WordPress spam registration has been a top concern for most site owners, and it gets your website bundled with false bot users who inundate the subscriber tables with trashy members. At this place, we’re going to pull together some effective ways to block SPAM registration without having to disable the inbuilt user registration feature.
Note that, this introductory guide will take you through how to properly set user memberships to clean up spam WordPress registration, and in the meantime, take the example of a feature-rich plugin named as Stop Spammers Spam Prevention to further stop user registration spams.
Allow User Registration and Guest Posts
As is known, user registration is a must have for any membership and community sites, and it is not recommendable to shut down this WordPress function for those types of websites. To be frank, you don’t need to go through and delete numerous rogue registrations per day in order to keep your WordPress based website away from spam-bots.
If you set the default role of registered users as “subscriber”, then you can at least prevent registrants from publishing any spam submissions. For security reasons, you’d better not allow “Contributor” or “Author” registration, or those contributors and authors would publish anything harmful to the website without getting approval from you. It is also possible to add an admin user to do some maintenance or administration work, and you can get them to register and then go to “Users” page to upgrade their accounts.
Counter WordPress Spam Registrations
As is noted, “Stop Spammers Spam Prevention” is the preferred WordPress plugin for detecting and wiping out spam registrations on a site. Besides that, this plugin can defend your website against login attempts by performing over twenty different checks for malicious attacks. There are up to twelve pages of options available for you to configure this plugin. Beware that, it can also work with many different plugins like Gravity Forms, and it has been under development since early 2010.
Step 1 – Enable Stop Spammers Spam Prevention Plugin
To enable this “Stop Spammers Spam Prevention” plugin is somewhat similar to the process of installing a free WordPress plugin. To do this, you are supposed to log onto the WordPress dashboard and head over to “Plugins” > “Add New.” Just click on the follow-up “Install” and “Activate” buttons to get it done. If implemented properly, a new “Stop Spammers” tab will be added to the sidebar of your WordPress menu.
Step 2 – Check Allowed Requests
To proceed, move your mouse over the “Stop Spammers” tab and choose the “Summary” option to see a preview of its “Plugin Functions”. As you may notice, there are more than ten options out there, and this “Summary” page is designed to check if there may be any problems from your own IP address, and in the meantime, showcase a summary of events.
Below is the “Allow Requests” option, by which you can have an overall look at the denied users and other users who ever tried to access your website. In another word, anyone who has filled out the form requesting access to the site will be listed within this “Allow Requests” page.
Step 3 – Specify Log History and Cache Size
To get more details about the events detected by this “Stop Spammers” plugin, you should enter the “Log Report” tab. From here, you are allowed to specify how many items will be saved in the log history from the drop-down list. If you don’t have special requirements for now, you can leave the “History Size” to the default 25. The good thing of this plugin is you can “Clear Recent Activity” based on personal needs.
The next “Cache” page will display all the caches of recently-detected events. Note that, the so-called “Bad Cache” refers to a user who is disallowed to leave a comment or log in. In case that this “Stop Spammers” plugin would run out of memory, you’d better keep the “Bad Cache Size” as small as possible. Those caches will clear themselves, but it is highly recommended to wipe out spams on a regular basis by clicking the “Clear Cache” button.
Step 4 – Prevent Lockouts & Block Countries
Here comes the most important part – Stop Spammers Options. As is showed, you are presented with all the options for checking spam registrations. To name a few, you have the ability to block log-outs by adding admins to “Allow List” or checking credentials on all login attempts. If you think that this WP plugin is working, you can also choose to uncheck the two options.
From the last “Block Countries” section, you will be able to block certain spam sources from one country. As Russian ISPs won’t shut down zombie computers in their residential blocks, it is advisable to block “Russia” here. Make sure that you would make use of a Captcha screen so that those legitimate users would get access to your WordPress site even if blocked. Do not forget to check the “Save Changes” button to take effect.