Block new user registration by domain or dissimilar usernames

block-user-registration.php

<?php

/**
 * Block User Registration
 *
 * Plugin Name: Block User Registration
 * Plugin URI: https://gist.github.com/afragen/178e9bb282cb95c82ac6ade5331e4ee5
 * Description: Block user registrations by criteria.
 * Version: 0.6.2
 * Author: Andy Fragen
 * Author URI: https://thefragens.com
 * License: MIT
 * Requires at least: 6.6
 * Requires PHP: 8.2
 * Gist Plugin URI: https://gist.github.com/afragen/178e9bb282cb95c82ac6ade5331e4ee5
 * Text Domain: block-user-registration
 */

namespace Fragen\Block_User_Registration;

use WP_Error;

const SIMILARITY = 30;

// Exit if accessed directly.
if (! defined('WPINC')) {
    die;
}

/**
 * Bootstrap.
 *
 * @return void
 */
function bootstrap(): void {
    add_filter('registration_errors', __NAMESPACE__ . '\\by_domain', 10, 3);
    add_filter('registration_errors', __NAMESPACE__ . '\\by_similar_text', 10, 3);
}

/**
 * Check and block user registration by email domain.
 *
 * @param WP_Error $errors               A WP_Error object containing any errors encountered
 *                                       during registration.
 * @param string   $sanitized_user_login User's username after it has been sanitized.
 * @param string   $user_email           User's email.
 *
 * @return WP_Error
 */
function by_domain($errors, $sanitized_user_login, $user_email): WP_Error {
    // Add more domains as needed.
    $blocked_domains = [
        'socialpave.com',
        'gemmasmith.co.uk',
        'deajang.store',
        'reacc.me',
        'zooms.pro',
        '.gq',
        '.sbs',
    ];

    $email_domain = substr(strrchr($user_email, "@"), 1);

    foreach ($blocked_domains as $blocked) {
        if (str_ends_with($email_domain, $blocked)) {
            $errors->add('domain_blocked', __('Registrations from your email domain are not allowed.', 'block-user-registration'));
            error_log("Blocked user registration attempt from email domain: $email_domain");
            break;
        }
    }

    return $errors;
}

/**
 * Block user registration due to dissimilar usernames.
 *
 * @param WP_Error $errors               A WP_Error object containing any errors encountered
 *                                       during registration.
 * @param string   $sanitized_user_login User's username after it has been sanitized.
 * @param string   $user_email           User's email.
 *
 * @return WP_Error
 */
function by_similar_text($errors, $sanitized_user_login, $user_email): WP_Error {
    if (! filter_var($user_email, FILTER_VALIDATE_EMAIL)) {
        $errors->add('invalid_email', __('The email address is not valid.', 'block-user-registration'));
    }

    $user = substr($user_email, 0, strrpos($user_email, '@'));
    similar_text($sanitized_user_login, $user, $percent);

    if ($percent < SIMILARITY) {
        $errors->add('dissimilar_user_blocked', __('Registrations are not allowed due to dissimilarity of user names.', 'block-user-registration'));
        error_log("Blocked user registration attempt due to dissimilarity: $user - $sanitized_user_login");
    }

    return $errors;
}

bootstrap();