Four years ago today, GD Security Toolbox Pro, version 1.0 was released. And, today, we are celebrating the fourth birthday with the very important version 2.5 bringing a lot of new features related to registration control and antispam filters.

Two major issues any website with open registration faces is the spam registration and spam comments or other submissions. Bots use spam registration accounts as a way to post more spam comments because website often allows no moderation of comments for registered users. And, the bots registering the spam accounts use a wide range of generated usernames, the unlimited pool of domains for emails and it can be very tough to sort all that out, and later remove these accounts.

Email domain registration filters

GD Security Toolbox Pro had a lot of registration filters made to prevent spam registration, and over the past year, I have been gathering data about everything plugin stops, and everything that was not stopped. And, all that leads to a huge update to the registration control methods plugin has.

Email domain DNS records filters

The new measures for stopping spam registration include:

  • Check if the email domain TLD is valid. Plugin updates the list of all available TLD’s every week to stay up to date.
  • Check if the email domain is on the disposable email domains list. This will prevent users to register with a disposable email that works for a few minutes or a few hours.
  • Check if the email domain includes a subdomain. This is one of the most obvious spam flags because normal emails are domain-based, and when the email is located on a subdomain, that is a red flag. There are some valid cases to have subdomain emails related to education, government and academy TLD’s and they will be allowed.
  • Check if the email domain has proper DNS records. This is run as the last filter because it depends on running an online query to get domain records from the DNS server. But, this will reveal a lot of about the email domain and will stop domains with incomplete A or MX records, or domains that have MX record point to disposable domains.

The best thing about this control is that if a bot is persistent, trying to registers and fail, you can ban the bot IP and stop it from coming to the website.

And, the Antispam filters for comments, trackbacks, bbPress topics, and replies and GravityForms have been expanded to include TLD validity check, disposable email check, and email domain subdomain checks. Other changes in this version include updates to events log, improvements to integrity scanner, CSP and more. There are several bugs also fixed.

And, the next few versions of the plugin will expand on some of these features to make the process better, and stop a lot more spam registration and spam posting.

To see the list of all the changes in this version, please check out the changelog. If you find any issues with the new version, please, report them in the support forums.

Please wait...

About the author

MillaN
MillaN
Dev4Press owner and lead developer

Programmer since the age of 12 and WordPress developer since 2008 as freelancer and author of more than 200 plugins and more than 20 themes.

Learn More

GD Security Toolbox Pro
A collection of many security related tools for .htaccess hardening with security events log, ReCaptcha, firewall, and tweaks collection, login and registration control and more.
Namecheap - Buy a Domain and create your pro web presence

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Newsletter

Subscribe to get all the latest news and promotions.

Subscribe We will not send you any spam. Newsletters are sent 2 to 4 times every month.