Once you’ve created your classified website and taken it live, it’s only a matter of time before you start receiving spam as you collect user data through forms. Spam is more than just annoying or unappealing to have on your website; it is also a potential danger, especially if your spammers are out to exploit your site.
Spam registrations are a gateway to attempts at hacking your site, and they expose it to malware infections. Hackers could use spam registrations to access any part of your website with devastating results. Creating a classified website that generates revenue is a fulfilling process that you wouldn’t want to endanger.
To help you mitigate this security vulnerability, we will show you how to stop fake users from registering to your classified website.
How to Get Rid of Fake User Registration in a Classified Website
There are a few methods that you can employ to avoid or put a stop to spam registrations on your WordPress classified website. You can decide the ones that suit your site’s needs best, which might be a combination of a few of them.
We will use this post to prevent spam user registrations on classified websites. Let’s get the ball rolling!
Method 1: Disable Public WordPress Registration Completely
Allowing everyone to register on your site is a surefire way of receiving spam entries. Having understood how dangerous spam registrations can be, you would rather disable registration altogether than expose yourself to public registration. What’s more, you don’t need public registration at all! The solution is to disable public registration completely.
To turn off public registration, you only need to go to your WordPress admin dashboard and go to General under Settings. From there, uncheck the Anyone can register checkbox.
Once that is done, those who attempt to register on your site will see a message that User registration is currently not allowed. This is why this message is only great if you want to avoid new registrations.
However, if you want members on your website, you will have to enable users to sign up and work with alternative methods for preventing spam on your classified website.
Method 2: Add a CAPTCHA Field to Your Registration Form
An alternative way to ward off spam registration is introducing a CAPTCHA field to the default WordPress registration form. Although there are different types of CAPTACHAs, Google’s reCAPTCHA is the most popular and user-friendly. It is usually hidden from most genuine human visitors while presenting CAPTCHA tests to visitors whom it determines to likely be bots.
To get started, go to the Google reCAPTCHA website and sign in to your Google account. Next, register your website by entering its URL. The next step is choosing your preferred reCAPTCHA type. Choose version two and add your website’s domain. You can then submit, and your site will be registered. You will receive a reCAPTCHA key and site key. Copy both keys.
Choose from the available WordPress reCAPTCHA plugins in the WordPress directory. On your admin WordPress menu, go to Plugins, and on the new window, click on the search box to find a CAPTCHA plugin. Many free options exist, such as Advanced Google reCAPTCHA and reCAPTCHA integration for WordPress. Some premium options are also available if you want more features, such as premium support and regular updates.
Once you’ve chosen a plugin and installed it, go to settings under your admin dashboard so you can set it up. Click on the name of your plugin, choose the version you want to use, and add the site key and reCAPTCHA. You also get to choose where you want to enable your CAPTCHA apart from your registration form. These places could include your login form and other forms on your site, too.
Once you add reCAPTCHA to your WordPress registration forms, you will start seeing it reflected on your registration page. If you choose the second version of reCAPTCHA, you will only see it when the system suspects a bot login.
Method 3: Have a Dedicated WordPress Spam Registration Plugin
Some of the most popular antispam plugins, such as the Akismet Antispam plugin, do not block registration spam.
However, you may have chosen a WordPress antispam plugin that prevents spam not only in WordPress user registration but also in your other form submissions and comment sections. Plugins that fall in this category include Stop Spammers, WPBruiser, and CleanTalk. Again, these plugins will get rid of spam registrations and spam in other areas of your site.
Method 4: Make Admin Approval Mandatory for New Users
If you want to make your vetting of new users even more thorough, you can line up new users for admin approval. You may have built a community that is vulnerable to spammers, and requiring admin approval for new users gives you time to analyze new accounts and weed out spammers.
Alone, this strategy can be unsuccessful, especially if there are many spam registrations on your site. Sure, you could be keen and only approve real registrations, but it would be really time consuming and counterproductive.
However, this is one of the best strategies to combine with reCAPTCHA. As your reCAPTCHA deals with the most obvious bot spam, manual admin approval does a more thorough job of dealing with each possible spammer that may weasel their way through.
The free WordPress plugin called WP Approve User is all you need for your site to require admin approval for all new users. Once you install and activate it, all your current users will be considered approved, and you can start sifting through the new ones and weeding out spam. When new user registrations start coming in, go to the Users item on your admin dashboard and, click on the Unapproved tab and examine the user details before approving.
By going to Approve User under Settings.
Method 5: Block Suspicious and Malicious IP Addresses
You may notice that most of the spam user registrations are coming from particular IP addresses. In such cases, all you have to do is block the suspicious IP addresses from accessing your site.
There are a few WordPress plugins that can block IP addresses and even entire countries. The IP2Location Country Blocker plugin, as well as the WordFence Firewall and Security Scanner plugins, are excellent examples of this, and they have free and premium versions. Once you install one of them, find it on the admin dashboard of your website and choose the option for denying IP addresses.
Method 6: Alter Your Site’s Registration URL
One of the most subtle yet effective methods of reducing spam user registration to your classified website is changing the URL of your registration page. There are many plugins that will help you change the WordPress login URL, which essentially changes your registration page URL.
One of the plugins you can use is the WPS Hide Login plugin, which is free of charge. Once the plugin is installed, go to it under Settings on your admin dashboard and craft the new URL that you want to use. Alternatively, you can choose to redirect the default URL to your error pages, such as the 404 one.
Method 7: Employ a Custom User Registration Form Plugin
Using a custom registration form plugin is yet another efficient plugin for stopping spam registrations on your WordPress website. Such a plugin lets you bypass the regular WordPress registration process while enabling you to implement some antispam tactics, which include:
- Creating a custom registration URL
- Requiring email confirmation upon new registration
- Requiring admin approval for newly registered users
- Adding CAPTCHA or honeypot fields to your custom registration form
Many WordPress form plugins, such as Contact Form 7 and Gravity Forms, have extensive features, including some anti-spam ones. Unfortunately, such features are only usually found in the paid versions of such plugins.
Final Thoughts: Our Advice for Preventing Spam User Registration on Your Classified Website
In case you wish to enable public registration on your WordPress site, dealing with registration spam can be quite a challenge. However, there are several strategies you can employ to mitigate or even completely eliminate this problem.
The simplest and most hassle-free approach involves incorporating a CAPTCHA reCAPTCHA into the standard WordPress registration form. While this addition may go unnoticed by most genuine users, it effectively foils automated bots by prompting them with CAPTCHA tests, thus discouraging spam registrations.
For a more comprehensive solution, consider leveraging a specialized WordPress registration plugin to construct a customized registration form. These plugins come equipped with their own arsenal of antispam measures and often offer features such as requiring admin approval for new user registrations.
Furthermore, when it comes to optimizing your site, not only can you save time but also reduce costs by taking advantage of the enterprise-level integrations bundled with every Managed WordPress plan, valued at over $275. These integrations encompass high-performance CDN, DDoS protection, malware and hack prevention, edge caching, and the deployment of Google’s swiftest CPU machines. With no lengthy commitments, assisted migration support, and a risk-free 30-day money-back guarantee, this plan is an advantageous choice for your WordPress site.