How To Stop Registration Spam on WordPress Powered Websites
One type of spam I haven’t really spoke about until now is registration spam. If you have checked the option to allow anyone to register for your site (under www.yoursite.com/wp-admin/options-general.php) then you may have suffered from registration spam. On WP Mods there are currently over 2,500 registered subscribers, most of which were created by spam software.
You can usually tell these accounts from legitimate accounts as no profile details are completed and they use strange email addresses with lots of characters. Alternatively, many accounts are set up with variations in the username and/or email address (example below).
A guaranteed way to stop registration spam is to disallow new registrations and create all accounts manually. This isn’t always practical. For example, if you require users to register an account to leave a comment on your site or if you have a private member area or bbPress forum.
Admittedly, I could disallow registrations on WP Mods though I find it easier to keep registration open so that authors and guest posters can setup accounts themselves.
Today I will be showing you a selection of WordPress plugins that try and reduce or stop registration spam. Those of you who would prefer to keep membership registration open should find this list useful. As usual, all plugins have been tested on my test blog however they have not been tested on a live site so if you see a suitable plugin I encourage you to try it out yourself and share the results with WP Mods readers :)
A great plugin that automatically removes older accounts that are no longer used. You can set threshold for what accounts are deleted. Any unused accounts over the number of days you set are automatically deleted.
Accounts that are due for deletion sit in a pending queue for 24 hours before being deleted. The plugin logs details of all accounts that are deleted in a log file so you can restore accounts if necessary.
If you have been suffering from registration spam, this is one of the first plugins you should install. I used it to remove all of the 2,500+ unused accounts that were on WP Mods.
Download: User Spam Remover
Checks the databases of StopForumSpam, Project Honeypot and BotScout to prevent spammers from registering. It does this by checking the ip address, username and email address of everyone who registers and if it matches a name on the database, registration is stopped.
Download: Stop Spammer Registrations Plugin
3. Raz Captcha
Prevents registration bots by adding a captcha test to the registration page. You can choose to have the captcha test on your registration page and/or your login page. The explanation to users as to why the captcha is there can also be modified.
I sometimes find captcha tests quite frustrating as they are frequently impossible to pass. Some of the numbers generated by Raz Captcha were easy to read but others were very difficult, which is something that could annoy your legitimate users. Something to bear in mind.
Download: Raz Captcha
Lets you setup a blacklist and whitelist of usernames and email addresses that can and cannot be used. You can use wildcards which will help you block registrations from certain email providers. It’s not the most practical solution in my opinion as you need to do everything manually.
Download: Restrict Registration
A feature rich plugin that works with WordPress, WordPress MU, BuddyPress and bbPress 2.0. Once you have acquired an API key and installed the plugin, it checks registered users against known spammers on the WangGuard database.
Sabre, short for Simple Anti Bot Registration Engine, aims to prevent bots from registering on your site. It is simple to use but is far from basic as you have a huge number of ways to customise what prevention measures are used on your registration page.
You can include a captcha test, maths test and a text test too. The captcha test is also easy to read so it should stop boys but not frustrate your members. A good choice for those who want to stop bots from registering in the first instance.
7. WP Recaptcha
You can enable the plugin in the comments area and/or the registration page. Once it’s all setup, your visitors will see the familiar Recaptcha test.
Download: WP Recaptcha
Reviewed last year, Registration Plus is one of my favourite WordPress plugins. It’s primarily known as a way of enhancing the registration page and requesting more information on the registration page however it also has some fantastic anti-spam measures built in.
You can add a simple captcha test or the Google recaptcha test to the registration page. You can also ask users to confirm an invitation code in order for the registration to proceed. Finally, you have the option of manually approving all registrations.
As you can see from the screenshot below, the registration form is quite large when you add all the additional fields.
In addition to uploading your own logo to the registration page, you can also style the login and registration pages using custom CSS. The email notification to new members can also be customised. Quite simply, Register Plus is the best way of controlling the registration process.
A variation of the plugin entitled Pie Register however in my opinion Register Plus is the better option.
Download: Register Plus
An interesting plugin that adds anti-spam measures to the comments and/or registration page. Instead of entering a captcha code, the user has to slide three icons to a vertical position. A cool user friendly solution :)
Prevents users from registering on your site with disposable emails from services such as Mailinator.
Download: No Disposable Email