[WordPress] 外掛分享： JP User Registration Blacklist

內容簡介

JP User Registration Blacklist 是一款輕量的 WordPress 註冊防護外掛，透過 IP 與電子郵件黑名單比對、數學驗證問題及電子郵件驗證碼三重機制，有效阻擋機器人與垃圾註冊，無需繁瑣設定即可運作。

【主要功能】
• 依據討論設定中的黑名單封鎖特定 IP 或電子郵件註冊
• 註冊時要求使用者解答簡單數學加法題以阻擋機器人
• 透過電子郵件發送四位數驗證碼確認身分
• 自動將使用者註冊時的 IP 位址記錄於「網站」欄位
• 免設定即可使用，啟用後立即生效
• 可自訂數學種子值與表單欄位名稱，定期更換提升安全性

外掛標籤

開發者團隊

原文外掛簡介

Update: 6/2015
Changed e-mail token and math problem confirmation logic. Previously, everything happened all at once, and the user would get prompted mutliple times for the math problem.
Now, the user must answer the math problem first, before the e-mail token is sent. Once the math problem is correctly answered within the session, it isn’t asked again. The user must now enter the correct token, which results in successful registration.
SPECIAL THANKS TO OLEG M. FOR HELPING ME IDENTIFY, FIX, AND TEST THE ERROR!!
Update: 5/2015
Added E-mail confirmation token. Prevents registration until user enters a token sent via e-mail.
Features:

Prevent users from registering, if their IP or e-mail address is listed in the “Comments” blacklist (Settings..Discussion)
E-mails user a 4-digit token, and requires the user to enter the token in order to register.
Users must solve a simple math problem (Add two one-digit numbers).
Places user IP address in “Website” field.

This is a super-simple user registration spam countermeasure. I searched for a plugin that was SIMPLE and EFFECTIVE. I looked at quite a few plugins that promised the desired effect, but were either cumbersome, or included too many unneeded or unwanted features. Likewise, there are some very simple plugins that are less-than-effective.
This plugin is VERY simple:
If the user’s IP or e-mail address is listed in the “Discussion” comments blacklist, it prevents the user from registering. This functionality should really be built in to WordPress, so, you’re welcome.
When the user registers, they are presented with a simple math problem – adding a 3-digit number to a 1-digit number. 99% of the “user reg spam” is based on bots being able to attack the basic WordPress registration form. By adding even a simple math problem, most bots will fail, removing your site as a target of opportunity. Criminals go after what’s easy – if you make it slightly more difficult for them, they will go after someone else.
Once the user solves the math problem, they are sent a 4 digit token via e-mail, and must enter that token to continue registration.
Finally, knowing the location from where your users register allows you to more effectively evaluate and block the source. This plugin adds the user’s IP address (at the time of registration) to the “Website” field.
Go to http://whois.arin.net to find out who they are. If you decide to block the IP, add the IP address, part of the IP address, or e-mail domain to the “Discussion” comments blacklist, and ANY user registrations from an IP address matching that pattern will be blocked.
Configuration
To Configure the Plugin:
NOTE: NO CONFIGURATION IS REQUIRED. This plugin is fully-functional using the default values.
In the Plugins page, click “Settings” underneath the “JP User Registration Blacklist” plugin.

Seed: This value determines how the answer to the math problem is masked. Periodically change this, to keep the spammers and criminals at bay. The initial value is randomly-generated.

Failed Math Response: Error message displayed to the user, if they fail to correctly solve the math problem.

Rejected IP or E-mail: Error message displayed to the user, if their IP or e-mail is blocked. Keep this simple and generic, to keep them from knowing why they are being blocked.

Form field name for math problem: This field name contains the user’s answer to the math problem. Periodically change this, to keep the bots away. The initial value is randomly-generated.

To Block an IP address

In the WordPress Dashboard, go to “Settings…Discuss”
To block all or part of an IP address, add it on its own line to “Comments Blacklist”
To block all or part of an e-mail address, add it on its own line to “Comments Blacklist”
Click “Save”
(For more details, see Examples)

延伸相關外掛

Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership PluginUltimate Member 是一款強大的 WordPress 使用者資料與會員外...Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePressProfilePress 是一款功能全面的 WordPress 會員與電子商務外...Paid Memberships Pro – Content Restriction, User Registration, & Paid SubscriptionsPaid Memberships Pro 是 WordPress 上最完整的會員網站解決...User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login BuilderUser Registration & Membership 外掛提供完整的會員管理...User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role EditorProfile Builder 是一款全方位的 WordPress 用戶資料與註冊外...User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User RegistrationUser Frontend 是一款強大的外掛，提供 AI 驅動的前端文章提...UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WPUsersWP 是一款輕量級且 100% 安全的 WordPress 用戶註冊、登...New User ApproveNew User Approve 是一款強大的 WordPress 用戶審核外掛，幫...WP User Manager – User Profile Builder & MembershipWP User Manager 是一款高度自訂化的 WordPress 會員管理外掛...RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User LoginRegistrationMagic 是一款強大的 WordPress 用戶註冊外掛，提...ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signupARMember – WordPress 最佳評價會員外掛 想像一下，有一個免...User Meta – User Profile Builder and User management plugin使用者在 WordPress 前端登入、重設密碼、更新個人檔案，以及...Pie Register – User Registration, Profiles & Content RestrictionPie Register 是一款使用者註冊與內容限制外掛，讓你無需撰寫...Dynamic User Directory這款輕量級但功能強大且功能豐富的外掛程式創建了一個用戶目...Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions (UGC)這是一個簡單的拖放式表單構建器，並且有現成的表單範本，只...