Spam protection, Anti-Spam, FireWall by CleanTalk

Description

Top-rated anti-spam protection for WordPress. No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.

Anti-Spam features

  1. Stops spam comments.
  2. Stops spam registrations.
  3. Stops spam contact emails.
  4. Stops spam orders.
  5. Stops spam bookings.
  6. Stops spam subscriptions.
  7. Stops spam surveys, polls.
  8. Stops spam in widgets.
  9. Stops spam in WooCommerce.
  10. Real-time email validation. Is email real or Not.
  11. Checks and removes the existing spam comments and spam users.
  12. Compatible with mobile users and devices.
  13. Compatible with General Data Protection Regulation (GDPR) (EU).
  14. Blocking disposable & temporary emails.
  15. No Spam – No Google Penalties. Give your SEO boost.
  16. Mobile friendly Anti Spam & FireWall.
  17. Stops spam in Search Form.
  18. Disable comments.
  19. Spam FireWall: Anti-Flood.
  20. Spam FireWall: Anti-Crawler.
  21. Hide «Website» field for comments.
  22. Block messages by languages, countries, networks and stop words.
  23. Email Address Encoder – protection for email addresses published on your site.

Free trial then $12 per year

CleanTalk is an anti-spam plugin which works with the premium Cloud Anti-Spam service cleantalk.org. This plugin as a service https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#6-software-as-a-service-is-permitted

Public reviews

It’s more than just a tool to combat spam; it’s an integral component that enhances the overall quality and performance of your website.
techbusinessnews.com.au

Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam
The Hacker News.

CleanTalk – Cloud-Based Anti-Spam Service to Keep Your Site Bot-Free.
NewsWatch Review.

Compare reCAPTCHA & Akismet VS CleanTalk
https://www.saashub.com/compare-recaptcha-vs-cleantalk
https://www.saashub.com/compare-akismet-vs-cleantalk

I know you have heard of a number of anti-spam plugins. But you must know, the cloud-based ones are the best regarding detection rate. They compare all the content in forms with their own algorithm to find out the legibility.
www.techwibe.com

The key selling point of CleanTalk for me is not simply its effectiveness. It’s the fact that CleanTalk works in the background. It does not make users jump through hoops in order to submit a comment or complete a form.
www.kevinmuldoon.com

AntiSpam protection for comments

Native spam protection for WordPress, JetPack comments and any other comment plugins. The plugin moves spam comments to SPAM folder or you can set the option to ban spam comments silently. You can also enable the option in the plugin settings to auto-delete comments from SPAM folder.

Contact Form by WPForms spam filter

Plugin extends Contact Form by WPForms to provide spam protection. It filters spam submissions for each type of forms – simple contact form, marketing form, request a quote and etc.

Elementor Website Builder filter

Plugin extends spam protection for Elementor Website Builder. It filters spam submisssions and tested for contact form type.

Gravity forms spam filter

Plugin extends spam protection for Gravity forms. It filters spam submisssions for any type of forms.

Formidable Form Builder spam filter

Plugin extends spam protection for Formidable Form Builder. It filters spam submisssions for any type of forms – Contact Form, Survey & Quiz Forms.

Contact Form 7 spam filter

Plugin extends spam protection for Contact Form 7 (CF7). It can be used with any other third-party spam filters.
How to protect your Contact Form 7 using CleanTalk Anti-Spam plugin

WooCommerce spam filter

Anti-spam by CleanTalk filters spam registrations and spam reviews for WooCommerce. The plugin is fully compatible with WooCommerce 2.1 and higher.

Spam filter for theme contact forms

The plugin blocks spam emails via any theme (built-in ones included) contact forms. The plugin filters spam emails silently (without any error notices on WordPress frontend) in AJAX forms as well.

bbPress spam filter

Spam protection for everything about bbPress: logins, registrations, forums, topics and replies.

Other spam filters

  • WordPress Landing Pages.
  • WP User Frontend, UserPro.
  • Ninja forms https://ninjaforms.com.
  • Contact Form Plugin by Fluent Forms Ninja forms https://fluentforms.com.
  • Forminator contact from https://wpmudev.com/project/forminator-pro/.
  • Newsletters – MC4WP: Mailchimp for WordPress (mc4wp.com), MailPoet – emails and newsletters in WordPress (https://www.mailpoet.com/).
  • Any WordPress form (checkbox ‘Custom contact forms’).
  • Any submission to the site (checkbox ‘Check all POST data’).

Check existing comments for spam. Bulk spam comments removal. Spam comment Cleaner

With the help of anti-spam by CleanTalk you can inspect through existing comments to find and quickly delete spam comments at once. To use this function, go to WP Console -> Comments -> Find spam comments.

Check existing users for spam. Bulk spam accounts removal. Spam users cleaner

With the help of anti-spam by CleanTalk you can inspect through existing accounts to find and quickly delete spam users at once. For use this function, go to WP Console -> Users -> Check for spam. Also, you can export a list of spam users to the CSV.

Private black lists for anti-spam service

Automatically block comments and registrations from your private black IP/email address list.

Hide «Website» field for comments

This option hides the «Website» field from standard WordPress comments forms. After that spammers won’t be able to send spam links using «Website» field in the bottom of the comments form.

Low false/positive rate

This plugin uses multiple anti-spam tests to filter spam bots having as low false/positive rate as possible.

How does CleanTalk improve SEO for your website?

So, you already know that the speed of the site has a direct impact on SEO.

CleanTalk works faster than most of the other anti-spam plugins. It is common knowledge that the faster your site loads, the better your customer experience is, the better your SEO will be, and the better your site will convert. Speed is becoming increasingly important in SEO, conversion and user experience. Today, site speed is one of the most important ranking factors on Google. A site that loads slowly will lose visitors and potential revenue.

Among anti-spam plugins CleanTalk AntiSpam is one of the fastest. Despite the large plugin functionality, the developers have optimized the performance of
the plugin so that AntiSpam by CleanTalk is faster than most analogs. This contributes to the cloud service architecture, as all calculations take place in the cloud, not on the server, the server receives the finished result for further action.

https://s.w.org/plugins/cleantalk-spam-protect/screenshot-5.png?r=1288723

Unlike stand-alone plugins (WP Armour, Antispam Bee, WP Cerber) Anti-Spam by CleanTalk uses less CPU that improves site response, visitors experience and SEO results.

Spam FireWall

Spam FireWall allows blocking the most active spam bots before they get access to your website. It prevents spam bots from loading website pages so your web server doesn’t have to perform all scripts on these pages. Also it prevents scanning of pages of the website by spam bots. Therefore Spam FireWall significantly reduces the load on your web server. Spam FireWall also makes CleanTalk the two-step protection from spam bots. Spam FireWall is the first step and it blocks the most active spam bots. CleanTalk Anti-Spam is the second step and checks all other requests on the website in the moment of submitting comments/registers etc.

How does Spam FireWall work?

  • The visitor enters to your web site.
  • HTTP request data are being checked in the nearly 5.8 million of the identified spam bot IPs.
  • If it is an active spam bot, the bot gets a blank page, if it is a visitor then he receives a normal page. This process is completely transparent for the visitors.

All the CleanTalk Spam FireWall activity is being logged in the process of filtering.

Spam FireWall: Anti-Flood & Anti-Crawler

Spam FireWall: Anti-Flood and Anti-Crawler options are intended for blocking unwanted bots, content parsing, shop goods prices parsing or aggressive website scanning bots. Learn more https://cleantalk.org/help/anti-flood-and-anti-crawler

Anti-Spam plugin info

CleanTalk is an all-in-one anti-spam solution for WordPress that protects login, comment, contact and WooCommerce forms at once. You don’t need to install separate antispam plugins for each form. It allows your blog to work faster and save resources.

CleanTalk is a transparent antispam tool, we provide detailed stats of all incoming comments and logins. You can always be sure that there are no errors. We have developed a mobile app for you to see antispam stats wherever you want.

We have developed the antispam for WordPress that protects you from spam bots at the maximum level allowing you to provide your visitors a simple and convenient form of comments/registrations without annoying CAPTCHAs and puzzles. CleanTalk detects spam in multistage tests allowing us to block up to 99.998% of spam bots. The anti-spam method offered by CleanTalk avoids inconvenient for communication methods (CAPTCHA, question-answer etc.), and offers to your site visitors a more comfortable one.

CleanTalk is a premium anti-spam service for WordPress, the plugin works with our own CleanTalk Cloud Service. Anti Spam by CleanTalk offers a free trial, you can look at the pricing here. We provide anti-spam services at the highest level. To maintain this level we cannot afford to offer a free version of our service, as this will immediately affect the quality of the providing anti-spam protection. Paying for a year of anti-spam service, you save a lot more and receive:

  • Up to 99.998% protection from spam bots.
  • Time and resources saving.
  • More registrations/comments/visitors.
  • Spam protection of the several websites at once in different CMS.
  • Ease in installation and using.
  • Traffic increase and loyalty to the users.
  • 24/7 technical support.
  • Clear stats.
  • Spam FireWall.
  • No captcha (reCaptcha), puzzles, etc.

How to protect sites from spam bots without CAPTCHA?

The most popular anti-spam method is CAPTCHA – the annoying picture with curved and sloping symbols, which are presented to the visitor to decipher and fill in. In is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if the visitor wants to comment, he has to fill in these symbols time after time, making mistakes and starting once again. Sometimes CAPTCHA reminds us of the doodles of a two year old child. For users with vision problems CAPTCHA is an insurmountable obstacle. Users hate captcha. Captcha for users means “hate”. Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to decipher CAPTCHA 95% of visitors reject further attempts. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource spam both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts concerning the Need for CAPTCHA?

“Ultimately, CAPTCHAs are useless for spam because they’re designed to tell you if someone is ‘human’ or not, but not whether something is spam or not.” Matt Mullenweg

You do not have to work in IT to know what spam is. Besides piles of unwanted email, there are spam bots, or special software programs designed to act as human website visitors that post unwelcome messages over the Internet to advertise dubious services. More often than not spam messages do not even make sense. Similar to bacteria and virus mutations developing antibiotic resistance, spam bots are becoming more resilient in penetrating Internet firewalls and security layers.

White Label Mode

To switch the plugin work in the white-label mode you should set up a few settings on your main site in WordPress Multisite Network:

  1. Check setting “Enable White Label Mode”.
  2. Fill “Hoster API Key” field with key from CleanTalk’s hoster panel.
  3. Fill “Plugin name” field. It could be any name you want for the plugin.
  4. Save settings.

The plugin will do everything rest.

Real-time email validation. Is email real or Not.

It is very important to be sure that the user used his real email address. Spambots very often use fake email addresses, i.e. which addresses do not exist.

CleanTalk will check email addresses for existence in real time.

Non-existing email addresses also entail several other problems for website owners.

  • You can never contact them by email,
  • the client will never receive any notifications from you (account activation letter, password recovery, email distribution, notifications, etc.),
  • if you use email marketing for your clients, then a large number of nonexistent emails in the mailing list may result in your IP address being added to various blacklists of email servers.

Improve your email list with email validation without fake emails.

Blocking disposable & temporary emails

Block fake and suspicious users with disposable & temporary emails to improve email delivery. So, it also prevents malicious activity, spam bots, and internet trolls.

Stops Spam in Search Form

Spam bots can use your search form to make a GET request with spam text. CleanTalk Anti-Spam has the option to protect your website search form from spam bots. Each time, the search generates a new page and if there are many requests, this can create additional load. So, under some conditions, spam searches can be indexed, which affects SEO,

  • Spam FireWall blocks access to all website pages for the most active spambots. It lowers your web server load and traffic just by doing this.
  • Anti-Spam protection for website search forms repels spambots.
  • If your search form gets data too often the CleanTalk Anti-Spam plugin will add a pause and increase it with each new attempt to send data. It saves your web server processor time.
  • Spam protection allows you to not forbid indexation for the crawler bots if you really need it but simultaneously you will get protection from spambots.

You will always know what users were looking for on your site.

Disable comments

This option disables comments on your site. You can choose one or several options:

  • Disable comments for posts
  • Disable comments for pages
  • Disable comments for media

When using Disables comments, existing comments will not be deleted and will remain on the pages.

Email Address Encoder

CleanTalk Anti-Spam offers a feature called “Encode contact data” that is designed to encode all email addresses on the website pages. Encoding the email addresses increases the level of protection of contact data from being abused, parsed, getting spammed and used in spam mailing lists by bots and online criminals. To reveal the encoded email address simply click on it and it will be decoded instantly.

Will the anti-spam plugin protect my theme?

Yes, it will. The Anti-spam by CleanTalk is compatible with any WordPress theme.

Should I use other anti-spam tools (Captcha, reCaptcha and etc.)?

CleanTalk stops up to 99.998% of spam bots, so you can disable other anti-spam plugins (especially CAPTCHA-type anti-spam plugins). In some cases several anti-spam plugins could conflict with each other.

Screenshots

  • AntiSpam settings are easy to use to protect any contact forms. For example – Ninja forms, Fluent forms and etc.
  • AntiSpam plugin rejected a spam bot at the CAPTCHA less registration form. The plugin provides explanation to visitor and websites about each rejected comment/registration or contact message.
  • Use AntiSpam analytics tool for each website in service Dashboard to have information about spam/legitimate stats.
  • Use AntiSpam log to control anti-spam plugin.
  • CleanTalk works faster than most of other anti-spam plugins.
  • The Dashboard with a map of most spam active countries per your account.
  • The plugin deletes/removes the existing spam comments and users accounts.
  • CleanTalk’s dashboard update link.
  • CleanTalk’s dashboard.
  • SpamFireWall log.

Installation

Installation instructions

  1. Download, install and activate ‘Anti-spam by CleanTalk’.

  2. Get Access key https://cleantalk.org/register

  3. Enter Access key in the settings: WordPress console -> Settings -> Antispam by CleanTalk

  4. Do dummy spam comment (registration or contact message) with email stop_email@example.com. You should see notice: Forbidden. Sender blacklisted.

  5. Done! The plugin is ready to use.

Video guide – Anti-Spam Plugin Installation in WordPress.

Important! To test spam protection you must post a dummy submissions as website visitor (use must logged out from WordPress console), because the plugin doesn’t filter submissions from WordPress administrators.

How can setup plugin in WPMU version?

In WordPress multisite version you can switch the plugin to use Global Access key. In this way the plugin doesn’t show any options to enter Access key in plugin settings and doesn’t show Trial banner in WordPress backend. To setup global CleanTalk access key for all websites in WPMS, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Make it before you activated the plugin. If the plugin already activated, deactivate it and add the code and active it again.
Now, all subsites will have this access key.

Manage and control spam protection

Go to Dashboard at the cleantalk.org or use Android, iPhone anti-spam app to manage and control spam protection.

FAQ

Why are they spamming me?

Spammers want to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites.This level of spam can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of comments every week. However, by using a CleanTalk plugin, spam can be easily handled by your WordPress website.

Is the anti-spam protection safe for mobile visitors?

Yes, it is. The plugin doesn’t block mobile visitors as well as desktop website visitors. It uses several independent anti-spam tests to decrease the number of false outcomes and to have as low false-positive rate as possible. Multiple anti-spam tests help to avoid false/positive blocks for real website visitors even if one of the tests failed.

What does the plugin do with spam comments?

Spam comments are being moved to SPAM folder by default or you can set the option to ban spam comments silently.

How can I test the anti-spam protection?

Please use the email stop_email@example.com for comments, contacts or signups to see how the anti-spam protection works. Also, you can see the logs for the last 7 days in the Dashboard or look at the folder “Spam” for banned comments.

How does the plugin stop spam?

Please, note – administrator’s actions are NOT being checked.

The plugin uses several simple tests to stop spammers:

  1. JavaScript anti-spam test. 99% of spam bots don’t have full JavaScript functions support. So, the plugin has the code which can be run by normal visitor and can’t be run by the spam bot.
  2. Email, IP, domain spam activity list entries check. The plugin uses spam activity database online at cleantalk.org, consisting of more than 20 billion spam activity records of IPs, Emails, Domains and ASN. If the sender’s IP or Email is in the database, the sender gets some spam scores. To reduce false/positive rate the plugin not only uses the blacklist test to ban spammers, the sender will be banned when and only when multiple spam tests have been failed.
  3. Comment submit time. Spam bots usually submit the info immediately after the page has been loaded, this happens because spam bots don’t actually fill the web form, they just send $_POST data to the blog. The normal visitor sends the data after several seconds or minutes.

What about pingback, trackback spam?

The plugin passes pingbacks without any checks by default. All trackbacks will be blocked if the sender had spam activity.

Can I use CleanTalk to remove pending spam comments?

Yes, you can. The plugin has the option to test all pending comments via database of spam active IP/Email, found spam comments will be moved to Trash folder.

How does the plugin find spam in pending comments or registered accounts?

The plugin checks all non-spam comments in the blacklist database and shows you those senders who have spam activity on other websites.
There are some differences between blacklist database and API to protect you from spam bot registrations/comments online. Blacklists show all history of spam activity, but our API (which is used in spam tests) relies on other parameters too: last day of activity, number of spam attacks during the last days etc. These mechanisms help us to reduce the number of false outcomes. So, there is nothing strange, if some emails/IPs are not found by bulk comments/accounts test.

To check comments please go here:

WordPress console -> Comments -> Find spam comments

To check users please go here:

WordPress console -> Users -> Find spam users

Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)?

Yes, the plugin is compatible with WordPress MultiUser. Each blog in multisite environment has individual anti-spam options for the protection from spam bots.

After the installation I noticed that the number of spam attacks has been increased in the stats

There are a few reasons for this:

  • With the indexing of your web-site by the search systems, appearance of external links and better search results position, your web-site attracts more and more spambots.
  • Non-transparent protection systems like CAPTCHA or question/answer, that don’t have spam attacks stats, don’t let you see the whole picture, or the picture is incomplete.
  • Counting methods for spam attacks and spam bots are different for different systems, thus the diversity appears. We seek to provide detailed stats.

Why my dummy “spam” comment passed to the WordPress?

The plugin has several options to detect spam bots and humans. If you just post spammy text like this:

"I want to sell something", "Buy something here.." and etc

the comments will be passed, because the plugin detects sender as a human. So, use special email stop_email@example.com to test the anti-spam functionality or wait a few days to see how the plugin works.

Is it free or paid?

The plugin is free and distributed under the GPLv2 license.

CleanTalk anti-spam plugin works with a cloud base anti-spam service and this plugin is a Software as a service (SaaS).
CleanTalk it’s a free plugin that works with premium Cloud Anti-Spam service.
https://en.wikipedia.org/wiki/Software_as_a_service

The fact that the plugin works with a premium type service is mentioned in the plugin annotation and in its WordPress catalog description.

We are ready to help you with any issue regarding CleanTalk. There are hundreds of environment compositions and we do our best to cover as many as possible.

Can I use CleanTalk with cache plugins?

Anti-spam by CleanTalk doesn’t use static HTML code in its templates, so all anti-spam functions work correctly with any WordPress cache plugins.

Does the plugin protect from spam bots if I use forms with third-party services?

Yes, it does. Plugin protects web-forms on your websites which send data to third-party servers (like MailChimp). To enable this protection set the option ‘Protect external forms’ in the plugin settings.

Does CleanTalk compatible with Cloudflare?

CleanTalk is fully compatible with CloudFlare. Service doesn’t filter CloudFlares IP’s (AS13335) through blacklists database, so in this case plugin/service filters spam bots using other anti-spam tests.

Is CleanTalk compatible with a content delivery network (CDN)?

Yes, it is. CleanTalk works with any CDN system, i.e. CloudFlare, MaxCDN, Akamai.

Can I use CleanTalk functionality in my plugins?

Yes, you can. Just use following snippet:

<?php
if(!function_exists('ct_test_message')){
    include_once( ABSPATH . '/wp-content/plugins/cleantalk-spam-protect/cleantalk.php' );
}
//for registration test:
$res=ct_test_registration("nickname", "stop_email@example.com", "127.0.0.1");
//or for some other messages (contact forms, comments etc.)
$res=ct_test_message("nickname", "stop_email@example.com", "127.0.0.1", "test message");

$res now contents array with two parameters:
* $res[‘allow’] – is request allowed (1) or not (0)
* $res[‘comment’] – comment for our server’s decision.

I see two loads of script cleantalk_nocache.js. Why do you use it twice?

This script is used for AJAX JavaScript checking. Different themes use different mechanisms of loading, so we use two methods for loading our script. If you absolutely know what you are doing, you can switch one of the methods off by defining constants in your wp-config.php file:

define('CLEANTALK_AJAX_USE_BUFFER', false); //false - don't use output buffering to include AJAX script, true - use it

or

define('CLEANTALK_AJAX_USE_FOOTER_HEADER', false); //false - don't use wp_footer() and wp_header() for including AJAX script, true - use it

Can I add exclusions for some pages of my site?

Yes, you can. There is a special setting in plugin settings.
You could use this guide to learn more: https://cleantalk.org/help/exclusion-from-anti-spam-checking#wordpress

Can I not send my personal data to CleanTalk servers?

Yes, you can exclude your data. There is a special setting in plugin settings.
You could use this guide to learn more: https://cleantalk.org/help/exclusion-from-anti-spam-checking#WordPress_field_exclusions

How to test Spam FireWall?

Use special IP 10.10.10.10 in URL to test Spam FireWall. For example,

https://cleantalk.org/blog/?sfw_test_ip=10.10.10.10

Attention! The incognito mode should be enabled in your browser when you do a test. To enable incognito mode press Ctrl+Shift+N for Chrome, Opera и Safari browsers; press Ctrl+Shift+P for Firefox, Internet Explorer and Microsoft Edge. A full guide to enable Incognito mode is here: https://www.wikihow.com/Activate-Incognito-Mode

How can I enter access key in WPMU version?

To set up global CleanTalk access key for all websites in WPMU, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Now, all subsites will have this access key.

Does the plugin work with Varnish?

CleanTalk works with Varnish, it protects WordPress against spam, but by default the plugin generates a few cookies for the protection from spam bots and it also disables Varnish cache on pages where CleanTalk’s cookies have been stored. To get rid of the issue with cache turn off the option ‘Set cookies’ in the plugin settings.

WordPress console -> Settings -> CleanTalk -> Advanced settings

Now the plugin will protect WordPress comments, registrations and most of popular contact forms, but will not protect some of rarely used contact forms.

Does the anti-spam plugin work with Accelerated Mobile Pages (AMP)?

Yes, it does. But you have to turn off the SpamFireWall and the option ‘Use AJAX for JavaScript check’ in Advanced settigns of the plugin to be fully compatible with Accelerated Mobile Pages.

Should I change anything in the plugin’s settings or in my CleanTalk Dashboard when I switch my website from HTTP to HTTPS or vice versa?

No. You don’t need to change anything in the plugin’s settings or in your CleanTalk Dashboard. The plugin will work regardless of the protocol.

Spam FireWall and AntiSpam – Networks Blocking

Anti-Spam – will blocks users from selected IP or network from using contacts/messages/registrations/comments forms.
Spam FireWall – will blocks users from selected IP or network from entering the website.

Please, read more here
https://cleantalk.org/help/sfw-blocks-networks

Spam Comment Management

By default, all spam comments are placed in the spam folder, now you can change the way the plugin deals with spam comments:

  1. Move to the Spam folder. All spam comments will be placed to the folder “Spam” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

You can prevent the proliferation of Spam folder. It can be cleaned automatically using the option “Keep spam comments for 15 days.” Enable this option in the settings of the plugin: WordPress Admin Page -> Settings -> Antispam by CleanTalk -> Advanced settings -> enable “Keep spam comments for 15 days” -> Save Changes.

  1. Move to Trash. All spam comments will be placed to the folder “Trash” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

  2. Ban comments without moving to WordPress backend. All spam comments will be deleted permanently without going to the WordPress backend except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

What comments were blocked and banned can be seen in the Anti-Spam Log here: https://cleantalk.org/my/show_requests?int=week

To manage the actions with spam comments, go to the Control Panel, select the website you want to change the actions for and go to “Settings” under the name of the website.

Please, read more here:
https://cleantalk.org/help/spam-comment-management

Is the plugin EU GDPR compatible?

Yes, it is. Please read this article,
https://cleantalk.org/publicoffer#cleantalk_gdpr_compliance

Reviews

September 26, 2024 1 reply
Provides high level of security for webs sites and easy to use.
September 23, 2024 1 reply
Very good plugin, work perfectly !
September 21, 2024 1 reply
We changed to CleanTalk years ago and have been impressed with the massive reduction in spammy signups to less than 1% whereas Capcha let so many through. It also slows down the dodgy IP addresses. We use this for all our evolvepreneur app sites and makes live so much easier to set and forget spam management. Highly recommended!
Read all 2,981 reviews

Contributors & Developers

“Spam protection, Anti-Spam, FireWall by CleanTalk” is open source software. The following people have contributed to this plugin.

Contributors

“Spam protection, Anti-Spam, FireWall by CleanTalk” has been translated into 20 locales. Thank you to the translators for their contributions.

Translate “Spam protection, Anti-Spam, FireWall by CleanTalk” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

6.42.1 03 Oct 2024

  • Fix. Adjust. LiteSpeedCache adjusting fixed.

6.42 03 Oct 2024

  • Fix. Integrations. Uni-Cpo pruducts actions – service fields skipping improved.
  • Fix. EmailEncoder. CSS. Hide wpautopt breaks between magic blur elements.
  • Fix. Integration. Add to cart by get bot detector fixed.
  • Mod. Settings. Adaptive version of the settings
  • Mod. Settings. Burger menu
  • New. Admin bar. Promotion link Manuals and FAQ added.
  • Fix. Contact form validate. Emails array urlencoding fixed.
  • Fix. External Forms. Skip PayPal redirection form.
  • Mod. ReferralLink. Changing the referral link
  • Fix. Integrations. TVE plugin affliction to gravity forms fixed.
  • Upd. Integrations. Updated adjust module for litespeed.
  • Fix. Settings. Removing excess
  • Fix. Integrations. Masteriyo LMS plugin. Ignore login events.
  • Fix. Integrations. Masteriyo LMS plugin. Registration POST check improved.
  • Fix. Code. GetFieldsAny. PHP 8.0 compatibility.
  • Fix. Integrations. BuddyPres private messages. Nouveau AJAX messages handled.
  • Fix. Settings. TRP and SFW settings minor fixes.

6.41.1 21 Sep 2024

  • Fix. Contact form validate. Emails array urlencoding fixed.

6.41 19 Sep 2024

  • Upd. Params. Removed nocookie table.
  • Upd. Integrations. Updated handler for FluentFormPro addon.
  • Upd. TRP. Updated layout.
  • Fix. Integrations. Updated Forminator handler.
  • Fix. Integrations. WC add to cart. Use function instead of const to handle GET cards.
  • Fix. Admin. CleanTalk deactivation popup layout fixed.
  • Fix. WPMS. SFW update fixed on WPMS mode 3.
  • Fix. HTTP. Headers collection for WordPress HTTP API fixed.
  • Fix. Public JS. Reduce setting important parameters AJAX calls.

6.40 05 Sep 2024

  • New. Email encoder. Animations and blur emails added.
  • New. Integrations. Added handler for wufoo.com.
  • New. Integrations. CleantalkWpDieOnComment class implemented to hook the default WP die handler on the comment validation errors.
  • New. The Real Person. Adaptive CSS version for admin page.
  • New. The Real Person. Show the badge in the admin panel in the comments list.
  • Fix. Integration. Woocommerce – adding to cart requests handling fixed.
  • Fix. Integrations. Added event handler for gravity multiform.
  • Fix. Integrations. Added exclude for WooCommerceProductFilter.
  • Fix. Integrations. Updated gathering email handler.
  • Fix. Integrations. Updated handler for Divi forms.
  • Fix. Integrations. Updated BuddyPress handler statement.
  • Fix. Integrations. Excluded klaviyo coupon service request
  • Fix. Params. Fixed honeypot handler.
  • Upd. CleantalkWidget. The public CT widget is removed.
  • Upd. Email encoder. Enabled for any new installations by defaults.
  • Upd. The Real Person. Closes the popup when the cursor exits the badge element area.

6.39.1 26 Aug 2024

  • Fix. Params. Fixed honeypot handler.

6.39 22 Aug 2024

  • New. Integration. Otter blocks integration implemented.
  • New. GetFieldsAny. Sender emails array
  • Upd. Pub-Integration. Adding sender_emails_array
  • Upd. The Real Person. Pop-up changes, layout correction
  • Fix. The Real Person. Overflow changes for the Spacious theme, Icon size changes
  • Fix. The Real Person. Checking against undefined
  • Fix. Adjust. Checking for LiteSpeed activity, review edits
  • Fix. Integrations. Added EmailOctopus handler.
  • Fix. Integrations. Updated email gathering on forminator.
  • Fix. Integrations. Updated skip statement.
  • Fix. TRP. No TRP badges on inactive licenses
  • Fix. Anti-spam. Parameter sender_emails_array moved to the sender_info block.
  • Fix. Anti-spam. Emails array support for CF7 integration.
  • Fix. Integration. Elementor Pro Form integration fixed.
  • Fix. Integration. WP Forms integration fixed.
  • Fix. Anti-spam. Honeypot logic fixed.
  • Fix. Integrations. Updated gathering email handler.

6.38

  • Code. Compatibility. Unnecessary WP Rocket text removed.
  • Fix. Integrations. Updated gathering email on Divi.
  • Upd. Internationalization. Added Dutch language support.
  • Fix. Email encoder. Translation fixed.
  • Fix. Requests parameters. Store URLs fixed.
  • Fix. Integrations. Fixed compatibility with varnish.
  • Fix. JS. Updated compatibility with old browsers.
  • Fix. Common. Revert readme text.
  • Ref. Search forms protection. Refactored to use storage data instead of hidden fields.
  • Mod. Integration. External Forms. Divi Form redirect handling via external forms.
  • Upd. Common. Updated readme description.

6.37

  • New. Integration. Added klaviyo handler.
  • New. Integration. Thrive Leads integration implemented.
  • Upd. Integration. CSCF forms.
  • Upd. Integration. Forminator forms username gathering.
  • Upd. Integration. Kali Form updated.
  • Upd. Changing the Form signs exceptions.
  • Upd. Common. Moved changelog.
  • Upd. EmailEncoder. Do not encode email in AMP pages.
  • Upd. Settings. The Real Person feature. Enabled by defaults for all new installations.
  • Upd. Settings. Updated description for Capture buffer.
  • Fix. Common. Honeypot field ID attribute fixed.
  • Fix. Common. Plugin version fixed.
  • Fix. Cookie. Updated gathering pages data in force alt mode.
  • Fix. CleanTalk pixel. Pixel error fixed.
  • Fix. External forms. Broken reCAPTCHA loading fixed in Active Campaign forms.
  • Fix. FindSpam. Added params verification.
  • Fix. JS. Console error – empty formOriginal.
  • Fix. Settings. Links. Utm tags.
  • Fix. Settings. Prevented warning appearing.
  • Fix. SFW. Error message typo fixed.
  • Ref. Code. Psalm L3. File cleantalk.php refactored.

6.36.1

  • Fix. Common. JS errors fixed.

= 6.36 Jul 11 2024
* New. Integration. Kulahub.
* New. Integrations. Added eloqua handler.
* New. Integration. Piotnet (PAFE) forms.
* New. Integration. Kadence Blocks Advanced.
* New. Settings. W3 Total Cache settings adjusting implemented.
* Upd. API. Method send_feedback upgraded to the version api3.0.
* Upd. Settings. Updated debug view.
* Upd. Settings. WL mode for WPMS link updated.
* Upd. The Real Person feature. Badge layout and popup improved.
* Fix. AltSessions. Encode array to JSON if tried to write raw array to the database.
* Fix. EmailEncoder. Added hook to encode.
* Fix. Forced AltCookies. Bot detector token gain improved.
* Fix. Integration. MailChimp and MailChimp Premium. Empty page issues on CleanTalk response fixed.
* Fix. Integration. Monta Checkout service action excluded.
* Fix. Integration. Ajax search lite plugin request was excluded – it will be caught by standard search form protection.
* Fix. Integration. Bloom integration fixed.
* Fix. Integration. WSFroms. Pregmatch issue fixed.
* Fix. Pixel. Pixel URL fixed.
* Fix. Request. WP HTTP API. Prepare headers to Request::flatten before request.
* Fix. SFW. SFW updating fixed.
* Fix. Server variables. Special sanitize rule for site search cases.

= 6.35 Jun 27 2024
* New. Comments. RealUserBadge implemented.
* New. Code. LinkConstructor class.
* New. Integrations. Added handler for LearnPress.
* New. Integration. Paid Membership Pro direct integration implemented.
* Mod. Links. CleanTalk links have UTM data now.
* Mod. RequestParameters. Common storage implemented.
* Mod. Cookies. Param ‘apbct_urls’ now works via RequestParameters class.
* Mod. Index files added to the plugins structure.
* Ref. Integrations. Updated flow for force_ajax_check.
* Fix. AltSessions. Encode array to JSON if tried to write raw array to the database.
* Fix. JS. External forms. Search for a submit element.
* Fix. Admin dashboard. Links to get premium layout fixed.
* Fix. JS. Replacing the DOM reference with a variable.
* Fix. JS. Delete xhr started from log.
* Fix. Settings. Get key automatically. Timezone fixed.
* Fix. Integrations. CF7.
* Fix. Integrations. ZOHO.
* Fix. integrations. WS forms. Email provided for get fields any.

Early changelogs look in changelog.txt