There are several ways to stop spam user registration in WordPress:
1. Use a plugin such as Akismet or Antispam Bee to filter out spam registration attempts.
2. Use a CAPTCHA plugin, such as Google reCAPTCHA or Really Simple CAPTCHA, to verify that a real person is registering on your site.
3. Limit the number of user registrations per IP address to prevent bulk registration attempts.
4. Use a security plugin, such as iThemes Security or Wordfence, to add additional layers of security to your site.
5. Block the IP address of spammer if you found any specific spammer IP.
6. Use a double opt-in process for new user registrations to confirm the email address of the registrant.
7. Keep your WordPress and plugins updated to the latest version to ensure that your site is protected against known security vulnerabilities.
It’s worth noting that no single solution will work for every website, so you may need to try a combination of these methods to effectively reduce spam and improve the security of your site.