Support » Plugin: WP-Members Membership Plugin » reCaptcha enabled but still spam registrations

  • Hi
    We have enabled reCaptcha, it has the correct site and secret key in place and the field is working (cant submit without ticking) but we still have a few spam registrations coming through per week.
    What can be done about this?

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Chad Butler


    I would start by making sure that you have WP registration disabled. This is a recommended setting (although not required). Also, if you have other plugins that allow registration (WooCommerce, bbPress, etc), you might want to look into those as well. Make sure you also have the most recent version of WP-Members installed.



    Hi Chad

    Thanks for the reply. WP registration is disabled, there are no other plugins that allow registration such as those you mentioned, and WP Members is version

    I have changed the captcha from reCaptcha to Really Simple captcha as I have used Really Simple with Gravity Forms for many years, unfortunately after I did this another spam registration came through.

    Choose a Username: Yamahazdd
    First Name: zwusafmetnbrcorGP
    Last Name: zwusalmeinbezlqGP
    Address 1: Minsk
    Address 2: Minsk
    City: Minsk
    County: Cyprus
    Post Code: 113531
    Contact Number: 87937725953

    This is still an issue on this same website, any ideas?

    Plugin Author Chad Butler


    There are a couple of plugin extensions available that may help.

    First, I’ve released a new plugin – WP-Members Stop Spam Registrations. It is free, and it utilizes the API from (which isn’t only for forums).

    Second, there is the premium WP-Members Security extension. This is a premium extension, and it has a number of features that will help prevent unwanted registrations. First, it allows you to employ a “honey pot”. This is an arbitrary field that human users (usually) will not see, so if it is completed, we can assume it’s spam. This is a very effective method by itself, but the extension also includes blacklist options by IP, username, and email. This will also let you blacklist email “wildcards,” essentially blocking registration from specific domains. For anti-spam, it includes the API (available in the free plugin mentioned above), as well as the Akismet API. You have the option of using one or the other, or both.

    In both of these plugins, the anti-spam APIs are validated in action hooks that will verify and shut down spam that comes in not just through WP-Members, but also through any process that uses WP’s wp_insert_user() function.

    So there are two possible options.

Viewing 4 replies - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.