Trying to use Ban Hammer with WP-Members

First, is there native support for blacklisting in WP-Members?

There’s not a blacklist feature in the core plugin, but there is a premium extension that includes this feature (it also incorporates validating against spam database APIs like Akismet and StopForumSpam). Additionally, there are hooks for stopping registration from succeeding based on whatever criteria you could programmatically write into a function. Some of those are WP-Members hooks, and others are WP native hooks. WP-Members follows WP’s inline documentation standards, so all of the hooks implemented are documented inline.

Ban Hammer integrates with the register hook, but it seems that WP-Members doesn’t use this hook.

I’m not sure which specific hook you mean – there are lots of hooks in the WP registration process (which WP-Members utilizes in part). WP-Members ultimately fires the WP function wp_insert_user() to register the user, which ends with the user_register action (which WP-Members hooks into during processing). Any hooks that fire during wp_inser_user() are fired.

WP-Members also has its own hooks in the process. You can use wpmem_pre_register_data to do your own validation and throw a registration error. This action comes after WP-Members has done all of its native registration validation (including some WP functions), but before the user is inserted using wp_inser_user().

Has anyone else tried to integrate Ban Hammer with this plugin or has any other ideas on how to do so?

I haven’t, but it probably could be. There is a free extension that uses the StopForumSpam API (Stop Spam Registrations here). You could use that to either use and/or see an example of integrating validation into the registration process.

Is it possible to integrate with the is_email function, and if so, any tips on how to do that?

As I mentioned above, the plugin validates form data prior to its wpmem_pre_register_data action. That includes running is_email() to validate the email. If you want to hook into is_email() (which does contain a filter hook you can use to customize your email validation), that’s certainly do-able. If is_email() returns false, registration will halt on the invalid email.

I’d like WP-Members to check against a blacklist of domains to prevent registrations from certain domains.

You could that either by hooking to the filters in is_email() (returning false simply results in an “invalid email” error message), or you could use wpmem_pre_register_data, run your validation, and set a custom error message in the global $wpmem_themsg. (https://rocketgeek.com/plugins/wp-members/docs/filter-hooks/wpmem_pre_register_data/)

The plugin does have a premium extension that has blacklist options for IP, username, and email address (among other features).

Thanks — appreciate the detailed responses.

I ended up building a custom is_email() hook to stop registrations by comparing domains against a long list of throw-away email domains. Stop Spam plugin doesn’t do this on its own, but it’s ok, I built it myself.

However, what would make it better is to prevent entry of the email in the first place. Is_email() stops on the registration, but it would be even better to hook into the form validation so that the user gets a red field (indicating an error) before they submit.

Is there any way to hook into the form validation before form submission?

The pre-submit “validation” you’re thinking of is actually just native HTML5. The email input field is an HTML5 “email” type, so it is validated in the browser – it’s not really “validating” the input other than making sure (in this case) that is has “@” and “.-something”. So it’s not part of WP-Members nor WP.

If you want true pre-submit validation, you’d have to apply some JavaScript/jQuery process to run your query.