How to stop spam user registrations on your WordPress
Cerber Security has several anti-spam and anti-bot features which can be enabled simultaneously to stop registration spam nightmare.
Enable an antispam engine for the registration form
The fastest way to stop spammers is to enable the antispam engine for the WordPress registration form. To enable protection:
- Go to the Antispam plugin admin page
- Enable Protect registration form with bot detection engine in the Cerber antispam engine section
- If you have a separate, non-standard registration form or a membership plugin, enable Protect all forms on the website with bot detection engine
- Click the Save Changes button
Change the default registration and login URL
The next thing you need to do is to change the default WordPress registration URL to a custom one. That allows you to block automated spam attacks. Follow this guide: Custom login and registration URL for WordPress.
Set the limit on user registrations from one IP address
The third step is to set the limit to the number of user registrations from one IP address. By default, three user accounts are allowed to be registered from one IP address within one hour. This feature is available in Cerber Security Pro.
- Go to the plugin admin Dashboard
- Click on the Users tab
- Enter appropriate values in the Registration limit fields
Block new user registrations from specific countries with GEO rules
The country-based GEO rules enable you to set a list of countries from which users are permitted to register on your WordPress. If you want to get new users from your country only, this is the right way. GEO rules are available in Cerber Security Pro. To create the list of the countries:
- Go to the Security Rules admin page and click the Countries tab
- Click Register on the website.
- Create a list of countries by clicking on the country name in the left window. Selected countries are listed in the right window.
- Once you’ve created the list, set its type. If you want to permit new user registrations from the selected list of countries, click Selected countries are permitted to register on the website, other countries are not permitted to. Otherwise, if you want to block registrations, click the second option Selected countries are not permitted to Register on the website, other countries are permitted to.
- Click the Save all rules button.
Enable reCAPTCHA for the WordPress registration form
The last but not the least option is to enable reCAPTCHA for the WordPress registration form. Before you can start using reCAPTCHA on the website, you have to obtain a Site key and a Secret key on the Google website. To get the keys you have to have Google account. Register your website and get both keys here: https://www.google.com/recaptcha/admin
Read more: How to set up reCAPTCHA for WordPress and WooCommerce registration, reset password and login forms.
How to protect a contact form on your WordPress
The Cerber antispam and bot detection engine is capable to protect virtually all contact forms on a website. It’s tested with Caldera Forms, Gravity Forms, Contact Form 7, Ninja Forms, Formidable Forms, Fast Secure Contact Form, Contact Form by WPForms and WooCommerce forms.
Follow this guide: How to stop spam form submissions on your WordPress.
Have any questions?
If you have a question regarding WordPress security or WP Cerber, leave them in the comments section below or get them answered on the community forum.
Spotted a bug or glitch?
We’d love to fix it! Share your bug discoveries with us here: Bug Report.