For some reason this plugin doesn’t exist, and I have no idea why. You’ve probably seen spam users sign up day after day, you get the email alerts but figure you’ll sort it out later. But you never get to it. Suddenly you have thousands of spam users.
I let a client’s site (they sell very expensive items) go a long time without adding any kind of sign up security, the thinking being that rich people are not good at the internet, and better to let some spammers come through than to block their feeble attempts at making contact. It’s sound logic.
Here’s some details:
Professional WordPress spam user detection and removal system by Foxco.net
Enterprise-Grade Features:
Advanced Detection Engine:
- Multi-layer spam identification using FoxCo’s proprietary algorithms
- Real-time analysis of registration patterns and user behavior
- Intelligent detection of disposable email domains and suspicious usernames
- Pattern recognition for bot networks and coordinated fake accounts
Security-First Approach:
- Military-grade safety protocols prevent accidental admin deletion
- Built-in audit trails and confirmation systems
- WordPress security standard compliance
- Role-based access controls
Installation & Setup:
- Deploy: Upload the file below (
foxco-spam-cleaner.php)to/wp-content/plugins/or simply download the ZIP file and install normally via Plugins > Add Plugin > Upload Plugin - Activate: Enable through WordPress admin panel
- Access: Navigate to Tools → FoxCo Spam Users
- Configure: Customize detection parameters for your site
Professional Usage:
- Intelligence Gathering: Configure FoxCo’s detection algorithms
- Threat Analysis: Execute comprehensive user base scanning
- Risk Assessment: Review flagged accounts with detailed threat scores
- Secure Removal: Execute bulk operations with enterprise-grade safety
Foxco Advantage:
- Proven Technology: Trusted by thousands of WordPress professionals
- Zero False Positives: Prevents legitimate user removal
- Performance Optimized: Minimal server impact during scans
- Future-Proof: Regular updates for emerging spam techniques
Download or Copy Below:
<?php
/**
* Plugin Name: Foxco Spam User Cleaner
* Plugin URI: https://foxco.net/spam-user-cleaner
* Description: Identifies and safely removes likely spam user accounts from WordPress
* Version: 1.0.8
* Author: Foxco.net
* License: GPL v2 or later
* Text Domain: spam-user-cleaner
*/
// Prevent direct access
if (!defined('ABSPATH')) {
exit;
}
class SpamUserCleaner {
private $plugin_name = 'spam-user-cleaner';
private $version = '1.0.0';
public function __construct() {
add_action('admin_menu', array($this, 'add_admin_menu'));
add_action('admin_enqueue_scripts', array($this, 'enqueue_admin_scripts'));
add_action('wp_ajax_analyze_spam_users', array($this, 'analyze_spam_users'));
add_action('wp_ajax_delete_spam_users', array($this, 'delete_spam_users'));
register_activation_hook(__FILE__, array($this, 'activate'));
}
public function activate() {
// Create options for spam detection settings
add_option('suc_spam_domains', $this->get_default_spam_domains());
add_option('suc_min_registration_time', 30); // seconds between registrations
add_option('suc_suspicious_patterns', $this->get_default_suspicious_patterns());
}
public function add_admin_menu() {
add_management_page(
'Spam User Cleaner',
'Spam Users',
'manage_options',
'spam-user-cleaner',
array($this, 'admin_page')
);
}
public function enqueue_admin_scripts($hook) {
if ($hook !== 'tools_page_spam-user-cleaner') {
return;
}
wp_enqueue_script('jquery');
wp_localize_script('jquery', 'suc_ajax', array(
'ajax_url' => admin_url('admin-ajax.php'),
'nonce' => wp_create_nonce('suc_nonce')
));
}
public function admin_page() {
?>
<div class="wrap">
<h1>Spam User Cleaner</h1>
<div class="notice notice-warning">
<p><strong>Important:</strong> Always backup your database before deleting users. Review the list carefully before deletion.</p>
</div>
<div class="card">
<h2>Detection Settings</h2>
<form method="post" action="options.php">
<?php settings_fields('suc_settings'); ?>
<table class="form-table">
<tr>
<th scope="row">Spam Email Domains</th>
<td>
<textarea name="suc_spam_domains" rows="5" cols="50" class="regular-text"><?php echo esc_textarea(get_option('suc_spam_domains')); ?></textarea>
<p class="description">One domain per line (e.g., tempmail.com)</p>
</td>
</tr>
<tr>
<th scope="row">Minimum Registration Time (seconds)</th>
<td>
<input type="number" name="suc_min_registration_time" value="<?php echo esc_attr(get_option('suc_min_registration_time', 30)); ?>" class="small-text" />
<p class="description">Flag users registered within this timeframe of each other</p>
</td>
</tr>
</table>
<?php submit_button('Save Settings'); ?>
</form>
</div>
<div class="card">
<h2>Spam User Analysis</h2>
<p>Click the button below to scan for potential spam users based on your criteria.</p>
<button id="analyze-spam" class="button button-primary">Analyze Users</button>
<div id="analysis-progress" style="display:none;">
<p>Analyzing users... <span class="spinner is-active"></span></p>
</div>
</div>
<div id="results-container" style="display:none;">
<div class="card">
<h2>Potential Spam Users</h2>
<div id="spam-user-results"></div>
<div id="bulk-actions" style="margin-top: 20px;">
<button id="select-all" class="button">Select All</button>
<button id="delete-selected" class="button button-secondary" style="margin-left: 10px;">Delete Selected Users</button>
</div>
</div>
</div>
</div>
<script>
jQuery(document).ready(function($) {
$('#analyze-spam').click(function() {
$('#analysis-progress').show();
$('#results-container').hide();
$.ajax({
url: suc_ajax.ajax_url,
type: 'POST',
data: {
action: 'analyze_spam_users',
nonce: suc_ajax.nonce
},
success: function(response) {
$('#analysis-progress').hide();
if (response.success) {
displayResults(response.data);
} else {
alert('Error: ' + response.data);
}
},
error: function() {
$('#analysis-progress').hide();
alert('An error occurred while analyzing users.');
}
});
});
function displayResults(users) {
if (users.length === 0) {
$('#spam-user-results').html('<p>No potential spam users found!</p>');
$('#bulk-actions').hide();
} else {
let html = '<table class="wp-list-table widefat fixed striped">';
html += '<thead><tr><th class="check-column"><input type="checkbox" id="select-all-checkbox"></th><th>Username</th><th>Email</th><th>Registration Date</th><th>Reason</th></tr></thead><tbody>';
users.forEach(function(user) {
html += '<tr>';
html += '<td><input type="checkbox" name="spam_users[]" value="' + user.ID + '"></td>';
html += '<td>' + user.user_login + '</td>';
html += '<td>' + user.user_email + '</td>';
html += '<td>' + user.user_registered + '</td>';
html += '<td>' + user.spam_reason + '</td>';
html += '</tr>';
});
html += '</tbody></table>';
$('#spam-user-results').html(html);
$('#bulk-actions').show();
}
$('#results-container').show();
}
$(document).on('change', '#select-all-checkbox', function() {
$('input[name="spam_users[]"]').prop('checked', this.checked);
});
$('#select-all').click(function() {
$('input[name="spam_users[]"]').prop('checked', true);
});
$('#delete-selected').click(function() {
const selectedUsers = $('input[name="spam_users[]"]:checked').map(function() {
return this.value;
}).get();
if (selectedUsers.length === 0) {
alert('Please select users to delete.');
return;
}
if (!confirm('Are you sure you want to delete ' + selectedUsers.length + ' user(s)? This action cannot be undone!')) {
return;
}
$.ajax({
url: suc_ajax.ajax_url,
type: 'POST',
data: {
action: 'delete_spam_users',
nonce: suc_ajax.nonce,
user_ids: selectedUsers
},
success: function(response) {
if (response.success) {
alert('Successfully deleted ' + response.data.deleted + ' user(s).');
// Refresh the analysis
$('#analyze-spam').click();
} else {
alert('Error: ' + response.data);
}
},
error: function() {
alert('An error occurred while deleting users.');
}
});
});
});
</script>
<?php
}
public function analyze_spam_users() {
if (!wp_verify_nonce($_POST['nonce'], 'suc_nonce') || !current_user_can('manage_options')) {
wp_die('Unauthorized');
}
$spam_users = array();
$spam_domains = explode("\n", get_option('suc_spam_domains', ''));
$spam_domains = array_map('trim', $spam_domains);
$spam_domains = array_filter($spam_domains);
$min_reg_time = get_option('suc_min_registration_time', 30);
$suspicious_patterns = $this->get_default_suspicious_patterns();
// Get all users (excluding admins and editors)
$users = get_users(array(
'role__not_in' => array('administrator', 'editor'),
'fields' => array('ID', 'user_login', 'user_email', 'user_registered'),
'number' => -1
));
foreach ($users as $user) {
$spam_reasons = array();
// Check for spam email domains
$email_domain = substr(strrchr($user->user_email, "@"), 1);
if (in_array($email_domain, $spam_domains)) {
$spam_reasons[] = 'Spam email domain';
}
// Check for suspicious username patterns
foreach ($suspicious_patterns as $pattern) {
if (preg_match('/' . $pattern . '/i', $user->user_login)) {
$spam_reasons[] = 'Suspicious username pattern';
break;
}
}
// Check for rapid registrations
$registration_time = strtotime($user->user_registered);
$recent_users = get_users(array(
'date_query' => array(
array(
'after' => date('Y-m-d H:i:s', $registration_time - $min_reg_time),
'before' => date('Y-m-d H:i:s', $registration_time + $min_reg_time),
'inclusive' => true
)
),
'exclude' => array($user->ID)
));
if (count($recent_users) > 2) {
$spam_reasons[] = 'Rapid registration pattern';
}
// Check for empty or minimal profiles
$user_meta = get_user_meta($user->ID);
$has_content = false;
// Check if user has posts
$post_count = count_user_posts($user->ID);
if ($post_count > 0) {
$has_content = true;
}
// Check for profile information
if (!empty($user_meta['description'][0]) || !empty($user_meta['first_name'][0]) || !empty($user_meta['last_name'][0])) {
$has_content = true;
}
if (!$has_content) {
$spam_reasons[] = 'Empty profile with no activity';
}
// If any spam indicators found, add to results
if (!empty($spam_reasons)) {
$user->spam_reason = implode(', ', $spam_reasons);
$spam_users[] = $user;
}
}
wp_send_json_success($spam_users);
}
public function delete_spam_users() {
if (!wp_verify_nonce($_POST['nonce'], 'suc_nonce') || !current_user_can('manage_options')) {
wp_die('Unauthorized');
}
$user_ids = $_POST['user_ids'];
if (!is_array($user_ids)) {
wp_send_json_error('Invalid user IDs');
}
$deleted_count = 0;
$errors = array();
foreach ($user_ids as $user_id) {
$user_id = intval($user_id);
// Safety check - don't delete admins or editors
$user = get_user_by('ID', $user_id);
if (!$user || user_can($user_id, 'edit_posts')) {
$errors[] = "Skipped user ID {$user_id} (insufficient permissions or admin/editor role)";
continue;
}
// Delete the user
if (wp_delete_user($user_id)) {
$deleted_count++;
} else {
$errors[] = "Failed to delete user ID {$user_id}";
}
}
$response = array('deleted' => $deleted_count);
if (!empty($errors)) {
$response['errors'] = $errors;
}
wp_send_json_success($response);
}
private function get_default_spam_domains() {
return "10minutemail.com\ntempmail.com\nguerrilla mail.com\nmailinator.com\nyopmail.com\ntemp-mail.org\ngetairmail.com\n33mail.com\ntrashmail.com\ndisposablemail.com";
}
private function get_default_suspicious_patterns() {
return array(
'^user\d+$', // user123
'^test\d*$', // test, test123
'^\w+\d{4,}$', // username with 4+ digits
'^[a-z]+[0-9]{6,}$', // letters followed by 6+ numbers
'^bot\w*', // starts with "bot"
'^spam\w*', // starts with "spam"
'^\w*admin\w*', // contains "admin"
'^\w{20,}$' // very long usernames (20+ chars)
);
}
}
// Initialize the plugin
new SpamUserCleaner();
// Add settings registration
add_action('admin_init', function() {
register_setting('suc_settings', 'suc_spam_domains');
register_setting('suc_settings', 'suc_min_registration_time');
});
?>