Spam user registration is a pain. WordPress has this nice feature of enabling others to register on your WordPress blog.
So before I talk about the whole user registration spam thing, let me tell you why you would want your visitors to register on your blog in the first place.
There could be several reasons as to why you’d enable user registration:
1. You might have allow guest bloggers to submit their posts for your review.
2. You might want to offer a membership area that has some kind of hidden content that is visible only to registered users.
3. You might want to only allow registered users to comment on your blog (a method to control spam comments)
4. Or you might want to offer certain perks for your blog commenters like showing the links to last 10 blog posts only to registered users (a popular feature of Commentluv plugin).
But in spite of all these needs to have user registration enabled, it is really a pain when it is misused. I used to receive literally hundreds of spam registration accounts notification.
Spam user accounts are still accounts using which spammers can login to your WordPress blog’s backend (and do naughty things).
As to guest posting, there are lots of risks. There are chances that the so-called guest bloggers who spam other blogs for links login to your blog and change the links if you don’t give them proper privilege locks.
Anyway, let me tell you 2 simple ways to combat user registration spam!
Disable registration
Sounds a no-brainer? Yes it is. I’ve done it on my blogs. I no more allow users to register on my blogs. I’ve created a “Guest Author” account and publish all guest posts through that account.
I know this has quite some drawbacks
(i) I’ve got to work on formatting the post completely
(ii) I cannot have the guest author’s Google+ profile linked to the guest post via rel=”author”
(iii) Guest authors won’t be notified of the comments on their guest posts; hence reduced interaction.
I can go on…. But considering the pain to have to clean up unwanted spam accounts and getting bombarded with hundreds of spam registrations, I’d prefer to simply turn off registration.
Make it hard for the spammers
If you absolutely need to have user registration turned on, the only go is to make it hard for the spammers. In this move, you will also make it hard for the genuine users while they are going through the registration process.
Some ways include, having a Captcha, having to solve simple math operations (like __ + 5 = 18) and so on. This will somewhat put a halt on spammers. But note that there are also Captcha solvers that can do the job for spammers.
There are quite a few WordPress plugins that get the job easier for bloggers. One such plugin is Sabre which is a free plugin.
To know more about how to set up this plugin and combat spam user registration, head over to this post > http://www.probloggingsuccess.com/combat-spam-user-registration/
Hope you found this information useful. For more, don’t forget to sign up for email updates. You can do so here (where you can grab a couple of free ebooks too) > http://www.probloggingsuccess.com/free-ebook-time-management/
Why these spamers do these things,do they don’t have any other works ;-(
thanx for sequrity tip.
That’s why they’re called spammers, Ajay
Hi Jane, quick question: if I turn off user registration, can I still allow people who comment to sign-up for email notification of my blog?
What comment widget are you using on your blog here?
Lou Barba says
Hi Jane,
I happened to catch your video on G+ and watched the whole thing. Even though I haven’t got a lot of traffic on my blog, I was still getting 10 to 15 registrations a day. I couldn’t figure out why they were registering and they didn’t show up as traffic on Google analytics. I guess, as you point out, that they are hoping I would buy something I don’t need or want simply because they registered on my blog. Hopefully, I get the same results as you did by using SABRE. Thanks for the heads up.
Lou
Gustav Reise says
If you ask me, the best way is to just get rid of registration all the way, why do you need it anyway ?
I don’t know of any modules, but it seems like the contact form’s flood control system has most of the logic you’d need to build a module for registration flood control.
I agree with you, Jane. Just totally get rid of registration. BTW, there are reliable guest bloggers and it needs a lot of research to get the right guest bloggers for your blog. They can make or break the progress of your blog.
Hi Jane Sheeba,
Very nice information you have shared.
Another action towards spam.
Spam is just another headache in blogging and Internet Marketing.
As come to WordPress, I have tried many plugins to fight spam.
Some are really good and some are just waste.
But at the end, spammers get ways to spam the world.
I never tried these manual tips over my wordpress blog.
Thinking to try this too, may be spam rate decrease more than efforts.
I will update here soon.
Hi Jane,
I think you’re very wise not to allow other people to register on your site - although I can see it’s very convenient for both parties where guest blogging’s concerned, the risks are very high unless you really know the other person and can trust them 100%.
Thanks for raising this issue - it’s an aspect of blogging a lot of people probably haven’t considered much. It’s sad not to be able to trust people, but I guess that’s life, and we have to take care of our assets.
Sue
I just hate registration spam, I opened registration for any user and within 2 weeks, i got 50k new registrations, had to put up through a hell to delete spam accounts.