Tips and Tricks HQ Support Portal › Forums › WP eMember › WP eMember General Questions › Validating Registration Information
- This topic has 3 replies, 2 voices, and was last updated 11 months ago by wzp.
-
AuthorPosts
-
January 3, 2024 at 5:18 pm #84998tsmParticipant
I have wp emember active on my site, and I’m getting lots of spam signups. To combat this, I enabled double opt-in with email confirmation, but I don’t love that users have to go through all that extra hassle.
So here’s what I’m thinking: I want to run the info of each member that tries to sign up through Akismet (via their API) and only activate the account if it passes Akismet’s check. I’m expecting this to be a pretty big project, and I’m hoping you could point me in the right direction. I’m not looking for hand-holding, but I’m curious how you would approach something like this?
Thanks very much for your time!
January 4, 2024 at 6:27 pm #84999wzpModeratorUnfortunately, this issue has been “beaten to death,” over the years; and the advent of AI will only make it worse. IMHO the only way to secure a site is to put it behind a $1 paywall, in lieu of a free membership level. Even after PayPal takes its cut, you’ll still have a 20-something cents profit.
January 5, 2024 at 10:28 am #85000tsmParticipantWhen checking pending member emails and IPs manually, it seems like most of the spam signup we’ve gotten (thousands) would’ve been stopped by Akismet. I hear that bots are a major issue, and I hear that AI is about to make this a lot worse, but I’d still like to move forward with an Akismet integration for now. With that being said, do you have any advice from a technical standpoint?
Also, thank you for your quick response and helping me set realistic expectations about this problem!
January 5, 2024 at 7:11 pm #85001wzpModeratorWith any anti-anything solution; the object is to make it too expensive for your adversary to bother you.
eMember can block email addresses based on domains:
eMember – Restricting registration to certain types of emails, ie. only .edu
You can also block specific ranges of IP addresses:
You could also use our email address based 2FA addon, and force the spammers to create email addresses:
We never developed an SMS or Google Authenticator 2FA addon; because “we” would be charged for each authentication.But forcing them to spend money is a sure fire solution. $1 is not very much; and you can always incentivize the $1 purchase.
-
AuthorPosts
- You must be logged in to reply to this topic.