Secure Registration Form against spammers or fight spam like a boss!

Stop WordPress registration spam, with RegistrationMagic Plugin

Introduction – WordPress Registration Spam

Welcome back to another one of RegistrationMagic tutorials. Today we’ll talk about how to secure against WordPress registration spam (grrr…). If you haven’t received any spam mail from your unprotected forms, consider yourself lucky. But sooner or later, spam will catch you. And there’s an air of finality about it. Want to know how spam can hurt you?

  1. Clog your inbox and bring down productivity to a crawl.
  2. Constantly trigger your autoresponder, and contribute in getting it blacklisted or choking server email queue.
  3. Swell up or even crash your site’s database
  4. Attempt a hack or code injection
  5. Take away your peace of mind!

And you wanna take none of it, if you’re serious about your site. So instead of counting on luck alone, you will need some pretty strong protection to secure registration form. Them bots are out there prowling the web. RegistrationMagic has set of built-in tools that allows you to secure registration form and boot spam like a boss!

WordPress Registration Spam Security Settings

Let’s open RegistrationMagic. Spam settings are inside Global Settings → Security

WordPress spam registration - security

You will find multiple options within this settings panel. We recommend configuring it as soon as you make your first form live.

WordPress spam registration security-panel
Google’s reCAPTCHA is your quintessential line of defence. It is so common around the web that users pretty much expect it to accompany any form. We keep our code up to date with newest reCAPTCHA versions so that your form keeps up with latest standards. But there are extra steps required to make it work. Once you enable reCAPTCHA you will need to generate the two keys for your domain. To do this, head on to this link Make sure you enter your domain name correctly using “http” or “https” – whichever applies to your case. Once you have the keys, paste them into Security panel.

Next, submission limit for a device blocks any specific device used to access your site when it tries to fill out the form more than a pre-set limit. Many spam attacks originates from a single device.

Banning an IP address is another important spam fighting tool. As you must be aware, RegistrationMagic is already equipped to capture IP address of the form submitter (See General Settings). If you start receiving bogus or empty submissions from a specific IP, paste it here. You can also block an IP range, if that’s what you are after. Once you hit save, no more spam from that IP.

Banning an Email address works similar to banning an IP. If the spam attack originates from multiple IPs but has specific email or email pattern, use this option to close the door. Wildcard is supported, therefore you can block a domain too. Just enter “*” to block submissions from any specific email domain.

So by combining all four options, you can fight any type of WordPress registration spam! All you have to be is little vigilant and configure the plugin properly. We’ll take care of the rest while you handle folks registering on your site. Good luck 😉

About RegistrationMagic

RegistrationMagic Editorial Staff (rmagic) is a team of WordPress registration experts and major contributor to the development of RegistrationMagic - WordPress User Registration Plugin.


  1. Ronald Hill

    Where can I locate the suspected bot/spammers IP ADDRESS in the Registration Magic General Settings as per your article?
    Article reads: Banning an IP address is another important spam fighting tool. As you must be aware, RegistrationMagic is already equipped to capture IP address of the form submitter (See General Settings).
    Thank you!

    1. Avatar photo

      Hi Ronald,

      Blacklisted IPs can be found in Global Settings -> Security settings.

Leave a Comment

Your email address will not be published. Required fields are marked *