How to Stop WordPress Registration Spam (Tactics and Plugins)?

Undoubtedly, WordPress is one of the most popular options when we talk about website building platforms. And as every good thing comes with a few negative points also, the case is not much different here. Being a popular choice to build websites, WordPress is also one of the most favorite options for spammers. There are many such people who would want to get unauthorized access to your website and exploit it. The purpose behind this could be anything like spamming the audience. This happens when you allow everyone to register on your website. This is one of the most common causes of registration spams on websites. Here, we are going to discuss how to stop WordPress Registration Spam. But before this, we will have a quick overview of what the default WordPress registration process is. 

Default WordPress Registration Process:

If on your website you have allowed everyone to get registered then the URL of the default registration page of your WordPress website will be:

And the screen will look something like this:


Generally, the default registration page does not have anything to stop any malicious users or bots. The process is very easy for spam registrations. It is easier for bots to directly land on the registration page of your website and then fill out all the required form fields. It is not a difficult task to create a formula for doing so. 

How to Stop These Spam Registrations:

There are a few different ways to stop the spam registration on your WordPress website. It totally depends on the unique needs of your website that which method will work for you. 

Disable the Registrations Completely:

One of the easiest and quickest solutions to this problem of spam registration is to disable all the new registrations completely. You can do this if there is no need for public registrations on your website.  

But if the case is different and the type of your business demands you to give other people some sort of access on your website then also it is not necessary to enable public registration. You can keep the process of creating user accounts on your website manual. This way, you will have to create the accounts for your users manually instead of allowing them to get registered on the website on their own. Now the question comes, how to do it. 

If you want to disable the public  registration on your website completely then you have to:

  • Go to Settings > General.
  • Now make sure that the box saying ‘Anyone can register’ is unchecked:

Once you are done disabling the public registration, if someone will try to go to the default registration page of your website then he/she will see a message like this:


Use Captcha:

Adding captcha on the registration form is another tactic that you can use to stop registration spams on your website. There are a few different types of Captchas. You can use any of them. The most popular one is Google’s reCAPTCHA as it is very user friendly as well. It will show a scratch test only when it will determine that the visitor could be a bot. Otherwise, it does not keep bothering the human visitors. 

In order to add this type of captcha on your website’s registration form, you can use the free Advanced noCaptcha & invisible Captcha plugin.

Use an Anti-spam Plugin:

It is also a good idea to use a plugin to stop registration spams on your website. There are so many options of anti-spam plugins that you can choose from. These plugins can help you very much in this as well as serve some other purposes like preventing spam on your comment section or where the form gets submitted. 

Some of the best options of anti-spam plugins are:

  • Stop Spammers
  • CleanTalk
  • WPBruiser

Add Approval Requirement for New Registrations:

Are you worried about the new registrations if they are from spammers or genuine users? If yes then it is always a good idea to add approval requirements from the admin for every new registration. When you make the admin approval necessary, it helps you to avoid that situation.

If you want, you can also combine this tactic with any other strategies as well. Like you can combine it with the Captcha tactic for a more secure solution. This way you will be able to filter out all the low-level bot users. And the manual approval will help you to catch whatever misses the eye. 

           Also Read :    Effective Ways To Fix WordPress Speed Issues!

Block Suspected IPs:

It is easy for you to find out the IPs of your spammers. If you find out that most of them are using some specific IPs then your job just got easier. In order to stop the registration spam, all you have to do is, block all the suspected IPs. This way they will not be able to access your website at all. Now wondering how to do it? Most of the cPanel hosts also provide an IP blocking tool to their users.

Change the Default Registration URL:

One of the best ways to reduce the low-level traffic that you doubt to be from bots is to add some security by obscurity. Finding yourself in a state of confusion? No worries, all you have to do is change the URL of the default registration page of your website. This way you will break into the formula that is being used by the bots. 

If you are wondering how to do it then do not worry. For this you can use any plugin that is used for changing the login URL of your website. You can use any free plugin like WPS Hide Login.

Use a Custom Registration Plugin:

You can also use a custom registration form plugin for your website if you want to stop the registration spam on your website. This way you can bypass the normal registration process of WordPress platform. And after that this will apply a few good anti-spam techniques on your website. Some of these tactics are:

  • Change the default registration URL: You can easily change the default registration URL of your website. This way you will be able to reduce the low-level traffic that you doubt to be from bots
  • Email confirmation: Email Confirmation definitely helps you to get hold of all the spam users of your website. This way you can also stop the users who are using fake email accounts to get registered on your website. If a user fails to access the confirmation link on the given email address then that registration will get discarded automatically. 
  • Add approval requirement for new registrations: It will help you to determine the new registrations if they are from spammers or genuine users? It is always a good idea to add approval requirements from the admin for every new registration.
  • Spam prevention: These plugins can help you implement amazing spam prevention tactics like applying captcha or creating a custom registration form.

There are a few form plugins as well for your website. With the help of these plugins you can create custom registration forms and apply other tactics to prevent the registration spams. Are you feeling confused about which one to choose? Here are some good options of form plugins:

  • Gravity Forms
  • Formidable Forms 

You should use both of these form plugins with the User Registration add-on. 

Wrapping Up!

WordPress being an amazing website building platform does not come alone. Like other similar website builders, it also brings the high risk of being attacked by spammers. These spammers have the ultimate goal of gaining access to your website and then exploiting it. Some of them do it manually while some of them use bots to register on your website so that they can spam your community. This is why it is always recommended that you do not allow public registration on your website if not necessary. This is just the first bit of the story! Here we have discussed all the possible tactics that you can use if you are constantly wondering How to Stop WordPress Registration Spam.

If your mind is getting flooded with queries related to any of these techniques to stop WordPress Registration Spam on your website or you want to know more about it then this is the case when the need of some expert help arises. At this point you must have started wondering from where you can get the right help. There is no need to worry. You can contact us for all of your queries. Our team of WordPress experts will assist you in every possible way. You can give us a call on 1-866-332-O276. We work 24×7. 


Can set the default user role help in registration spam prevention?

Yes, it can help.

Is it possible to disable all the new registrations entirely?

Yes, it is possible if required.

What are some good forms plugins?

There are many options of forms plugins in WordPress. Some of them are: Gravity Forms and Formidable Forms.

Can we add approval requirements from the admin on every new registration?

Yes, it is possible.

What are some good anti-spam plugins?

There are so many good plugins but the best ones are: Stop Spammers, WPBruiser, CleanTalk etc.

Other Blog you might wish to read:

How to fix error code 300

How To Fix HTTP Error 500 in WordPress?

You might also like

Subscribe to Our Newsletter