Help Center

Stop WordPress SPAM User Creations | Easy & Fast

Last Updated on 19/01/2024

A WordPress site without SPAM – Had been the title of a good story. However, the reality is quite different – For most. Fortunately, it’s actually pretty easy to get rid of all the SPAM that comes free when running a website built on WordPress. In this quick guide you get some quick, easy and powerful tools to get rid of bots – Or at least all the garbage they are trying to make.

Avoid SPAM users on WordPress

Many find that on their WordPress and WooCommerce pages they get user creations in wildness. The main purpose of these user creations is to create comment SPAM on your posts and products. Typically to do link building from your site to another, or for the purpose of doing affiliate marketing.

See if you are exposed to using SPAM

1: Go to “dinhjemmeside.dk/wp-admin/”

2: Navigate to the tab “User” in your side menu

3: Under “All users” you will quickly see if there are thousands of users with mysterious emails and names – It is typically something like this:

[email protected]
[email protected]
[email protected]
[email protected]
[email protected]

However, be aware that Apple iCloud, Gmail and other clients offer “No SPAM” addresses, which are some one-time outgoing email addresses that you can use to avoid email SPAM – Newsletters, etc. These may also look like “mor.ando.f.r.id.a.8@gmail.com” However, before any deletion of the users, check whether they are real – This can be done by verifying the other information inside the users such as name, addresses and any content they have generated.

How to easily avoid commenting and using SPAM on WordPress

To avoid using SPAM altogether you can hardly – but you can probably avoid 99%. Here’s how to do it:

1: Go to “Settings” > “Discussion” and do the following:

This ensures that no comments can be made without a user.

2: Disable the option for user creations (You can still manually from your page when logged in as admin)

  • Open functions.php the file in your active WordPress theme. ( Navigate to “Appearance” -> “Editor for theme files” -> Click on “functions.php”
  • Add the following code to the end of the file:

This method will ensure that user creation can only be done manually through wp-admin. Always remember to back up your functions.php or any other files before modifying them.

Do you use WooCommerce?

Then you need to do the following – If you still want customers as users on the site.

Use Cloudflare

Optimize your WordPress security – Avoid SPAM, bots and other dirty web rubbish

It is one thing to make small “hacks”, like the above – something completely different is the possibility of getting rid of such things to the greatest extent possible.

Use a web host that has invested in the best solutions on the market.

At hostious.io, all our servers run on Imunify360, which is unconditionally the market’s best live anti malware and WAF. Imunify360 is a comprehensive security solution designed to protect web servers, including popular CMS systems like WordPress and ecommerce platforms like WooCommerce. Here is a brief overview of its features and benefits:

Imunify360 is an advanced security suite developed by CloudLinux that offers multiple layers of protection for web servers. It is designed to prevent, detect, and remove threats like malware, viruses, and attacks from hackers.

How does it work?

  1. Automatic malware detection and removal: Imunify360 regularly scans for malware and automatically removes threats, ensuring your website stays secure.
  2. Advanced firewall: The program offers an intelligent firewall that can effectively identify and block malicious IP addresses and attacks, including DDoS attacks.
  3. Intrusion Detection and Prevention Systems (IDS/IPS): These systems monitor network traffic to identify and prevent attacks before they reach your site.
  4. Proactive defense: Known as “Imunify360’s Proactive Defense,” this layer analyzes the executed code in real-time and blocks potentially harmful actions.
  5. Reputation Management: Monitors whether your website is being blacklisted by search engines or antispam databases.

Why is it good for your WordPress and WooCommerce site?

  1. Security: Ensures that your website remains free of malware, which is crucial for both reputation and user experience.
  2. Performance: By blocking malicious requests, Imunify360 can help improve page performance.
  3. Automation: Automatic monitoring and response lightens the workload so you can focus on running your business.
  4. Compatibility: Designed to work seamlessly with WordPress and WooCommerce, ensuring that all plugins and themes work properly.

By using Imunify360, owners of WordPress and WooCommerce sites can significantly increase the security of their websites, which is crucial in an age where cyber threats are becoming more sophisticated and frequent.

Use a web host running on LiteSpeed Enterprise

LiteSpeed Enterprise is a powerful web server technology that is particularly popular with WordPress users. It offers a number of benefits and features that optimize both the performance and security of WordPress sites. Here’s a brief overview:

LiteSpeed Enterprise is a high-performance, Apache replacement web server compatible with common Apache features, including .htaccess, mod_rewrite, and mod_security. It is designed to improve the speed and efficiency of websites, especially for those using WordPress and other popular CMS systems.

Features and benefits

  1. Faster loading times: Using advanced caching and optimization technology, LiteSpeed can significantly reduce WordPress page loading times.
  2. Scalability: Can handle a high number of simultaneous connections without sacrificing performance, making it ideal for high-traffic websites.
  3. Compatibility with Apache: Can easily replace Apache servers without having to change existing configurations and code.
  4. Support for HTTP/3: Offers the latest network protocol for faster and more secure data transfer.

LiteSpeed’s WordPress WAF (Web Application Firewall)

LiteSpeed’s WAF is an integral part of LiteSpeed Enterprise that offers advanced security specifically designed for WordPress sites.

WAF features:

  1. Protection against Brute Force attacks: Prevents unauthorized login attempts and reduces the risk of being hacked.
  2. SQL Injection Prevention: Blocks attempts to exploit SQL vulnerabilities, which is a common method of attack against WordPress sites.
  3. Cross-Site Scripting (XSS) Defense: Prevents malicious scripts from running in users’ browsers.
  4. Protection against DDoS attacks: Helps ensure your website stays online and accessible, even during DDoS attacks.
  5. Global ReCAPTCHA on WP Admin/WP Login

Why is LiteSpeed Enterprise good for WordPress?

  1. Improved performance: The caching mechanisms optimize the loading of WordPress pages, improving both the user experience and SEO.
  2. High security: With the built-in WAF, WordPress sites are protected from a wide range of online threats.
  3. Easy integration: LiteSpeed offers a dedicated WordPress plugin that makes it easy to integrate and manage server functions directly from the WordPress dashboard.
  4. Resource efficiency: Consumes less server resources compared to traditional web servers, making it ideal for hosting multiple WordPress sites on the same server.

Overall, LiteSpeed Enterprise offers a combination of speed, security, and ease of use, making it an excellent solution for WordPress sites, especially those with high traffic or those that require robust security.

Marc Dahl Avatar
More from marc

Join the 200K websites that trust Hostious as their WordPress host