User Spam Remover


User Spam Remover is a plugin for WordPress that automatically removes spam user
registrations and other old, never-used user accounts. It also blocks the
notification e-mail that WordPress normally sends to the administrator whenever
a new user registers (annoying when that registration is spam!) and logs it

The plugin adds a configuration panel so that all of these options can be turned
on or off, and it logs and fully backs up all user accounts that it deletes, so
that you can restore them if you need to.


  • Automatically deletes user registration spam and other orphaned,
    never-used accounts.

  • Very simple, enable and go! Doesn’t interfere with the normal user
    registration process in any way. So, it doesn’t add captchas or activation
    or anything else — you’re free to use it alongside a plugin that does, if
    you like.

  • Blocks notification e-mail that WordPress normally sends to the
    administrator every time a new user registers (instead, logs this event).

  • Fully configurable, with grace period for new accounts and optional
    username whitelist.

  • Fully logs all actions and backs up all user accounts that it deletes so
    that you can seamlessly restore them if you ever need to.

For more information and installation instructions, please go to:


  • The plugin's exciting configuration screen (added under WordPress' Users menu).


Please see the updated FAQ online at:


Read all 11 reviews



  • Update to code that suppresses new user registration notification email.
    WordPress core made a change to the API starting with version 4.3.0 of
    WordPress, so this update to User Spam Remover fixes the problem where
    the user gets a bogus registration notification email and is unable to
    complete site registration. Props to Oliver @ for the


  • Now requires mysqli. If your PHP version is < 5.5 you may need to force
    WordPress to use mysqli instead of the older mysql extension. Just add
    this line to wp-config.php, near the top by the other DB settings:

    define('WP_USE_EXT_MYSQL', FALSE);


  • Now detects and adds absent MySQL indexes to wp_comments.user_id and
    wp_links.link_owner columns. Greatly speeds performance and enables use on
    much larger databases. Big props to Raph Koster for help debugging!
  • Enables MySQL sql_big_selects config var at runtime for use on shared
    hosts and other installations where this is disabled by default.
  • MySQL SELECT errors now logged/shown to the user as appropriate.
  • Hard limit of 1000 users per deletion to prevent long-running operations.
    Upped limit to 10000 records per SELECT, thanks to improved SQL and indexes.
  • No longer deletes users with only comments marked as “spam.” This is a
    small functional regression, but it speeds SQL performance. Once the spam
    is permanently removed these users will be deleted anyway.
  • Minor bug fix affecting settings page user list display w/ bbPress users.
  • Changes to method visibility. Many previously public methods now protected.
  • Code refactoring.


  • Version/compatibility bump so that plugin repository info is
  • Added check for wp_usermeta ‘last_posted’ record so that users of
    database-integrated bbPress installations are not deleted if they have ever
    posted anything.
  • Added hard limit of 5000 records to prevent long-running operations.
  • Added a list of user accounts pending deletion to the settings page.
  • Style fix to inline error messages per r16205 changes to WordPress core
    file wp-admin/css/
  • Miscellaneous minor style fixes.


  • Added standard WordPress Users section icon and printing of status message
    on options update.
  • Updated deprecated PHP syntax for string access by character in lcfirst().
  • Very minor refactoring and tweak of message text.


  • Fixed weird edge case where no usermeta records exist for a given user.
    Before: this caused user removal to abort and an error message to be logged.
    Now: any such users are deleted.
  • Added nonce checking to “Remove now” button on admin page.
  • Slight code refactor to remove buried strings.
  • Cosmetic change to log strings so plural “s” not added to singular words.


  • Initial public release.
  • Tested using WordPress 3.0.1 and PHP 5.2.6 and 5.2.14.

Contributors & Developers

This is open source software. The following people have contributed to this plugin.


Browse the code