Registration Honeypot WordPress Plugin

A few times over the years, I’ve helped a few people out of user registration spam issues. There are existing WordPress plugins for handling this, but most folks wanted something simple that they didn’t have to deal with. I’ve also had the need for being able to block spambots from registering on some of the sites that I personally manage.

What I’ve always done to combat this is use a simple honeypot system. Basically, a hidden form field is added to the user registration page that spambots enter text into. We catch them and cut off their registration if they’ve entered text into this hidden field. Regular users don’t see this field, so they won’t enter text into it. It’s an overly simple method for catching one type of spam, but it’s useful and handles a good 99% of all spam registration issues I’ve seen.

I was looking around for similar solutions in the WordPress repository the other day and couldn’t find a plugin that done the same, at least not without extra plugin settings and other unneeded stuff. So, I packaged up the code and am now releasing it.

About the plugin

This plugin was developed for people who have open user registration on their WordPress install. If you have closed registration, you don’t need this. I also created the plugin specifically for combating a single type of spam where spambots come in and fill out form fields willy-nilly (many do).

Like many of my other plugins, I kept this one simple. There’s no settings page or any other type of thing you need to configure. It’s completely plug-n-play, so all you need to do is install, activate, and forget about user registration spam.

I wish there was a bit more I could say to make this plugin sound more exciting, but there’s not really anything more to it. It’s just a simple solution to a problem I thought I’d share.

You can grab the plugin from:


  1. nice

  2. The plugin indeed sounds exciting! I really love the no-settings-page approach. Is there a similar solution for comment forms? Comment forms are more popular in WP sites! 🙂

    1. A similar solution to this one for comments is ZigTrap. It works well, but since there’s so much comment spam, I recommend that in addition to at least another plugin like Akismet. My current favorite comment spam plugin though is Cookies for Comments, which I’ve written about.

  3. Ray

    I see a potential problem in hardcoding the input field name. The field name should ideally be randomized because bots could be instructed to not fill in your this field.

    This is more likely to happen now that this plugin is out in the wild and not strictly for use on Theme Hybrid.

Comments are closed.