Disallow registrations from specific email domains

Usually, once you finish designing your website, you will be the only administrator who can assign different roles to different people. If the site is somewhat bigger, there will probably be more than one admin and several other users who can do different stuff on your WordPress powered website. If you want people to be able to register so that they can easily track the new content from your site and comment in a more efficient way, you will want your registrations to be closed to the public.

But in some cases, you will want your visitors to be able to register without having to contact you. If you have a broader audience, you simply won’t be able to manually register each one of them. You won’t have time to assign a role to them and you will have to open public registrations. So if you choose to enable public registrations, people will be able to choose their own usernames and passwords and will be automatically assigned a role you had set up in settings (subscriber in most cases).

While you will probably get new users ready to write new articles (yes, you can set users to be contributors which means they can write posts and save them for your approval) and even more of those users will be able to modify they profile in order to post comments, more often than not you will get new spammers ready to leave numberless useless comments under your neatly prepared articles.

Stop users from a specific domain to register on your site:

If you still need your registrations to be open to the public but want to stop that one spammer coming from specific email domain, you can now easily block him by blocking the entire range of emails:

    1. Open functions.php
    2. Copy and paste the following code:
function disable_email_domain ( $errors, $sanitized_user_login, $user_email ) {
list( $email_user, $email_domain ) = explode( '@', $user_email );
if ( $email_domain == 'forbiddendomain.com' ) {
$errors->add( 'email_error', __( '<strong>ERROR</strong>: Domain not allowed.', 'my_domain' ) );
}
return $errors;
}
add_filter( 'registration_errors', 'disable_email_domain', 10, 3 );
  1. Change email domain on the 3rd row
  2. Change the error message in the same row
  3. Save changes

If you open registration page and try to register yourself as a new user, that will be possible only if you choose an address which doesn’t come from “forbiddendomain.com” domain. If you write down an email coming from that specific domain, for example, john@forbiddendomain.com, WordPress will leave you on the registration page and show error message defined in the code above.

While installing this safety feature can be good in order to stop spammers registering automatically and spamming you from within the site, you can also control different groups of people coming to your site. Still, you should think more about security. While this feature can definitely help you in fighting spam, you should consider checking your site for security flaws and installing additional safety measures.

If you don’t like working with code or if you need more options when it comes to registration of new users, you should take a look at Email Blacklist Plugin for WordPress by CreativeMinds.

To further improve security when it comes to registrations, you might consider installing one of the professional plugins, or you can add Google’s Captcha technology to protect you.

START YOUR OWN BLOG

This guide is an introduction to mastering the art of blogging. It provides easy to follow steps to start, maintain, and grow your blog.

Read the guide

Leave a Reply

Your email address will not be published. Required fields are marked *