The Security extension does include the ability to blacklist username, specific email addresses, email domains, and IP addresses. (It has several other features as well.)
https://rocketgeek.com/plugins/wp-members/extensions/security-extension/
https://rocketgeek.com/product/security/
Alternatively, you can implement any custom form validation you want, including but not limited to blacklisting usernames, by using the wpmem_pre_register_data action:
https://rocketgeek.com/plugins/wp-members/docs/filter-hooks/wpmem_pre_register_data/
We are a not for profit organisation. I am coming to this plugin as we recently suffered a malware redirect attack on our site that used Ultimate Member. I am a SQL server developer by day but don’t know anything about php, so..
if ( $fields[‘my_field’] != ‘some_criteria’ ) {
$wpmem_themsg = ‘your error message…’;
would become
$badusers = array(“admin”, “webmaster”, “root”, “administrator”);
if (in_array($fields[‘username’], $badusers)) {
$wpmem_themsg = ‘Please choose an alternative username. Certain usernames are not allowed’;
That looks like it would do it.
