Hi @dsiv,
Thank you for reaching out, we’re glad to hear the plugin is working well for you.
Regarding the spam registration requests, especially those coming from specific domains and resulting in bounce-backs, you’ve raised a valid concern. While the current “Approve” and “Deny” functionalities are working as intended, we understand your need for greater control in managing suspicious or unwanted requests more discreetly.
At this time, you can reduce spam by blacklisting specific domains, which prevents users with email addresses from those domains from registering. Here’s how to configure this:
- Navigate to New User Approve → Auto Approve → Domain Blacklist.
- Enter the domains you want to block in the Domain List textbox.
- Enable the Blacklist Toggle to activate the feature.
- Optionally, enter a Custom Message to display when a user from a blacklisted domain attempts to register.
- Click Save Changes to apply the settings.
You can find more details in our documentation here: New User Approve Documentation – Blacklist by Domain
As for your suggestions:
- A “Delete” option that removes the request without sending a notification, and
- A “Block Domain” option that automatically deletes both current and future requests from specific domains without sending emails
These are excellent ideas. We’ve shared them with our development team for consideration in a future update. Your feedback is invaluable and helps us improve the plugin experience for all users.
Thanks & Regards,
WP Experts Support Team
Thread Starter
dsiv
(@dsiv)
I could not find the Auto Approve, but I eventually realized that Settings->Enable Auto-Approve needed to be selected first.
I was able to add domains to the blacklist. Time will tell if they are successfully blocked.
I don’t have Enable Whitelist checked. I hope that no requests will be automatically approved in my configuration and only requests from these domains are blocked.
delhinightqueen.com
2-construction.store
noreply0.com
solstris.com
Thank you for the help.
Hi @dsiv,
Thank you for your update.
You can get back to us any time. If you have any issue or need assistance.
Thank you
Thread Starter
dsiv
(@dsiv)
Note that I set several domains in the blacklist. One is delhinightqueen.com. However, these requests come in as <subdomain>.delhinightqueen.com, which did not get blocked overnight. As such, I added *.delhinightqueen.com and hope this new entry helps. If you have other ideas on how to block these subdomains, I would love to learn more.
Hi @dsiv,
Thank you for your feedback!
You’re absolutely right—using the domain blacklist is a good first step, but subdomains like <subdomain>.delhinightqueen.com can bypass a basic domain entry. Including *.delhinightqueen.com in the blacklist is the correct approach, and should help mitigate those cases. Let us know if you continue seeing requests get through, and we’ll investigate further.
Additionally, if you’d like to add an extra layer of protection against spam, we recommend implementing Google reCAPTCHA on your registration form. It’s one of the most effective and user-friendly options available.
To set it up:
- Visit Google reCAPTCHA Admin Console to generate your API keys.
- After obtaining your keys, install a free WordPress reCAPTCHA plugin (like “Advanced noCaptcha & invisible Captcha” or “reCaptcha by BestWebSoft”).
- Configure the plugin to protect your registration form.
This should significantly reduce automated spam signups.
Thank you
Thread Starter
dsiv
(@dsiv)
I will look at adding reCAPTCHA. In the meantime, my blacklist has the entries shown below. I get quite a few requests from solstris, but none since putting them in the blacklist. It may be coincidence or it may be working. However, I continue to get delhinightqueen.com requests, even though I have the primary domain and the * subdomains. It looks like the subdomain entry is not working.
This is where the Delete option would be great, instead of using Deny.
*.delhinightqueen.com
delhinightqueen.com
2-construction.store
noreply0.com
solstris.com
discardmail.com
europeandocfestival.org.uk
Hi @dsiv,
Thank you for the update and details.
It appears that the blocklist is working correctly, as evidenced by solstris.com, which is great to hear. However, the ongoing requests to delhinightqueen.com suggest that the wildcard entry (*.delhinightqueen.com) may not be functioning as expected. For this, please create a ticket on our official website so we can assist you promptly.
For the reader: We will update you soon. Once the issue get resolved.
Thank you
