Title: UserCheck
Author: UserCheck
Published: Атырдьах ыйа 25, 2024
Last modified: Ыам ыйа 18, 2026
---
Search plugins
# UserCheck
By [UserCheck](https://profiles.wordpress.org/usercheck/)
[Download](https://downloads.wordpress.org/plugin/usercheck.0.3.0.zip)
* [Details](https://sah.wordpress.org/plugins/usercheck/#description)
* [Reviews](https://sah.wordpress.org/plugins/usercheck/#reviews)
* [Installation](https://sah.wordpress.org/plugins/usercheck/#installation)
* [Development](https://sah.wordpress.org/plugins/usercheck/#developers)
[Support](https://wordpress.org/support/plugin/usercheck/)
## Description
UserCheck blocks disposable and throwaway email addresses from your sign-up forms.
The result: less spam, fewer fake accounts, and a cleaner user base.
#### Supported plugins
If you’re using any of these, UserCheck protects them automatically — nothing to
configure:
* WordPress core (registration, comments, multisite signup, profile email change)
* WooCommerce (classic checkout, Cart/Checkout Block, account registration, Edit-
account email change)
* Profile Builder (free + Pro)
* Contact Form 7
* WPForms
* Elementor Pro Forms
* Gravity Forms
* Fluent Forms
* Ninja Forms
* Formidable Forms
* MailPoet
#### Fallback for unsupported plugins
For plugins without a built-in integration, a fallback check catches sign-ups from
any other form on your site. It only runs when someone submits a form, so it won’t
slow down your dashboard or background tasks. You can turn it off under Settings
UserCheck Coverage.
#### Choose what to block
Pick which kinds of email addresses get blocked: domains that can’t receive email,
disposable addresses, public providers (Gmail, Yahoo, etc.), forwarding services
that hide the real address, and known spammers. Domains on your UserCheck account
blocklist are always blocked.
#### Lightweight by design
Emails are checked only when users submit a form (registration, comment, checkout)—
never re-checked for existing users or orders. No background scans, no surprises.
#### Resilient by design
If our service is ever down or slow, your site keeps working: sign-ups go through
and the error is logged for review. Each request times out after 2 seconds, so an
unresponsive API can’t hold up your forms.
#### Full email or domain only
Send the full email (more accurate) or just the domain.
#### Extensible
Developers can plug UserCheck into any plugin’s validation hook by calling `UserCheck::
instance()->evaluate_email( $email )` and acting on the returned `action`, `reason`,
and `message`.
#### Translation ready
All text in the plugin can be translated into any language.
#### Works out of the box
No configuration required. A free API key unlocks higher request limits.
Powered by [UserCheck](https://www.usercheck.com), which tracks new disposable email
providers as they appear so your site’s protection stays current.
### Privacy Policy
The plugin sends the email address (or just its domain, depending on your settings)
to the UserCheck API for validation. The request User-Agent identifies the plugin
version, WordPress version, site URL, and which integration triggered the check (
e.g. `wp_registration`, `wc_checkout`, or `fallback_is_email/` when
the fallback fires for an unsupported plugin). No other end-user data is sent. For
more information on how UserCheck handles data, please visit [https://www.usercheck.com/privacy](https://www.usercheck.com/privacy).
## Installation
1. Upload the `usercheck` folder to the `/wp-content/plugins/` directory
2. Activate the plugin through the ‘Plugins’ menu in WordPress
3. (Optional) Go to Settings > UserCheck to enter your API key for increased limits
## FAQ
### Do I need an API key to use this plugin?
No, an API key is not required to use this plugin. It works out of the box with
a limit of 30 requests per hour. However, if you need higher limits, you can obtain
a free API key by signing up at [https://app.usercheck.com/](https://app.usercheck.com/).
### What happens if the UserCheck API is unavailable?
Sign-ups continue to go through and the error is logged for your reference. Your
forms keep working even when our service has issues.
### How can I increase the request limit?
To increase the request limit beyond 30 per hour, you can obtain an API key from
UserCheck. Once you have the key, go to the UserCheck settings in your WordPress
admin panel and enter the key there.
### How can I customize the message users see when their email is blocked?
Add a filter in a mu-plugin or your theme’s `functions.php`:
```
add_filter( 'usercheck_block_message', function ( $message, $signal, $email ) {
if ( $signal === 'disposable' ) {
return 'Please use a permanent email address.';
}
return $message;
}, 10, 3 );
$signal is one of `blocklisted`, `mx`, `disposable`, `public_domain`, `relay_domain`, `spam`. `$email` is the address being evaluated. Return the (possibly modified) message.
```
## Reviews
### [Valuable plugin to block disposable email domains](https://wordpress.org/support/topic/valuable-plugin-to-block-disposable-email-domains/)
[Greg James](https://profiles.wordpress.org/gregdevwp/) Сэтинньи 28, 2024
Was getting a lot of temp email signups that were reducing my email deliverability
because they were toxic domains. Easy integration. Saves me some email credits with
my ESP.
[ Read all 1 review ](https://wordpress.org/support/plugin/usercheck/reviews/)
## Contributors & Developers
“UserCheck” is open source software. The following people have contributed to this
plugin.
Contributors
* [ UserCheck ](https://profiles.wordpress.org/usercheck/)
[Translate “UserCheck” into your language.](https://translate.wordpress.org/projects/wp-plugins/usercheck)
### Interested in development?
[Browse the code](https://plugins.trac.wordpress.org/browser/usercheck/), check
out the [SVN repository](https://plugins.svn.wordpress.org/usercheck/), or subscribe
to the [development log](https://plugins.trac.wordpress.org/log/usercheck/) by [RSS](https://plugins.trac.wordpress.org/log/usercheck/?limit=100&mode=stop_on_copy&format=rss).
## Changelog
#### 0.3.0
**Added**
— Cache successful UserCheck API responses for 1 hour. Repeat lookups
for the same email (or domain, in domain mode) skip the network call. Drops API
traffic by orders of magnitude on busy sites. — “Clear cache” button under Settings
UserCheck Cache for manual invalidation between TTLs.
**Changed**
— `UserCheck::evaluate_email()` no longer keeps a per-request verdict
memo; the new response cache replaces it.
#### 0.2.1
**Added**
— The HTTP User-Agent on UserCheck API requests now includes an `integration
=` token identifying which signup surface triggered the check (e.g. `wp_registration`,`
wc_checkout`, `pb_registration`, `fallback_is_email`). Lets the UserCheck team see
traffic-mix per integration. No end-user data is added to the UA. See Privacy Policy.—
When the `is_email()` fallback fires, the UA reports the unsupported plugin that
called `is_email()` as `integration=fallback_is_email/` — helps prioritize
which plugins need native integrations next. Plain `fallback_is_email` is reported
when no plugin caller can be identified (themes, mu-plugins, WP core, custom code).
Disable the fallback under Settings UserCheck Coverage to opt out. — `evaluate_email()`
gained an optional second argument `$source` for third-party callers that want their
integration attributed in the UA. Calls using the prior single-argument shape are
unchanged.
#### 0.2.0
**Changed**
— Replaced the global `is_email` filter with surface-specific hooks.
The plugin now only checks emails when users submit them (registration, comments,
WooCommerce checkout/account creation) and no longer re-validates existing users
or orders. Fixes 502 errors on order pages caused by repeated synchronous API calls.—
Reduced API request timeout from the WordPress default (5s) to 2s.
**Added**
— Settings to choose which signals block sign-ups (invalid MX, disposable,
public email providers, relay/forwarding, spam). — Domains on your custom UserCheck
blocklist are always blocked when present — no opt-in needed. — Settings to choose
whether to send the full email (more accurate) or just the domain (cheaper). New
installs default to full-email; upgrades from 0.1.x keep domain-only. — WooCommerce
integrations (auto-enabled when WooCommerce is active): classic checkout (`woocommerce_after_checkout_validation`),
Cart/Checkout Block (`woocommerce_store_api_checkout_order_processed`), account
registration, and Edit-account email change (`woocommerce_save_account_details_errors`).—
Profile Builder (free + Pro) registration integration (auto-enabled when Profile
Builder is active). — Multisite signup integration. — Contact Form 7 integration(
auto-enabled when CF7 is active). Hooks `wpcf7_validate_email` and `wpcf7_validate_email*`.—
WPForms integration (auto-enabled when WPForms is active). Hooks `wpforms_process_validate_email`.—
Elementor Pro Forms integration (auto-enabled when Elementor Pro is active). Hooks`
elementor_pro/forms/validation/email`. — Gravity Forms integration (auto-enabled
when GF is active). Hooks `gform_field_validation` for email-type fields. — Fluent
Forms integration (auto-enabled when Fluent is active). Hooks `fluentform/validate_input_item_input_email`.—
Ninja Forms integration (auto-enabled when NF is active). Hooks `ninja_forms_submit_data`
and walks email-type fields. — Formidable Forms integration (auto-enabled when Formidable
is active). Hooks `frm_validate_field_entry` (covers fields inside repeater rows).—
MailPoet integration (auto-enabled when MailPoet is active). Hooks `mailpoet_subscription_before_subscribe`.—
Registry-driven integration loader: built-in integrations live in `UserCheck::integrations_registry()`
and are wired automatically when their host plugin is detected. — Public extension
API: developers can call `UserCheck::instance()->evaluate_email( $email )` from
any hook to integrate UserCheck with plugins that don’t have a built-in or aren’t
covered by the `is_email()` fallback. Returns `array{action, reason, message}` with`
action` being `allow` or `block`. — `usercheck_block_message` filter so developers
can override the user-facing block message per signal. See the FAQ for a usage example.—`
is_email()` fallback for plugins without a native integration (Settings UserCheck
Coverage). On by default — preserves the unconditional `is_email` coverage that
existed pre-0.2.0; opt out from the Coverage section. Covers front-end submissions
including AJAX (wpDiscuz, AJAX-submitted CF7/Elementor) and REST; admin page-loads,
cron, and WP-CLI are excluded so the v0.1 502 regression on WC order pages stays
fixed. — WP profile email-change coverage (`user_profile_update_errors`) and REST
comment submission coverage (`rest_pre_insert_comment`). — Per-request deduplication:
the same email evaluated multiple times in one request now triggers a single API
call. — Existing API keys are migrated automatically to the new settings format.
#### 0.1.1
**Fixed**
— Skip validation for WordPress system emails
#### 0.1.0
**Added**
— Error logging system with retention and pagination — API key validation
on settings update — Rate limit error handling (429 response)
**Changed**
— Reduced unauthenticated API request limit from 60 to 30 requests
per hour — Improved error handling and validation for API responses
**Fixed**
— Added proper error handling for API failures
#### 0.0.1
* Initial release
## Meta
* Version **0.3.0**
* Last updated **2 хонук ago**
* Active installations **100+**
* WordPress version ** 6.0 or higher **
* Tested up to **6.9.4**
* PHP version ** 7.4 or higher **
* Language
* [English (US)](https://wordpress.org/plugins/usercheck/)
* Tags
* [anti-spam](https://sah.wordpress.org/plugins/tags/anti-spam/)[disposable email](https://sah.wordpress.org/plugins/tags/disposable-email/)
[email validation](https://sah.wordpress.org/plugins/tags/email-validation/)
* [Advanced View](https://sah.wordpress.org/plugins/usercheck/advanced/)
## Ratings
5 out of 5 stars.
* [ 1 5-star review ](https://wordpress.org/support/plugin/usercheck/reviews/?filter=5)
* [ 0 4-star reviews ](https://wordpress.org/support/plugin/usercheck/reviews/?filter=4)
* [ 0 3-star reviews ](https://wordpress.org/support/plugin/usercheck/reviews/?filter=3)
* [ 0 2-star reviews ](https://wordpress.org/support/plugin/usercheck/reviews/?filter=2)
* [ 0 1-star reviews ](https://wordpress.org/support/plugin/usercheck/reviews/?filter=1)
[Your review](https://wordpress.org/support/plugin/usercheck/reviews/#new-post)
[See all reviews](https://wordpress.org/support/plugin/usercheck/reviews/)
## Contributors
* [ UserCheck ](https://profiles.wordpress.org/usercheck/)
## Support
Got something to say? Need help?
[View support forum](https://wordpress.org/support/plugin/usercheck/)