[solved] Stop WordPress Spam Registrations

I’ll bet all of you out there have dealt with your fair share of spam. Everyone gets it, in their email, blog posts and lately even WordPress registrations! I have a tool for handling spam comments on my blog, but what do I do when I get 10’s to 100’s of spam user registrations on my blog with names and emails like BuyCheapMeds and FreeSoftwareDVDs@some-russian-website.ru?

Well, thank goodness the WordPress Extend site has so much to offer! After asking in the WordPress forums how to completely disable new user registrations…and getting little response…I decided that I would have to edit some of the WordPress files to ignore new user registrations in a fashion to fit my needs. I wanted to keep them open from the admin panel so I myself can add new users, but block outsiders from registering so I could control the spam registrations.

To my surprise I got a response in the forum thread that I started with an example plugin that could be used. I looked into the example plugin, but I found myself confused at the description and uncertain of how the plugin actually worked. Who wants to install something on their site when they have no clue how it works!

I dug a bit deeper and searched this time for only 5-10 minutes and came across two plugins that were capable of handling my needs and one that was just plain cool.

To control your spam registrations I would suggest the following three plugins which are ordered according to the order that I would choose them.

  1. Register Plus
    http://wordpress.org/extend/plugins/register-plus/
  2. Sabre
    http://wordpress.org/extend/plugins/sabre/
  3. Referrer Bouncer
    http://blog.taragana.com/index.php/archive/word-press-1-5-plugin-referer-bouncer/

If you’re wondering why I sorted them this way then I’ll try to explain quickly.

Referrer Bouncer was the one that was suggested to me in the forum thread, but I found that it was a bit more involved than the others and it required the user to create a file called “referer.txt” and add domains that should be blocked (at least I think it was for blocked domains…not a clear description or how to 🙁 ) and it just made more sense to go with a different plugin rather than tracking down all of the referring sites that I needed to block.

Sabre does exactly what I wanted to do. It was like it knew what I wanted before I asked, haha, but I decided to go with Register Plus in the end because it allows me to create invitation codes so that I can easily leave the registration open to the public, but they will need to contact me and request an invitation.

Why did I chose this method? I figured that most people would prefer not to register in the first place. Nothing at kyleabaker.com is restricted to the general public that is open to the registered users…it’s all the same. So if you wanted to post then you can freely post comments here. The invitations are for friends and people that I know so they can register if they wish and I know they won’t be spamming me. 🙂 Except maybe Dan…he’s done it before. 😛

The third plugin that I found (the Referrer Bouncer was found by someone else and posted in the WordPress forums for me) was one that allows users to login via OpenID! This is really cool because it doesn’t require a user to actually register at your site and waste space! They can register at any website that offers OpenID such as Yahoo, WordPress, Flickr (also Yahoo) and many more!

I didn’t go with WP-OpenID because spammers can still register via OpenID and login on your site. They wouldn’t be spamming the registrations, that’s one plus side, but they are still encouraged to test out my comment filtering system..and they always jump at chances to piss people off like that. 😛

So I suggest you look into my “research” if you’re having similar trouble! Enjoy!

6 thoughts on “[solved] Stop WordPress Spam Registrations”

  1. using Opera 9 Opera 9 on GNU/Linux GNU/Linux
    Opera/9.51 (X11; Linux x86_64; U; en)

    Haha, I know! They were driving me crazy! I’m still waiting to see if the first one on my list works. If not then I’m going to try the second, but it’s a good start. 😀

  2. using Opera 9 Opera 9 on GNU/Linux GNU/Linux
    Opera/9.51 (X11; Linux x86_64; U; en)

    Just to update everyone…it seems that Register Plus hasn’t completely cut out the spam registrations that I was receiving, but it has cut them back down to about 1 a day or maybe less often than that.

    I’m still not convinced that I need to try the Sabre plugin, but I’ll just keep testing Register Plus for now!

  3. using Firefox 2 Firefox 2 on Windows XP Windows XP
    Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6 GoogleToolbarFF 3.0.20070525 GoogleToolbarFF 3.0.20070525

    Dear Kyle,
    I just install Register plus myself, but wondering where is the widget? and how is the invitation working? did we invent the code ourself?

  4. using Opera 9 Opera 9 on Windows XP Windows XP
    Opera/9.51 (Windows NT 5.1; U; en)

    mocona,
    The only visual differences that you will see are on the Register page. The plug-in will add some new fields and the invitation code field as well.

    Somewhere in the settings you can add or remove the invitation codes, but I entered all of mine manually and just clicked add. It works well and has stopped most of the spam registrations, but I’m still looking into the others.

  5. using Firefox 3 Firefox 3 on Windows Vista Windows Vista
    Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 (.NET CLR 3.5.30729)

    Thanks for this! I’ve been waiting for Register Plus to update and work properly for a while, but after installing SABRE I don’t have to wait any longer. I’ve been looking for a solution to this for a while and had a lot of trouble finding one for some reason.

    The only thing I don’t like is that the Comment Policy box for SABRE is plain text only, but oh well. Within seconds it stopped a bot, and if it keeps that up, that’s all that matters. I also REALLY like that I can require confirmation for registration and it will automatically delete accounts after a week if they don’t confirm.

    Great reviews and recommendations. Thanks again!

Leave a Reply

Your email address will not be published. Required fields are marked *