Verify user email addresses before allowing them to log in or complete checkout. This feature helps prevent fake accounts, reduces spam registrations, and ensures you can communicate with your customers.
Overview #
Email Verification requires users to confirm their email address by clicking a verification link sent to their inbox. Until verified, users cannot log in to your site or complete certain actions.
Key Benefits
- Eliminate fake accounts – Only real users with valid email addresses can register
- Reduce spam registrations – Bots can’t complete the verification process
- Improve deliverability – Verified emails mean fewer bounces when sending marketing emails
- Protect your store – Prevent fraudulent orders from unverified email addresses
- Build trust – Verified users are more engaged and trustworthy
Getting Started #
Step 1: Enable Email Verification
- Navigate to Swift Commerce → Spam → Email Verification in your WordPress admin
- Toggle the Enable Email Verification switch to ON
- Select which registration forms should require verification
- Click Save Settings
Step 2: Configure Verification Locations
Choose where email verification should be required:
- WordPress registration form
- WooCommerce My Account registration
- Guest checkout (Pro)
- Logged-in checkout (Pro)
Step 3: Customize the Email (Optional)
Personalize the verification email with your branding and messaging using the Customization tab.
Settings Tab #
The Settings tab allows you to configure when and how email verification is required.
Verification Settings
| Location | Description | Version |
|---|---|---|
| WordPress Registration | Default WordPress registration form (wp-login.php?action=register) | Free |
| WooCommerce My Account | Registration form on the WooCommerce My Account page | Free |
| Guest Checkout | Require email verification before guest customers can complete checkout | Pro 🔒 |
| Logged-in Checkout | Require verified email for logged-in users at checkout | Pro 🔒 |
How Each Location Works
WordPress Registration
- User registers → Verification email sent → User must verify before logging in
- Login attempts show “Please verify your email” message
WooCommerce My Account
- User registers on My Account page → Verification email sent → Must verify before logging in
- Auto-login after registration is disabled
Guest Checkout (Pro)
- Guest enters email at checkout → Verification required → Order only processes after verification
- Prevents orders with fake email addresses
Logged-in Checkout (Pro)
- Customer with unverified email tries to checkout → Prompted to verify first
- Ensures all orders have valid contact emails
Skip Verification for Roles
Select user roles that should bypass email verification entirely.
| Role | Description |
|---|---|
| Administrator | Full site access (recommended to skip) |
| Editor | Can publish and manage all posts |
| Author | Can publish and manage own posts |
| Contributor | Can write but not publish posts |
| Subscriber | Can only manage their profile |
| Customer | WooCommerce customer role |
| Shop Manager | WooCommerce store manager |
💡 Tip: It’s recommended to skip verification for Administrator and Shop Manager roles to prevent lockout scenarios.
Link & Limits (Pro) 🔒
Available with Swift Commerce Pro
Verification Link Expiry
| Option | Description |
|---|---|
| 1 hour | Very short – for high-security scenarios |
| 3 hours | Short window |
| 6 hours | Half day |
| 12 hours | Moderate |
| 24 hours | Recommended default |
| 48 hours | Extended window |
| 72 hours | Maximum flexibility |
💡 Tip: 24 hours gives users enough time to check email while maintaining security. Shorter times are better for high-security sites.
Resend Email Limit
Control how many times users can request a new verification email.
| Option | Description |
|---|---|
| Unlimited | No restrictions on resending |
| 3 times | Recommended – prevents abuse |
| 5 times | More lenient |
| 10 times | Very lenient |
Auto-delete Unverified Users
Automatically remove users who never verify their email.
| Option | Description |
|---|---|
| Never | Keep unverified users indefinitely |
| 24 hours | Very aggressive cleanup |
| 48 hours | Aggressive cleanup |
| 72 hours | Moderate cleanup |
| 7 days | Recommended balance |
| 14 days | Lenient |
| 30 days | Maximum time before cleanup |
⚠️ Warning: Deleted users cannot be recovered. Choose a time period that gives legitimate users enough time to verify.
Customization Tab #
Personalize the verification email sent to users.
Email Template
Email Subject
The subject line of the verification email. Example:
Email Body
The main content of the verification email. Use placeholders to personalize the message.
Available Placeholders
| Placeholder | Description | Example Output |
|---|---|---|
{{user_name}} | User’s display name | John Doe |
{{user_email}} | User’s email address | john@example.com |
{{verification_link}} | The clickable verification link | https://yoursite.com/?verify=abc123 |
{{site_name}} | Your website name | My Awesome Store |
{{site_url}} | Your website URL | https://yoursite.com |
{{expiry_time}} | Time until link expires | 24 hours |
Default Email Template
Subject:
Body:
Preview Email
Use the Preview button to see how your email will look with sample data before saving.
Branding (Pro) 🔒
| Option | Description |
|---|---|
| Disable “Powered by Swift Commerce” | Remove the Swift Commerce branding from the footer of verification emails |
Pending Users Tab (Pro) 🔒 #
Available with Swift Commerce Pro
View and manage users who are waiting for email verification.
User List
The pending users table shows:
| Column | Description |
|---|---|
| Username | The user’s login name |
| The email address awaiting verification | |
| Registered | Date and time of registration |
| Expires | When the verification link expires |
| Status | Active or Expired badge |
| Resends | Number of times verification was resent |
Individual Actions
| Action | Description |
|---|---|
| Verify | Manually mark the user as verified (bypasses email) |
| Resend | Send a new verification email to the user |
| Delete | Remove the user account entirely |
Bulk Actions
Select multiple users and perform actions on all at once:
| Action | Description |
|---|---|
| Bulk Verify | Verify all selected users |
| Bulk Delete | Delete all selected users |
Search & Filter
Use the search box to filter users by email or username.
How It Works #
Registration Flow
- User submits registration form
- Account is created with “unverified” status
- Verification email is sent automatically
- User clicks the verification link
- Account status changes to “verified”
- User can now log in
Verification Link Format
The token is a unique 64-character string that expires based on your settings.
What Users See
Before Verification (Login Attempt):
⚠️ Email not verified!
Please verify your email address before logging in. Check your inbox for the verification link.
After Clicking Verification Link:
✅ Email verified!
Your email has been verified. You can now log in.
Troubleshooting #
Common Issues
| Issue | Cause | Solution |
|---|---|---|
| Verification email not received | Email deliverability issue | Check spam folder, configure SMTP plugin, verify email settings |
| “Link expired” error | User waited too long | Admin can resend verification or increase expiry time |
| User can’t log in after verifying | Browser cache issue | Clear cookies and try again |
| Admin locked out | Verification enabled for administrators | Access database, set _swift_commerce_email_verified meta to 1 |
| Verification email shows raw HTML | Email client issue | Test with different email provider |
Testing Verification
- Create a test user account
- Check inbox for verification email
- Click the verification link
- Try logging in
- Verify the success message appears
Email Deliverability Tips
- Use an SMTP plugin – WP Mail SMTP, FluentSMTP, or similar
- Configure SPF/DKIM/DMARC – Ask your email provider for records
- Use a transactional email service – SendGrid, Mailgun, Amazon SES
- Test your emails – Use mail-tester.com to check spam score
Best Practices #
Recommended Configuration
| Setting | Recommended Value |
|---|---|
| WordPress Registration | ✅ Enabled |
| WooCommerce My Account | ✅ Enabled |
| Skip Roles | Administrator, Shop Manager |
| Link Expiry | 24 hours |
| Resend Limit | 3 times |
| Auto-delete | 7 days |
Security Tips
- Don’t skip customer role – Always verify customer emails
- Use reasonable expiry – 24-48 hours is ideal
- Enable auto-delete – Clean up fake registrations automatically
- Monitor pending users – Check regularly for suspicious patterns
- Test with SMTP – Ensure emails are actually delivered
Frequently Asked Questions #
What happens to existing users?
Existing users (registered before enabling verification) are automatically considered verified and won’t be affected.
Can users resend the verification email themselves?
Not from the frontend currently. Admins can resend from the Pending Users tab (Pro).
Will this work with social login plugins?
Yes! Users who register via social login (Google, Facebook, etc.) typically have pre-verified emails. The verification meta will be set appropriately.
Does it work with multisite?
Email Verification works on individual sites. Settings are not shared across the network.
What if I lock myself out?
If you’re locked out:
- Access your database via phpMyAdmin
- Find the
wp_usermetatable - Locate your user’s
_swift_commerce_email_verifiedmeta - Set the value to
1
Feature Comparison #
| Feature | Free | Pro |
|---|---|---|
| WordPress Registration | ✅ | ✅ |
| WooCommerce Registration | ✅ | ✅ |
| Skip Roles | ✅ | ✅ |
| Email Customization | ✅ | ✅ |
| Email Preview | ✅ | ✅ |
| Guest Checkout Verification | ❌ | ✅ |
| Logged-in Checkout Verification | ❌ | ✅ |
| Link Expiry Control | ❌ | ✅ |
| Resend Limit Control | ❌ | ✅ |
| Auto-delete Unverified | ❌ | ✅ |
| Pending Users Management | ❌ | ✅ |
| Bulk Actions | ❌ | ✅ |
| Remove Branding | ❌ | ✅ |
