How to Block Spam E-mail from registering on Magento2 site

Today the internet is surging with spammers who are dying to get their hands on your servers. Spammers register an account on your site to brake into your system as it is a relatively easy way for amateur. It is one of the key parts of their spamming strategy. We cannot stress enough the importance of identifying spam domains and blocking them in advance because whether human or a bot machines, spammers would normally be using an email spam domain. You need to integrate your web store with additional anti-spam protection making definite email domains and zones blocked. If you allow your customers to use guest checkout, don’t forget it is hassle-free for spammers or hackers.

With Restrict Domain Registration feature you can block users from registering for accounts using email addresses from certain domains. This feature is useful for blocking spam and bots from logging into your website and it will effectively increase the security of the store. You can easily put the domains to block and set the error message to be displayed when a user attempts to register with an email domain on your block list. Full instructions are as follows –

The coding starts here…

Create a new module with a name EmailCheck in the folder Ecomsolver

Step – 1  Write the following code at admin panel. Path of the file will be – Ecomsolver >EmailCheck > etc > Adminhtml > System

1. <?xml version="1.0"?>
2. <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Config:etc/system_file.xsd">
3. <system>
4. <tab id="ecomsolver" translate="label" sortOrder="999">
5. <label>Ecomsolver</label>
6. </tab>
7. <section id="emailblock" translate="label" sortOrder="130" showInDefault="1" showInWebsite="1" showInStore="1">
8. <class>separator-top</class>
9. <label>Email Check</label>
10. <tab>ecomsolver</tab>
11. <resource>PixieMedia_General::general_config</resource>
12. <group id="domains" translate="label" type="text" sortOrder="10" showInDefault="1" showInWebsite="1" showInStore="1">
13. <label>Domain Names</label>
15. <field id="domains" translate="label" type="textarea" sortOrder="1" showInDefault="1" showInWebsite="1" showInStore="1">
16. <label>Domain names to block</label>
17. <comment>Comma separated values eg google.co.uk,mail.ru,some.com</comment>
18. </field>
19. <field id="message" translate="label" type="textarea" sortOrder="1" showInDefault="1" showInWebsite="1" showInStore="1">
20. <label>Message to display</label>
21. <comment>The error message to show users who try to register with one of the above domain names</comment>
22. </field>
23. </group>
24. </section>
25. </system>
26. </config>

Step – 2 Write the following code in a file. Path of the file will be – Ecomsolver >EmailCheck > etc > Frontend > di

1. <?xml version="1.0"?>
2. <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
3. xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
5. <type name="Magento\Customer\Controller\Account\CreatePost">
6. <plugin name="restrictCustomerEmail"
7. type="Ecomsolver\Emailcheck\Model\Plugin\Controller\Account\RestrictCustomerEmail"/>
8. </type>
9. </config>

Step – 3 Write the following code in XML file with name Config. Path of the file will be – Ecomsolver >EmailCheck > etc > Config

1. <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
2. xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Store:etc/config.xsd">
3. <default>
4. <emailblock>
5. <domains>
6. <domains>163.com,mail.ru</domains>
7. </domains>
8. <message>
9. <domains>We do not allow registration from your email domain</domains>
10. </message>
11. </emailblock>
12. </default>
13. </config>

Step – 4 Write the following code in XML file with name Module. Path of the file will be – Ecomsolver >EmailCheck > etc > Module

1. <config xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance xsi:noNamespaceSchemaLocation="../../../../../lib/internal/Magento/Framework/Module/etc/module.xsd">
2. <module name="Ecomsolver_Emailcheck" setup_version="1.0.0">
3. </module>
4. </config>

Step – 5  Create the folder name Model in EmailCheck. Then create subfolder Plugin > Controller > Account. Write the following code in php file with name RestrictCustomerEmail. Path of the php file will be – Ecomsolver >EmailCheck > Plugin > Controller > Account > RestrictCustomerEmail

1. /* Ecomsolver @@@@@@ ecomsolver@gmail.com */
2. namespace Ecomsolver\Emailcheck\Model\Plugin\Controller\Account;
3. use Magento\Framework\Controller\Result\RedirectFactory;
4. use Magento\Framework\UrlFactory;
5. use Magento\Framework\Message\ManagerInterface;
6. use Magento\Framework\App\Config\ScopeConfigInterface;
8. class RestrictCustomerEmail
9. {
10. /** @var \Magento\Framework\UrlInterface */
11. protected $urlModel;
12. /**
13. * @var \Magento\Framework\Controller\Result\RedirectFactory
14. */
15. protected $resultRedirectFactory;
17. /**
18. * @var \Magento\Framework\Message\ManagerInterface
19. */
20. protected $messageManager;
21. /**
22. * RestrictCustomerEmail constructor.
23. * @param UrlFactory $urlFactory
24. * @param RedirectFactory $redirectFactory
25. * @param ManagerInterface $messageManager
26. */
27. public function __construct(
28. UrlFactory $urlFactory,
29. RedirectFactory $redirectFactory,
30. ManagerInterface $messageManager,
31. ScopeConfigInterface $scopeConfig
32. )
33. {
34. $this->urlModel = $urlFactory->create();
35. $this->resultRedirectFactory = $redirectFactory;
36. $this->messageManager = $messageManager;
37. $this->scopeConfig = $scopeConfig;
38. }
39. /**
40. * @param \Magento\Customer\Controller\Account\CreatePost $subject
41. * @param \Closure $proceed
42. * @return mixed
43. * @throws \Magento\Framework\Exception\LocalizedException
44. */
45. public function aroundExecute(
46. \Magento\Customer\Controller\Account\CreatePost $subject,
47. \Closure $proceed
48. )
49. {
50. /** @var \Magento\Framework\App\RequestInterface $request */
51. $email = $subject->getRequest()->getParam('email');
52. list($nick, $domain) = explode('@', $email, 2);
53. $domains = $this->scopeConfig->getValue('emailblock/domains/domains', \Magento\Store\Model\ScopeInterface::SCOPE_STORE);
54. if(!$domains) {
55. return $proceed;
56. }
57. $domainArray = array_map('trim', explode(',', $domains));
58. if(count($domainArray) < 1) {
59. return $proceed;
60. }
61. if (in_array($domain, $domainArray, true)) {
62. $message = $this->scopeConfig->getValue('emailblock/domains/message', \Magento\Store\Model\ScopeInterface::SCOPE_STORE);
63. if(!$message) { $message = __('We do not allow registration from your email domain'); }
64. $this->messageManager->addErrorMessage($message);
65. $defaultUrl = $this->urlModel->getUrl('*/*/create', ['_secure' => true]);
66. /** @var \Magento\Framework\Controller\Result\Redirect $resultRedirect */
67. $resultRedirect = $this->resultRedirectFactory->create();
68. return $resultRedirect->setUrl($defaultUrl);
69. }
70. return $proceed();
71. }
72. }

Using this module you can block registration from certain domains and make your security level higher. Spammers and fraudulent orders can cause sturdy damage to your store; hence it will result in bad reputation. If you have any queries or feedback, then feel free to drop us a line.  Ecomsolver is a company promoted by a group of highly experienced professionals. Specialize in providing top-notch web solutions through innovation and use of latest technology.

In Our Previous Blogs:-

• Why choose WordPress for your website?
• How to create Custom Field on checkout page in Magento 2
• How to show x-left in configurable product in Magento 2
• Why to choose Shopify for your ecommerce store?
• Advantages of Magento e-Commerce Development