Registration Honeypot

Description

A plugin for stopping most spambots from registering user accounts on WordPress sites with open user registration. This plugin creates a simple, hidden field that spambots will automatically fill out. If this registration field has data entered into it, the registration process is cut off and no spam user account will be created.

This plugin isn’t an end-all solution to spam registrations. It’s a simple solution for one type of spam registration issue that has come in handy for me many times.

There’s no configuration. Simply install, activate, and let the plugin do its work.

Professional Support

If you need professional plugin support from me, the plugin author, you can access the support forums at Theme Hybrid, which is a professional WordPress help/support site where I handle support for all my plugins and themes for a community of 40,000+ users (and growing).

Plugin Development

If you’re a plugin author or just a code hobbyist, you can follow the development of this plugin on it’s GitHub repository.

Donations

Yes, I do accept donations. If you want to buy me a beer or whatever, you can do so from my donations page. I appreciate all donations, no matter the size. Further development of this plugin is not contingent on donations, but they are always a nice incentive.

Screenshots

Installation

1. Uzip the registration-honeypot.zip folder.
2. Upload the registration-honeypot folder to your /wp-content/plugins directory.
3. In your WordPress dashboard, head over to the Plugins section.
4. Activate Registration Honeypot.

FAQ

Why was this plugin created?

I’ve had some sites over the years that would get hit by spambots registering user accounts. There are WordPress plugins for stopping user registration spam, but I couldn’t find any simple plugin for handling just this specific type of spam. Plus, I hate having to go configure a lot of options that other plugins offer.

I just wanted a plugin that I could set and forget. I wanted something that would simply do its job and nothing more.

How do I use the plugin?

You simply need to activate it. That’s it. It’ll stop most spambot user registrations.

Is this the best way to stop registration spam?

The absolute best way is to disable open user registration on your site. A lot of WordPress users don’t need this functionality but have it turned on anyway. You can disable it by going to “Settings > General” in your WordPress admin and unticking the checkbox for “Anyone can register”. Then, you don’t need any plugin.

Will this stop all spam registrations?

No. This plugin was built for a specific type of spam. It uses a simple honeypot method to stop most spambots from registering a user account on your site. For the most part, it’s all I’ve ever needed to stop spam registrations.

However, it might not always work in all situations. It really depends on what type of spam registrations you’re getting, but spambots are pretty common. So, this should work for most people.

What is the “honeypot” method?

Basically, the plugin adds a hidden input field on the WordPress user registration form. It’s hidden to us humans, but spambots will see this field and enter text into it. This is what we call “putting your hand in the honeypot”. If a spambot puts his hand in it, the plugin catches it and cuts off the user registration process before a new user account is created.

It’s a pretty simple method, but it will not stop all spammers. It mostly just stops those that send spambots to automatically fill out forms.

Reviews

Used to cut down on spam

JohnRoyce April 6, 2019

UPDATED 12/26/18: Ok, so this plugin author will NOT update his plugin. Contacted him to no avail. I solved the issue myself by deleting the plugin. Maybe the world has moved on, because the spam level is no worse, so it truly seems without worth. Except now I’m not plagued by warnings about the outdated work of a foolish programmer. ORIGINAL REVIEW: It simply works without fanfare, dependably cutting a swath in the advancing line of spam by doing exactly what it purports to do. The plugin comes with the explanation that it does not address every kind of spam, just one very annoying common type. It’s also the easiest plugin possible, you just install and activate. No spam, no premium offers. Just a free service – thank you! Justin Tadlock is a respected programmer, and this quiet little plugin is an example why. Ok sure maybe I wish the plugin was updated more regularly/formally, just for administrative clarity, but the developer seems comfortable there isn’t need for alteration. I trust that is true, and indeed it still works!

Such a shame

andygc1 September 3, 2016 1 reply

Such a shame. I installed it 6 months ago on WordPress 4.2. Brilliant. Not a single spammer. About 10 days ago the spam registrations returned as much as before. I’ve subsequently got around to upgrading to 4.4.2 so the failure is nothing to do with upgrading WordPress. Somebody has written a honeypot detector.

Contributors & Developers

Changelog

Version 1.0.0

• Everything is new!