lean and only leave active users.

user-spam-remover screenshot 1

This plugin also allows you to disable registration notifications to avoid getting bombarded with notifications and has the ability to backup all users in case you need to do any restore actions.

This plugin is highly recommended to cleanup a WordPress blog that already has a lot of spam registrations.


Block WordPress Spam Registrations

 

Stop Spammer Registrations Plugin

Stop Spammers Registrations Plugin is one that checks all registering emails against up to three databases: Stop Forum Spam,Project Honeypot, and BotScout.  In addition to checking on the top forum spam databases, the plugin will optionally check agains several email spam DNSBL sites such as spamhaus, dsbl, sorbs, spamcop, ordb, and njabl.  The Stop Spammers Registrations Plugin will stop users from being allowed to register on your site, your site never see’s the registration if the user’s IP or email is found in the spammer databases.  This plugin also will reject registrations, comments and pings where the HTTP_ACCEPT header is missing.

It is recommended to use this plugin in addition with the Sabre  plugin below which adds CAPTCHA to your WordPress registration page automatically.

Sabre

Sabre is a WordPress plugin that simply adds a CAPTCHA automatically to your WordPress registration form.  It is also compatible for those who use the Custom Login WordPress plugin to customize their login and registration pages.

Sabre allows you to set the complexity of the CAPTCHA by increasing the number of polygons, valid characters that display in the CAPTCHA and how many characters will display.

image

You can see now once you check mark enable the CAPTCHA setting that your WordPress registration form is protected by CAPTCHA.

image

Now CAPTCHA alone is an excellent way to deter some SPAM, but it isn’t perfect so I recommend combining the SABRE plugin with the Stop Spammers Registrations Plugin for a near perfect WordPress registration SPAM prevention solution.

-Dragon Blogger

Justin Germino
I have been obsessed with computers, tech, gadgets and games since the early 1980's having grown up on the Commodore 64 and Amiga computers. By day I work in the IT Security Industry and have been in IT for over 20 years. On my spare time I am a Vlogger, Blogger, Streamer, Gadget Reviewer, affiliate marketer, influencer and entertainer. I am also an avid movie fan, TV Show fan, Anime fan, video game fan and fan of trying anything and everything new.
Justin Germino

@dragonblogger

Content Creator/Owner of https://t.co/iWP6afuOc9 for Tech, Game, Entertainment and streamer at https://t.co/594fXMdMIA
The Best Mobile Apps for People Who Stutter https://t.co/GnGtIA0oMd - 22 mins ago
Justin Germino
Justin Germino
Share Feedback We Want to Hear From You