Title: Blacklist usernames
Last modified: September 24, 2018

---

# Blacklist usernames

 *  Resolved [mpbaweb](https://wordpress.org/support/users/mpbaweb/)
 * (@mpbaweb)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/blacklist-usernames/)
 * Hi
    Is it possible to have a blacklist of usernames to prevent users registering
   usernames like ‘admin’, ‘webmaster’, ‘root’ etc etc ? I have enabled registration
   moderation, but it would be useful to stop people doing this in the first place.
    -  This topic was modified 7 years, 9 months ago by [mpbaweb](https://wordpress.org/support/users/mpbaweb/).

Viewing 3 replies - 1 through 3 (of 3 total)

 *  Plugin Author [Chad Butler](https://wordpress.org/support/users/cbutlerjr/)
 * (@cbutlerjr)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/blacklist-usernames/#post-10719670)
 * The Security extension does include the ability to blacklist username, specific
   email addresses, email domains, and IP addresses. (It has several other features
   as well.)
 * [https://rocketgeek.com/plugins/wp-members/extensions/security-extension/](https://rocketgeek.com/plugins/wp-members/extensions/security-extension/)
   
   [https://rocketgeek.com/product/security/](https://rocketgeek.com/product/security/)
 * Alternatively, you can implement any custom form validation you want, including
   but not limited to blacklisting usernames, by using the wpmem_pre_register_data
   action:
 * [https://rocketgeek.com/plugins/wp-members/docs/filter-hooks/wpmem_pre_register_data/](https://rocketgeek.com/plugins/wp-members/docs/filter-hooks/wpmem_pre_register_data/)
 *  Thread Starter [mpbaweb](https://wordpress.org/support/users/mpbaweb/)
 * (@mpbaweb)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/blacklist-usernames/#post-10720142)
 * We are a not for profit organisation. I am coming to this plugin as we recently
   suffered a malware redirect attack on our site that used Ultimate Member. I am
   a SQL server developer by day but don’t know anything about php, so..
 * if ( $fields[‘my_field’] != ‘some_criteria’ ) {
    $wpmem_themsg = ‘your error 
   message…’;
 * would become
 * $badusers = array(“admin”, “webmaster”, “root”, “administrator”);
 * if (in_array($fields[‘username’], $badusers)) {
    $wpmem_themsg = ‘Please choose
   an alternative username. Certain usernames are not allowed’;
 *  Plugin Author [Chad Butler](https://wordpress.org/support/users/cbutlerjr/)
 * (@cbutlerjr)
 * [7 years, 9 months ago](https://wordpress.org/support/topic/blacklist-usernames/#post-10722490)
 * That looks like it would do it.

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘Blacklist usernames’ is closed to new replies.

 * ![](https://ps.w.org/wp-members/assets/icon-256x256.png?rev=1226414)
 * [WP-Members Membership Plugin](https://wordpress.org/plugins/wp-members/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/wp-members/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/wp-members/)
 * [Active Topics](https://wordpress.org/support/plugin/wp-members/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/wp-members/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/wp-members/reviews/)

 * 3 replies
 * 2 participants
 * Last reply from: [Chad Butler](https://wordpress.org/support/users/cbutlerjr/)
 * Last activity: [7 years, 9 months ago](https://wordpress.org/support/topic/blacklist-usernames/#post-10722490)
 * Status: resolved