How do I stop SPAM subscribers?

Hi There,

Currently, the MailChimp plugin doesn’t support captchas. But the MailChimp app does have an integration with Wufoo. Wufoo is a form building service that can be used to send subscribers to your MailChimp list. Wufoo has a captcha option on their forms, which can help prevent spam signups. To learn more about the wufoo integration visit this page: https://connect.mailchimp.com/integrations/wufoo

I will also take note of your suggestion of adding a captcha.

I have a similar problem – I am working with WP 3.9 but the problem does not seem to be version-related. I have about 2-5 new subscribers every day – mostly from Russia – and this is even though the box “Anyone can register” is NOT checked. I suspect that this is a security item, but I would like to clear it without any of the bulky security systems.

I have a number of blogs, but only this one is receiving these spam subscriptions.

Any help would be appreciated.
https://www.ilianasblog.com

Hi Craig,

Thanks for hopping in the forum. Just to clarify, are you using the plugin located here? https://www.ads-software.com/plugins/mailchimp/ The plugin supported by this forum doesn’t have an ‘anyone can register’ option. Also the signup form on the right side of your site isn’t the plugin supported in this forum.

It might be best to reach out to that’s plugin’s support forum for help with preventing spam signups. Usually if you look on the plugins page in the WordPress admin area, there’s a link to the plugins website.

Let us know if you have any other questions.
-mc_d

Hi Craig,

I was able to fix the problem by ensuring the double-opt-in option was enabled. So, if a SPAM user signs up, they won’t make it to their list because they will never click the link sent to the email address they subscribed with.

I can’t remember if it was this plugin or another one – but I can tell you this solved the trouble and what a RELIEF because I had so many SPAM signups a day I couldn’t keep up…

Heather

Thanks for the comments above. The Wang plugin was my first effort to stop the stream of subscribers without any subscription plugin at all. I just took down the Wang and installed the “Subscribe To “Double-Opt-In” Comments” but I realise now that that is also not going to cure the problem since it is not generated through any plugin.

What I also did was to change the settings in the Discussion Settings to check the box “Users must be registered and logged in to comment” to see if that will stop the flood. That had always seemed counter-productive to me in the past, but maybe that is my answer.

I suspect however that I will have to go to Better WP Security (but with the new name) to block out these people.

In one respect I am lucky – I’m only getting 3-5 spam signups per day (so far).

Thanks again for the comments and I will keep you posted.

Craig

BTW – there are no comments, only signups with a WordPress mail announcing their signup (and they show up in the Users list as subscribers).

The latest development – I found an unexpected “register” button hidden away in the theme header – I took that out but that did not stop the flood.

Then I used the new ithemes security plugin (used to be “better WP security”) to change the access rights. The latest version does not have the registration link change like the older ones but I changed the admin user name and password and hoped that would help.

Surprise! That didn’t work either!

I am stumped, except I may install an older version of the BWPS plugin where I can change the access to the registration entrance.

Same link as before: https://ilianasblog.com/

Note: if you look at the site in detail, there are two WP instances functioning – one on the home directory and a second one on a subdirectory. The one on the subdirectory does not have a problem (this is an upsell area), but the one in the base directory does…

Craig

Hi Craig,

Since this forum is for MailChimp’s wordpress plugin, it might be best to post your issue to one of the general wordpress forums: https://www.ads-software.com/support/ In those forums, there would probably be more help for the spam comments issues you’re seeing.

If you have any specific questions about the plugin, feel free to let us know.
-mc_d

Hi,

I was reading this forum and I have to say, ever since I added the MailChimp plug-in, my WordPress subscribers list has been inundated with subscribers. They are not going to the MailChimp list. I did test the MailChimp and it is working properly.

Does anyone know of a setting I need to adjust to block this? Where could they be subscribing in order to become a subscriber in my Users list?

Thanks!

Hi Scentedsoybean,

Thanks for hopping in the forum. The MailChimp List Subscriber Form wouldn’t have access to the User’s in your WordPress subscribers list. Those extra WordPress signups could be coming from another source. It would probably be best to post this question to the general forum for help. Also in a quick web search, I found this blog post that could help: https://www.wpbeginner.com/plugins/how-to-stop-spam-registrations-on-your-wordpress-membership-site/

Let us know if you have any other questions.
-mc_d

Thank you!

Hey scentedsoybean!

No problem ??

Have an awesome day, and let us know if there’s anything we can help with!
-Elliot

@mc_dominic – sorry, believe it or not, I did not see that this was directed at MailChimp’s wordpress plugin users. I guess I was too busy trying to find a solution.

In any case, your solution for Scentedsoybean at https://www.wpbeginner.com/plugins/how-to-stop-spam-registrations-on-your-wordpress-membership-site/ was just what the doctor ordered! Since I installed it, there have been no more spam registrations! Wunderbar!!

Hi Craig!

Great! I’m glad you were able to sort it out. If you have any other questions, let us know.

-mc_d

FYI: Turning on double opt-in will (likely) reduce the bogus sign ups, but it won’t help your website load (or the load on Mailchimp due to bogus submissions). Double opt-in is a good idea, anyway.

I have also been targeted by Chinese Comment Spam Robots, and more recently a form crawler from Germany, as well as a swarm of folks that thought they could get a freebie by using a bogus email address through my website e-store.

TECHNICAL CONTENT AHEAD

It does appear that it’s possible to add additional client side checks to validate forms, but this may well be useless since most of the attackers directly submit to the server.

If Mailchimp wanted to lessen the problem they could generate a bogus post address to a honey pot where the real post address is only enabled by the user doing something specific (like checking a box or filling in or emptying a field). I’ll bet if they look through their logs they’ll see a LOT more traffic than any one of us with a website.

Hey Steven!

Thanks for jumping into the thread.

While the double opt-in should help reduce the potential for spam signups, it may nevertheless be possible for some to still occur. That said, as mc_dominic mentioned, the Wufoo integration that works with MailChimp would include a Captcha field. That Captcha should help reduce the potential for future spam signups, as they’d need to demonstrate their humanity.

For those interested, here’s an article on MailChimp’s double opt-in: https://eepurl.com/gOG1

Feel free to post any future questions or concerns!
-mc_elliot