Are spam bots posting unwanted content on your directory site? We'll show you how to prevent spam registration on WordPress with five simple methods!
Once you publish a WordPress website, you’re bound to receive spam through your forms. For instance, you could receive fake user accounts or promotional content. This can be potentially dangerous if the goal of the user is to exploit your site.
Fortunately, when it comes to spam registration prevention, there are many ways to do it. From disabling public registration entirely to simply adding a reCAPTCHA field, you can limit responses to real users.
In this post, we’ll show you how to prevent spam user registration in WordPress. Let’s get started!
1. Disable public registration
If anyone can register on your site, you'll inevitably receive some spam entries. Therefore, the easiest way to stop spam user registration in WordPress is to disable public registration completely. This can be an effective solution for personal blogs.
To disable registration, open your WordPress dashboard and navigate to Settings → General:
On this page, find the Membership section. Here, make sure to deselect the box next to Anyone can register:
Once you do this, users will not be able to visit your registration page anymore. If you want your website completely closed to new registrations, this can be a great option.
However, if you have a membership site or a business site that requires registrations, you'll need to enable users to sign up for your services. Let's look at some alternative methods for preventing spam.
2. Add a reCAPTCHA field
If you add a reCAPTCHA field to your registration forms, it can prevent spam bots from submitting entries. Essentially, this creates an extra field to check a box, fill in letters, or choose the correct images. Bots will struggle to complete a reCAPTCHA, but it won't impact registration from real human users:
To get started, you'll need to get a reCAPTCHA key. Go to the Google reCAPTCHA website and sign into your Google account. Then, you'll need to register your site by entering your URL:
Next, choose a reCAPTCHA type. Version two contains the I'm not a robot checkbox, which is a popular choice. Finally, you'll need to add your site domain:
After selecting Submit, your site will be registered. This will give you a reCAPTCHA key. You'll need to copy both the site key and secret key:
Then, you can use our Business Directory plugin to easily add reCAPTCHA to your website. After downloading and activating the plugin, go to Directory → Settings → reCAPTCHA:
Next, select where you want to place a reCAPTCHA field by selecting the checkboxes on the page. You can use it on contact forms, listing submissions, or comments.
Then, enter the reCAPTCHA keys you copied earlier. You'll also need to select the correct reCAPTCHA version that matches your key:
When you're finished, click on Save Changes. Then, visitors should be able to see a reCAPTCHA field on your listings or contact forms:
Now you won't have to worry about spambots submitting listings or comments!
3. Set up a confirmation email
Another spam registration prevention method is to require users to confirm their email addresses. By setting up email confirmation, fake users and spambots won't be able to log in.
With Formidable Forms, you can customize your user registration and login page forms with a confirmation email. To do this, you'll need to install the premium plugin. Then, in your WordPress dashboard, go to Formidable → Add-Ons and activate the User Registration option:
Now it's time to create a registration form. Navigate to Formidable → Forms → Add New. You can choose from pre-made templates to make this process easier:
Once you create a registration form, go to Settings → Actions & Notifications. At the top of the page, click on the Register User form action:
In the settings below, find Password. From the dropdown menu, select Set with link in email notification:
Finally, click on Update to save these changes.
4. Require admin approval
If you manage a public directory, you might want to moderate the listings that users submit. Even though a free, public listing page will attract many entries, you'll probably encounter many fake users. To prevent spam registration in WordPress, consider manually approving any public submissions you receive.
With the Business Directory plugin, you can change a new listing's status to ‘pending'. This enables you to review any submissions from your online visitors.
First, make sure you've installed and activated the plugin. Then, go to Directory → Settings → Listings to open your listing settings:
Scroll down to Default listing status and Edit post status. Set both of these to Pending (Require approval):
Even if you make your Add Listing page publicly accessible, you can still approve any new submissions. This can be the key to removing spam before it goes live on your website.
5. Use an anti-spam plugin
You can also install a general spam prevention plugin to add some extra security to your WordPress website. Stop Spammers Security is a powerful tool that can help you block emails, ip addresses, comments, and registration from spambots:
It is available as a free WordPress plugin, but the premium version includes more advanced features such as firewalls and brute force protection. Subscriptions start at $24.50.
After activating the plugin, go to Stop Spammers → Protection Options:
Typically, the default settings should be enough to protect your site from spam registration. It will automatically block any spam with a missing HTTP_ACCEPT header or disposable email address. This prevents bots from registering on your site:
You can also customize these options to meet your needs. For example, you can turn on the Members-only Mode so that only logged-in users can access your site:
When you're finished, click on Save Changes.
When you open your WordPress site to user responses, spam is virtually inevitable. However, there are many ways you can reduce spammy content. Whether you need to create a public directory or registration form, you can easily weed out any unrelated or dangerous entries.
To review, here are the five best ways you can prevent spam registration in WordPress:
- Disable public registration.
- Add a reCAPTCHA field.
- Set up a confirmation email.
- Require admin approval.
- Use an anti-spam plugin such as Stop Spammers Security.
With our Business Directory Plugin, you can approve listing submissions to check for spam entries. By adding a reCAPTCHA key and registration restrictions, you can fully protect your site!