How to block bot registrations
There is no way to block 100% of spam, but you can block most of bots if you follow next recommendations:
1. Disable default WordPress registration form
Go to the page [wp-admin > Settings > General] and disable setting "Membership - Anyone can register".
2. Use Google reCAPTCHA
Add Google reCAPTCHA to the login form and to the registration form. Add Google reCAPTCHA to the social login registration overlay form if you use the extension "Ultimate Member - Social Login".
[wp-admin > Ultimate Member > Forms > Edit Form (Registration)]
3. Disallow third-party plugins to create an account.
Ultimate Member can’t forbid another plugin to create an account, so you have to do it manually. See the example for WooCommerce plugin below:
[wp-admin > WooCommerce > Settings > Account & Privacy]
4. Approve new members after email verification.
Set the user role option "Registration Status" to "Require Email Activation". In this case a new user have to confirm the email to approve the account.
[wp-admin > Ultimate Member > User Roles > Edit Role]
5. Use unique links
Change the register page link from default "register" to some other.
[wp-admin > Pages > Edit]