CM Email Registration Blacklist (CMRB) - Use Case - How to Secure Your Site Registration Process (List All Methods by Email, by Domain)


Use Case – How to secure your site registration process (list all methods by email, by domain).

Back to User Guides

Note: This guide requires:

Video Use-Case


Introduction

The CM Email Registration Blacklist plugin allows you to block users who try to register on your WordPress site using an email from a domain or email defined in your blacklists/online lists. It also allows you to approve only users from a whitelist.

The plugin helps to avoid spam with viruses, malwares, disposable emails, and unwanted users.

Use Case Front-End

Use Case Assumptions

In this example we will consider how to defend your site from unwanted registrations to avoid spam, viruses and malware.

Contents:


Installing The plugin

The process is the same for all CM plugins and add-ons.

  • Download the plugin from your customer dashboard
  • Log in to WordPress and navigate to the WordPress Admin → Plugins settings
  • Click on Add New
  • Activate it and add the license

Learn more: Getting Started - Plugin Overview


Setting up

All setting up happens in CM E-Mail Registration Blacklist. So navigate to Admin Dashboard → CM E-Mail Registration Blacklist → General Settings tab.

In this section, you can select which lists will affect the plugin. You can enable or disable these options:
  • Domain White List - Protects emails from the White List from being blocked.
  • Accept domains only from White List
  • Domain Black List - Blocks emails from the Black List.
  • User E-mail White List - Includes the emails from the plugin's White List. 
  • User E-Mail Black List - Includes the emails from the plugin's Black List. 
  • Accept emails only from white list 
  • DNSBL Domain Check - Refer to notes below.
  • Free Domain List - Fetches list of spam addresses from Spam Assassin. Learn more about Spam Assassin.
  • TIP: Using Free Domain and DNSBL Lists

    If you enable DNSBL Domain Check and Free Domain List keep in mind, that some popular domains like gmail.com can be included in these lists. If you want these domains to be allowed to register you need to disable these lists, or add needed domains to Domain White List.

  • Enable for edit profile - Applies filters when the user updates the email from the edit profile section. This prevents users from updating their emails to blocked ones. Currently only works on:
    • Default WordPress profile form editor
    • CM Registration Pro profile form editor
  • Show Powered by CreativeMinds - Show or hide "Powered by CreativeMinds" in the registration screen.
  • Remove HTML tags from error messages - Removes any tags (such as links or formatting) from error messages. 
  • Google reCAPTCHA - Enables verification via reCAPTCHA. Learn more: General Support - reCAPTCHA - What is It and How to Enable. Learn more about reCAPTCHA - What is It and How to Enable.

User Domain Blacklist

Next tab is  User Domain Blacklist.

The blacklist contains a list of all of the domains that will be blocked from registering on your site. Add a new domain by typing in the box provided. 

Anyone with an email address matching the domain you enter on the blacklist will be unable to register for your site. 

User Domain Whitelist

Next tab is  User Domain Whitelist.

Whitelisted domains are domains that have been flagged, but are still allowed to register a domain on your site.

Add a new domain to the whitelist by typing it in the provided box. Adding a domain to the whitelist will allow users to register with even if it has already been tagged as spam in the blacklist or free domain list.

User Email Blacklist

Next tab is  User Email Blacklist.

The blacklist contains a list of all of the emails that will be blocked from registering on your site regardless of their domain status. Add a new email by typing in the box provided. 

Anyone with an email address matching the address you enter on the blacklist will be unable to register for your site. 

TIP: Note on Gmail Domain

Google allows its users to modify the email address by including dots or plus inside the address. This applies to @gmail.com and @googlemail.com accounts.

For example, the owner of johnsmith@gmail.com can use these variations, among others:
  1. john.smith@gmail.com
  2. j.o.h.n.s.m.i.t.h@gmail.com
  3. johnsmith+1@gmail.com
  4. johnsmith+99@gmail.com

Starting from version 1.4.2 of the plugin, you can block all these variants by adding the "clean" version to the blacklist, without including any dot or plus signs. In the example above, that would be johnsmith@gmail.com

User Email Whitelist

Next tab is  User Email Whitelist.

Whitelisted emails are addresses that have been flagged, but are still allowed to register an email on your site. It can also include emails from domains that have been blocked by any of the plugin tools. So any email which appears on this list will always be able to register.

Add a new email to the whitelist by typing it in the provided box. Adding an email to the whitelist will allow users to register with even if it has already been tagged as spam in the blacklist emails list.

Free Domains

Next tab is  Free Domains.

Here you will find the list of free domains that have already been identified as spam by the website SpamAssassin, and added to the blacklist.

You have the option of updating the list by clicking the blue update button in the upper right hand corner of the box. Updating the list will fetch the latest list and update the plugin information on your WordPress database.

Labels

Next tab is  Labels.

This tab controls the messages that will appear on the screen when a user tries to register a domain name and gets blocked. These messages will appear if the domain is blacklisted, listed on the Free Domain list, or not included in the whitelist.

Change the text in each box to alter the message that appears when a user is unable to register a domain on your site. The same label will also show once you use the domain tester.

Registration Log

Next tab is  Registration Log.

This box contains the list of failed registration attempts including the date, time, email, reason for the failure and the IP address used.

You can clear the log by clicking on the Clear Log button. Once you clear all log data will be erased from the Database.

Domain & E-mail Tester

Next tab is  Domain & E-mail Tester.

In the Domain & E-Mail Tester box, type in a domain/email and click check and see if the domain/email will be accepted or not.

If the domain/email is blacklisted, the word  INVALID will appear and the search results will say that the domain/email is blacklisted.

If the domain/email is whitelisted/not-blacklisted, the word  VALID will appear and the search results will say that the domain/email is whitelisted.

End Result

Using this simple instruction you can avoids spam with viruses and malware, disposable emails, and unwanted users.

Use Case Front-End


More information about the CM Email Registration Blacklist WordPress Plugin

Other WordPress products can be found at CreativeMinds WordPress Store

Let us know how we can Improve this Product Documentation Page

To open a Support Ticket visit our support center
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us