Hi there 🙂 On a Woocommerce store I manage a lot of “rambler.ru” or fake accounts register as customers. I have searched for a solution but most guides I found recommend getting a plugin. I wonder if there is a custom rule I could write to block this specific email domain from opening customer accounts? “Anyone can register” is disabled. The bots specifically register as customers through Woocommerce. Thanks!
Edit: thanks everyone for the suggestions, this is super helpful!
Cloudflare > firewall rules – block all traffic from Russia, and any other heavy spam countries. Also Wordfence.
Another solution is to block the bots at registration. Maybe recaptcha v3 or some difficult multiple choice questions.
You can add the domain to the blocked comments.
Settings > discussion:
“When a comment contains any of these words in its content, author name, URL, email, IP address, or browser’s user agent string, it will be held in the moderation queue. One word or IP address per line. It will match inside words, so “press” will match “WordPress”.”
I believe Woocommerce abides by this
You ought to be able to hook into `registration_errors` to add in your own validation to reject email addresses that have `rambler.ru` in them.
[https://developer.wordpress.org/reference/hooks/registration_errors/](https://developer.wordpress.org/reference/hooks/registration_errors/)