Description
Tired of cleaning up fake user registrations from spam bots? KhubaibTech OTP Registration Shield is a lightweight yet powerful security plugin that adds a crucial layer of verification to your WordPress registration form.
Instead of relying on complex CAPTCHAs, this plugin requires users to prove they have access to the email address they are using. It’s a simple, user-friendly process that is incredibly effective at blocking automated spam bots.
How It Works
- A “Verification Code” field is added to your default WordPress registration form.
- The user enters their username and email, then clicks “Send Verification Code.”
- A secure one-time password (OTP) is sent to their email.
- The user enters the code to complete their registration.
This ensures that only users with valid, accessible email addresses can register, drastically reducing spam and improving the quality of your user base.
Key Features:
- Blocks Spam Bots: Stops automated scripts that create fake user accounts.
- Verifies Real Emails: Ensures that every registered user has a valid email address.
- Simple for Users: A clean, straightforward verification step.
- Lightweight & Secure: No heavy scripts or third-party dependencies. Uses secure WordPress transients and nonces.
- Customizable Email: Easily edit the email subject and body from the settings page.
- Seamless Integration: Works automatically with the default WordPress registration form.
Screenshots
The new verification field added to the WordPress registration form. 
The simple settings page for customizing the verification email.
Installation
- Upload the
khubaibtech-otp-registration-shieldfolder to the/wp-content/plugins/directory. - Activate the plugin through the ‘Plugins’ menu in WordPress.
- (Recommended) Navigate to Settings > OTP Registration Shield to customize the verification email.
- That’s it! The verification field will now be active on your registration page.
FAQ
-
Does this work with custom registration forms?
-
This version integrates with the default WordPress registration form. Integration with plugins like WooCommerce or other form builders is not supported at this time.
-
Is it secure?
-
Yes. The one-time code is stored temporarily using secure WordPress transients with a 5-minute expiration. All communication is handled via secure WordPress AJAX and verified with nonces.
-
Can I change the email that is sent?
-
Absolutely! Go to Settings > OTP Registration Shield in your admin dashboard to customize the email subject and body.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“KhubaibTech OTP Registration Shield” is open source software. The following people have contributed to this plugin.
Contributors
Translate “KhubaibTech OTP Registration Shield” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Change log
1.0.2
- SECURITY: Refactored CSS and JS to use proper
wp_enqueue_scripts,wp_add_inline_style, andwp_add_inline_scriptfunctions. - SECURITY: Replaced all instances of
_e()withesc_html_e()for secure, escaped output. - TWEAK: Reduced plugin tags to the required maximum of 5.
1.0.1
- SECURITY: Added sanitization callbacks for settings to meet wordpress.org requirements.
- ENHANCEMENT: Renamed and prefixed all functions, classes, and options for better security and to prevent conflicts.
- TWEAK: Updated plugin name and description to be more unique.
1.0.0
- Initial release.