Gravity Forms Email Blacklist

Description

The Email Blacklist Add-on for Gravity Forms was built to help block submissions from users with generic or competitors email addresses. Prevent the user from processing the form and stop non-qualified leads from being collected.

This plugin allows site admins to create a list of domains that if used in an email field on a Gravity Form it will cause a validation error and block the submission. A default email blacklist and validation message can be created to use across all email fields. These default settings can be overridden on a per email field basis.

Global settings can be added on ‘Forms’ > ‘Settings’ > ‘Email Blacklist’. To add settings to an individual email field, select the field and navigate to the ‘Advanced Settings’ tab.

This plugin works by blocking either individual email addresses (ex. jsmith@gmail.com), email address domains (ex. gmail.com), and/or email address top-level domains (ex. *.com).

Feel free to contribute on github.

Instructions

Global Blacklist Settings

Once set up, these settings will be used on all email input fields across all the Gravity Forms used on the site. They can be overridden by the individual email blacklist settings below.

  1. Once Logged into your site navigate to ‘Forms’ > ‘Settings’ > ‘Email Blacklist’
  2. In the ‘Global Blacklisted Emails’ input enter a comma separated list of blacklisted domains (ie. hotmail.com), email addresses (ie. user@aol.com), and/or include the wildcard notation to block top-level domains (ie. *.com). This setting can be overridden on individual email fields in the advanced settings.
  3. In the ‘Global Validation Message’ input enter a default error message if a blacklisted email is submitted. This setting can be overridden on individual email fields in the advanced settings.
  4. Click the ‘Update Settings’ button to save the settings.

Individual Email Input Blacklist Settings

Once set up these settings will be used on this form only and in place of the global blacklist settings above.

  1. Once Logged into your site navigate to the Gravity Form you would like to update.
  2. Add or update an existing email input field on the form.
  3. Go to the ‘Advanced Settings’ tab for the ‘Blacklisted Emails’ input.
  4. In the ‘Blacklisted Emails’ input enter a comma separated list of blacklisted domains (ie. hotmail.com), email addresses (ie. user@aol.com), and/or include the wildcard notation to block top-level domains (ie. *.com). This will override the globally defined blacklisted emails setting. Enter ‘none’ to bypass the global setting and allow all email addresses.
  5. In the ‘Blacklisted Emails Validation Message’ input enter an error message if a blacklisted email is submitted. This will override the globally defined error message.
  6. Click the ‘Save Form’ button to save the settings.

Additional Resources

Screenshots

  • Global Plugin Settings
  • Email Field Settings
  • Email Field Settings Updated
  • Form Validation Error

Installation

  1. Search for and install the ‘Gravity Forms Email Blacklist’ OR Upload gravity-forms-email-blacklist to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Navigate from the Dashboard to the ‘Forms’ > ‘Settings’ > ‘Email Blacklist’ to make sure it is installed.

Reviews

7. Oktobar 2024.
GF 2.8.18 , WP 6.5.5, PHP 8.2.23. WPE hosting. It even works wih 3.5 thousand rules in a single string for blacklist of disposable email domains.
2. Oktobar 2023. 2 replies
Uncaught TypeError: explode(): Argument #2 ($string) must be of type string, array given in (original path removed for privacy reason)/plugins/gravity-forms-email-blacklist/includes/class-gfemailblacklist.php:259I guess it’s because of PHP 8. This shouldn’t happen at all, please fix it.
28. August 2023.
This Addon for Gravity forms does exactly as advertised. On top of that, when I had an issue recently the support response via these forums was outstanding. Probably the best I’ve ever received via this site. Well done guys!
1. Juli 2023.
Still evaluating, but one key deficit is that wildcard support doesn’t seem to extend to domains, only to TLDs. Why that matters: We routinely get hammered by exploit probes using example.* domains, which blow past reCAPTCHA without slowing down. (Presumably they use example.* on the assumption it will be allowed to pass through filters.) It’s a massive inconvenience for the people receiving our forms. (Yes, I realize this would also block submissions from vuln scanning suites.)
Read all 15 reviews

Contributors & Developers

“Gravity Forms Email Blacklist” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

2.5.6

  • Fix PHP error under PHP 8+
  • Fix with multiple email fields and different blacklists.

2.5.5

  • Fixed version number issue

2.5.4

  • Fixed validation function to remove any empty values for the array of blacklisted emails to prevent false positives from empty email fields.
  • Added capability declination to the class to allow the plugin to work with role and capabilities plugins.

2.5.3

  • Updated labels and descriptions throughout the admin settings to improve clarity.

2.5.2

  • Fix: Updated method for getting the TLD to make sure the domain wildcards work in the case of a sub-domain email.

2.5.1

  • Updated static setting strings to allow them to be translated.
  • Added Text Domain.
  • Added a function to Load Loads a plugin’s translated strings.
  • Added filter to allow 3rd party plugins to alter the validation message before it is output.
  • Added filter to allow 3rd party plugins to alter the is_valid check.
  • Added short circuit filter to allow 3rd party plugins to jump over a check.

2.5

  • Updated documentation, readme and added instructions.
  • Updated version number and plugin information on compatibility and stable release.
  • Fix: Updated validation function to account for email fields hidden by conditional logic

2.4

  • Updated the plugin to allow the use of wildcards to block whole top-level domains.

2.3

  • Updated the way the AddOn is initiated.
  • Updated code to meet PHPCS code standards for WordPress.
  • Updated version and compatibility numbers.
  • Updated readme.txt.

2.2

  • Added Author URL to GitHub Repo
  • Fixed typo in readme.txt

2.1

  • Added plugin icon

2.0

  • Bug Fix: Removed ‘var_dump’ in validation function.
  • Added ‘gf_emailblacklist_clean’ function to make comparison case insensitive. Thanks to @ractoon, @rscoates.
  • Updated function to work with both email domains and specific emails.
  • Ran ‘class-gfemailblacklist.php’ through PHPCS with WordPress Coding Standards.
  • Moved class to ‘/includes/class-gfemailblacklist.php’ file.
  • Added placeholder text to fields
  • Updated code comments.
  • Updated plugin file name.
  • Updated readme.txt and README.md

1.1

  • Added custom validation message options to the email field under the ‘Advanced’ field settings
  • Added default setting for the email blacklist and validation message to the form settings area to be used on all forms with an email field.

1.0

  • Added email blacklist options to the email field under the ‘Advanced’ field settings