Hi!
I’ve set up user registration and login with verification code on my site. I’ve noticed that I have some unwanted traffic (bots) trying to register, and while it’s not really an issue since you need a valid email address to receive the verification code and log in, the users are still being created and show up in the panel.
Is there a way to add an additional step of verifying the email address before the user account is actually created?
Cheers!
Hi, we are talking about frontend registration that you set up yourself, right?
What exactly do you want to validate? If the email actually exists, so if it has mx records set up? Then see checkdnsrr or getmxrr
You can also check SMTP ports if checking mx records doesn’t return anything useful, which might happen.
Yes, exactly! I just want to avoid having a bunch of user accounts with fake emails created. I’ll look into your suggestions, thank you Sonja!
Checking the mx records doesn’t make sense for email addresses from large providers like gmail, yahoo, or throw away emails etc. because it only checks the MX records for the hosts, of course.
Also, invalid accounts might be created using existing email addresses.
But what you could do instead is the following:
I think that’s a better approach than validating email addresses