UM blocked domains: Can you block a whole Top Level Domain (TLD), like “*.ru”?

  • Resolved clausfaber

    (@clausfaber)


    2 years, 3 months ago

    Hi,

    I have regular problems with either highly intelligent bots or real humans, registering users via UM (and I have Google reCaptcha v3 installed).

    They use many different domains, all in the same TLD (“*.ru”).

    I entered into the field “blocked email addresses”:

    *@yahoo.com
*.ua
*.ru
*.by

    There are no more yahoo-Addresses, but still a_lot@somewhere.ru are registered.

    Do I have to block each russian domain? Does *.ru work? It does not seem so.

    Many thanks,
    Claus

    • This topic was modified 2 years, 3 months ago by clausfaber.
    • This topic was modified 2 years, 3 months ago by clausfaber.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • missveronica

    (@missveronicatv)

    2 years, 3 months ago

    @clausfaber

    Blacklist Words and Blocked Email Addresses bypass:

    https://github.com/ultimatemember/ultimatemember/issues/962

    From the Tooltip:

    To block an entire domain, use something like *@domain.com

    I will add TLD to the code snippet also.

    • This reply was modified 2 years, 3 months ago by missveronica.
    • This reply was modified 2 years, 3 months ago by missveronica.
    • This reply was modified 2 years, 3 months ago by missveronica.
    missveronica

    (@missveronicatv)

    2 years, 3 months ago

    @clausfaber

    Try this code snippet with fix for bypassing email addresses with capital letters and now you can also block top level domains with *.ru

    New UM error message: We do not accept registrations from that top level domain.

    function um_102621_blockedemails( $args ) {

    $emails = UM()->options()->get( 'blocked_emails' );
    if ( ! $emails ) {
        return;
    }

    $emails = array_map( 'rtrim', explode( "\n", $emails ) );

    if ( isset( $args['user_email'] ) && is_email( $args['user_email'] ) ) {

        $domain = explode( '@', $args['user_email'] );
        $check_domain = str_replace( $domain[0], '*', $args['user_email'] );

        if ( in_array( strtolower( $args['user_email'] ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_email' ) ) ) );
        }

        if ( in_array( strtolower( $check_domain ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_domain' ) ) ) );
        }

        $tld = explode( '.', $domain[1] );
        $check_tld = '*.' . $tld[1]; 
        if ( in_array( strtolower( $check_tld ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_top_level_domain' ) ) ) );
        }

    }

    if ( isset( $args['username'] ) && is_email( $args['username'] ) ) {

        $domain = explode( '@', $args['username'] );
        $check_domain = str_replace( $domain[0], '*', $args['username'] );

        if ( in_array( strtolower( $args['username'] ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_email' ) ) ) );
        }

        if ( in_array( strtolower( $check_domain ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_domain' ) ) ) );
        }

        $tld = explode( '.', $domain[1] );
        $check_tld = '*.' . $tld[1]; 
        if ( in_array( strtolower( $check_tld ), $emails ) ) {
            exit( wp_redirect( esc_url( add_query_arg( 'err', 'blocked_top_level_domain' ) ) ) );
        }
    }
}

add_action( 'um_submit_form_errors_hook__blockedemails', 'um_102621_blockedemails', 10 );
remove_action( 'um_submit_form_errors_hook__blockedemails', 'um_submit_form_errors_hook__blockedemails', 10 );

add_filter( 'um_custom_error_message_handler', 'um_custom_error_message_handler_tld', 10, 2 );

function um_custom_error_message_handler_tld( $err, $request_err ) {

    if( $request_err == 'blocked_top_level_domain' ) {

        return __( 'We do not accept registrations from that top level domain.', 'ultimate-member' );
    }
}

    Install this code snippet in your child-theme’s functions.php file
    or use the “Code Snippets” plugin.

    https://wordpress.org/plugins/code-snippets/

    • This reply was modified 2 years, 3 months ago by missveronica.
    • This reply was modified 2 years, 3 months ago by missveronica.
    Plugin Contributor Champ Camba

    (@champsupertramp)

    2 years, 2 months ago

    Hi @clausfaber,

    This thread has been inactive for a while so we’re going to go ahead and mark it Resolved. ..Please feel free to re-open this thread by changing the Topic Status to ‘Not Resolved’ if any other questions come up and we’d be happy to help… 🙂

    Regards,

    missveronica

    (@missveronicatv)

    2 years, 2 months ago

    @clausfaber

    New UM Feature Request:
    https://github.com/ultimatemember/ultimatemember/issues/968

    • This reply was modified 2 years, 2 months ago by missveronica.
Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘UM blocked domains: Can you block a whole Top Level Domain (TLD), like “*.ru”?’ is closed to new replies.