Prevent User Registration From Specific Domain

 In Security

Normally it is  a good idea to disable user registration  if you are not planing to use membership feature, because could lead spammers can attack your website with spam user registrations.

I used registration_errors hook in WordPress which filters the errors encountered when a new user is being registered. If any errors are present, WordPress will abort the user’s registration. This filter can also be used to create custom validation rules on user registration. This hook fires when the form is submitted but before user information is saved to the database. So I created custom rule to check user’s email domain and provide error if user’s email match blacklisted domain.

Here is the function you can dump in your theme’s functions.php file. The following function will prevent user registration if WordPress find “domain.Com” in user’s email address.

 

// prevent user registration from specific domain
function nuno_disable_email_domain ( $errors, $sanitized_user_login, $user_email ) {
list( $email_user, $email_domain ) = explode( '@', $user_email );
if ( $email_domain == 'domain.com' ) {
$errors-&gt;add( 'email_error', __( '<strong>ERROR</strong>: Domain not allowed.', 'my_domain' ) );
}
return $errors;
}
add_filter( 'registration_errors', 'nuno_disable_email_domain', 10, 3 );
Recommended Posts

Start typing and press Enter to search