Block user registration by email domain

Hi there 🙂 On a Woocommerce store I manage a lot of “” or fake accounts register as customers. I have searched for a solution but most guides I found recommend getting a plugin. I wonder if there is a custom rule I could write to block this specific email domain from opening customer accounts? “Anyone can register” is disabled. The bots specifically register as customers through Woocommerce. Thanks!

Edit: thanks everyone for the suggestions, this is super helpful!

  1. Cloudflare > firewall rules – block all traffic from Russia, and any other heavy spam countries. Also Wordfence.

  2. Another solution is to block the bots at registration. Maybe recaptcha v3 or some difficult multiple choice questions.

  3. You can add the domain to the blocked comments.

    Settings > discussion:

    “When a comment contains any of these words in its content, author name, URL, email, IP address, or browser’s user agent string, it will be held in the moderation queue. One word or IP address per line. It will match inside words, so “press” will match “WordPress”.”

    I believe Woocommerce abides by this


This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer