Spam protection, AntiSpam, FireWall by CleanTalk


Top-rated anti-spam protection for WordPress. No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.

Anti-Spam features

  1. Stops spam comments.
  2. Stops spam registrations.
  3. Stops spam contact emails.
  4. Stops spam orders.
  5. Stops spam bookings.
  6. Stops spam subscriptions.
  7. Stops spam surveys, polls.
  8. Stops spam in widgets.
  9. Stops spam in WooCommerce.
  10. Real-time email validation. Is email real or Not.
  11. Checks and removes the existing spam comments and spam users.
  12. Compatible with mobile users and devices.
  13. Compatible with General Data Protection Regulation (GDPR) (EU).
  14. Blocking disposable & temporary emails.
  15. No Spam – No Google Penalties. Give your SEO boost.
  16. Mobile friendly Anti Spam & FireWall.
  17. Stops spam in Search Form.
  18. Disable comments.
  19. Spam FireWall: Anti-Flood.
  20. Spam FireWall: Anti-Crawler.
  21. Hide «Website» field for comments.
  22. Block messages by languages, countries, networks and stop words.
  23. Email Address Encoder – protection for email addresses published on your site.

Free trial then $12 per year

CleanTalk is an anti-spam plugin which works with the premium Cloud Anti-Spam service This plugin as a service

Public reviews

Improve Your Security WordPress Spam Protection With CleanTalk Anti-Spam
The Hacker News.

CleanTalk – Cloud-Based Anti-Spam Service to Keep Your Site Bot-Free.
NewsWatch Review.

Compare reCAPTCHA & Akismet VS CleanTalk

I know you have heard of a number of anti-spam plugins. But you must know, the cloud-based ones are the best regarding detection rate. They compare all the content in forms with their own algorithm to find out the legibility.

The key selling point of CleanTalk for me is not simply its effectiveness. It’s the fact that CleanTalk works in the background. It does not make users jump through hoops in order to submit a comment or complete a form.

AntiSpam protection for comments

Native spam protection for WordPress, JetPack comments and any other comment plugins. The plugin moves spam comments to SPAM folder or you can set the option to ban spam comments silently. You can also enable the option in the plugin settings to auto-delete comments from SPAM folder.

Contact Form by WPForms spam filter

Plugin extends Contact Form by WPForms to provide spam protection. It filters spam submissions for each type of forms – simple contact form, marketing form, request a quote and etc.

Elementor Website Builder filter

Plugin extends spam protection for Elementor Website Builder. It filters spam submisssions and tested for contact form type.

Gravity forms spam filter

Plugin extends spam protection for Gravity forms. It filters spam submisssions for any type of forms.

Formidable Form Builder spam filter

Plugin extends spam protection for Formidable Form Builder. It filters spam submisssions for any type of forms – Contact Form, Survey & Quiz Forms.

Contact Form 7 spam filter

Plugin extends spam protection for Contact Form 7 (CF7). It can be used with any other third-party spam filters.
How to protect your Contact Form 7 using CleanTalk Anti-Spam plugin

WooCommerce spam filter

Anti-spam by CleanTalk filters spam registrations and spam reviews for WooCommerce. The plugin is fully compatible with WooCommerce 2.1 and higher.

Spam filter for theme contact forms

The plugin blocks spam emails via any theme (built-in ones included) contact forms. The plugin filters spam emails silently (without any error notices on WordPress frontend) in AJAX forms as well.

bbPress spam filter

Spam protection for everything about bbPress: logins, registrations, forums, topics and replies.

Other spam filters

  • WordPress Landing Pages.
  • WP User Frontend, UserPro.
  • Ninja forms
  • Contact Form Plugin by Fluent Forms Ninja forms
  • Forminator contact from
  • Newsletters – MC4WP: Mailchimp for WordPress (, MailPoet – emails and newsletters in WordPress (
  • Any WordPress form (checkbox ‘Custom contact forms’).
  • Any submission to the site (checkbox ‘Check all POST data’).

Check existing comments for spam. Bulk spam comments removal. Spam comment Cleaner

With the help of anti-spam by CleanTalk you can inspect through existing comments to find and quickly delete spam comments at once. To use this function, go to WP Console -> Comments -> Find spam comments.

Check existing users for spam. Bulk spam accounts removal. Spam users cleaner

With the help of anti-spam by CleanTalk you can inspect through existing accounts to find and quickly delete spam users at once. For use this function, go to WP Console -> Users -> Check for spam. Also, you can export a list of spam users to the CSV.

Private black lists for anti-spam service

Automatically block comments and registrations from your private black IP/email address list.

Hide «Website» field for comments

This option hides the «Website» field from standard WordPress comments forms. After that spammers won’t be able to send spam links using «Website» field in the bottom of the comments form.

Low false/positive rate

This plugin uses multiple anti-spam tests to filter spam bots having as low false/positive rate as possible.

How does CleanTalk improve SEO for your website?

So, you already know that the speed of the site has a direct impact on SEO.

CleanTalk works faster than most of the other anti-spam plugins. It is common knowledge that the faster your site loads, the better your customer experience is, the better your SEO will be, and the better your site will convert. Speed is becoming increasingly important in SEO, conversion and user experience. Today, site speed is one of the most important ranking factors on Google. A site that loads slowly will lose visitors and potential revenue.

Among anti-spam plugins CleanTalk AntiSpam is one of the fastest. Despite the large plugin functionality, the developers have optimized the performance of
the plugin so that AntiSpam by CleanTalk is faster than most analogs. This contributes to the cloud service architecture, as all calculations take place in the cloud, not on the server, the server receives the finished result for further action.

Unlike stand-alone plugins (WP Armour, Antispam Bee, WP Cerber) Anti-Spam by CleanTalk uses less CPU that improves site response, visitors experience and SEO results.

Spam FireWall

Spam FireWall allows blocking the most active spam bots before they get access to your website. It prevents spam bots from loading website pages so your web server doesn’t have to perform all scripts on these pages. Also it prevents scanning of pages of the website by spam bots. Therefore Spam FireWall significantly reduces the load on your web server. Spam FireWall also makes CleanTalk the two-step protection from spam bots. Spam FireWall is the first step and it blocks the most active spam bots. CleanTalk Anti-Spam is the second step and checks all other requests on the website in the moment of submitting comments/registers etc.

How does Spam FireWall work?

  • The visitor enters to your web site.
  • HTTP request data are being checked in the nearly 5.8 million of the identified spam bot IPs.
  • If it is an active spam bot, the bot gets a blank page, if it is a visitor then he receives a normal page. This process is completely transparent for the visitors.

All the CleanTalk Spam FireWall activity is being logged in the process of filtering.

Spam FireWall: Anti-Flood & Anti-Crawler

Spam FireWall: Anti-Flood and Anti-Crawler options are intended for blocking unwanted bots, content parsing, shop goods prices parsing or aggressive website scanning bots. Learn more

Anti-Spam plugin info

CleanTalk is an all-in-one anti-spam solution for WordPress that protects login, comment, contact and WooCommerce forms at once. You don’t need to install separate antispam plugins for each form. It allows your blog to work faster and save resources.

CleanTalk is a transparent antispam tool, we provide detailed stats of all incoming comments and logins. You can always be sure that there are no errors. We have developed a mobile app for you to see antispam stats wherever you want.

We have developed the antispam for WordPress that protects you from spam bots at the maximum level allowing you to provide your visitors a simple and convenient form of comments/registrations without annoying CAPTCHAs and puzzles. CleanTalk detects spam in multistage tests allowing us to block up to 99.998% of spam bots. The anti-spam method offered by CleanTalk avoids inconvenient for communication methods (CAPTCHA, question-answer etc.), and offers to your site visitors a more comfortable one.

CleanTalk is a premium anti-spam service for WordPress, the plugin works with our own CleanTalk Cloud Service. Anti Spam by CleanTalk offers a free trial, you can look at the pricing here. We provide anti-spam services at the highest level. To maintain this level we cannot afford to offer a free version of our service, as this will immediately affect the quality of the providing anti-spam protection. Paying for a year of anti-spam service, you save a lot more and receive:

  • Up to 99.998% protection from spam bots.
  • Time and resources saving.
  • More registrations/comments/visitors.
  • Spam protection of the several websites at once in different CMS.
  • Ease in installation and using.
  • Traffic increase and loyalty to the users.
  • 24/7 technical support.
  • Clear stats.
  • Spam FireWall.
  • No captcha (reCaptcha), puzzles, etc.

How to protect sites from spam bots without CAPTCHA?

The most popular anti-spam method is CAPTCHA – the annoying picture with curved and sloping symbols, which are presented to the visitor to decipher and fill in. In is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if the visitor wants to comment, he has to fill in these symbols time after time, making mistakes and starting once again. Sometimes CAPTCHA reminds us of the doodles of a two year old child. For users with vision problems CAPTCHA is an insurmountable obstacle. Users hate captcha. Captcha for users means “hate”. Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to decipher CAPTCHA 95% of visitors reject further attempts. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource spam both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts concerning the Need for CAPTCHA?

“Ultimately, CAPTCHAs are useless for spam because they’re designed to tell you if someone is ‘human’ or not, but not whether something is spam or not.” Matt Mullenweg

You do not have to work in IT to know what spam is. Besides piles of unwanted email, there are spam bots, or special software programs designed to act as human website visitors that post unwelcome messages over the Internet to advertise dubious services. More often than not spam messages do not even make sense. Similar to bacteria and virus mutations developing antibiotic resistance, spam bots are becoming more resilient in penetrating Internet firewalls and security layers.

White Label Mode

To switch the plugin work in the white-label mode you should set up a few settings on your main site in WordPress Multisite Network:

  1. Check setting “Enable White Label Mode”.
  2. Fill “Hoster API Key” field with key from CleanTalk’s hoster panel.
  3. Fill “Plugin name” field. It could be any name you want for the plugin.
  4. Save settings.

The plugin will do everything rest.

Real-time email validation. Is email real or Not.

It is very important to be sure that the user used his real email address. Spambots very often use fake email addresses, i.e. which addresses do not exist.

CleanTalk will check email addresses for existence in real time.

Non-existing email addresses also entail several other problems for website owners.

  • You can never contact them by email,
  • the client will never receive any notifications from you (account activation letter, password recovery, email distribution, notifications, etc.),
  • if you use email marketing for your clients, then a large number of nonexistent emails in the mailing list may result in your IP address being added to various blacklists of email servers.

Improve your email list with email validation without fake emails.

Blocking disposable & temporary emails

Block fake and suspicious users with disposable & temporary emails to improve email delivery. So, it also prevents malicious activity, spam bots, and internet trolls.

Stops Spam in Search Form

Spam bots can use your search form to make a GET request with spam text. CleanTalk Anti-Spam has the option to protect your website search form from spam bots. Each time, the search generates a new page and if there are many requests, this can create additional load. So, under some conditions, spam searches can be indexed, which affects SEO,

  • Spam FireWall blocks access to all website pages for the most active spambots. It lowers your web server load and traffic just by doing this.
  • Anti-Spam protection for website search forms repels spambots.
  • If your search form gets data too often the CleanTalk Anti-Spam plugin will add a pause and increase it with each new attempt to send data. It saves your web server processor time.
  • Spam protection allows you to not forbid indexation for the crawler bots if you really need it but simultaneously you will get protection from spambots.

You will always know what users were looking for on your site.

Disable comments

This option disables comments on your site. You can choose one or several options:

  • Disable comments for posts
  • Disable comments for pages
  • Disable comments for media

When using Disables comments, existing comments will not be deleted and will remain on the pages.

Email Address Encoder

CleanTalk Anti-Spam offers a feature called “Encode contact data” that is designed to encode all email addresses on the website pages. Encoding the email addresses increases the level of protection of contact data from being abused, parsed, getting spammed and used in spam mailing lists by bots and online criminals. To reveal the encoded email address simply click on it and it will be decoded instantly.

Will the anti-spam plugin protect my theme?

Yes, it will. The Anti-spam by CleanTalk is compatible with any WordPress theme.

Should I use other anti-spam tools (Captcha, reCaptcha and etc.)?

CleanTalk stops up to 99.998% of spam bots, so you can disable other anti-spam plugins (especially CAPTCHA-type anti-spam plugins). In some cases several anti-spam plugins could conflict with each other, so it would be better to use just one plugin.

Can I use CleanTalk with Akismet?

Sure, you can use CleanTalk with Akismet. In this case you will probably have higher false/positive rate (when legitimate comments/signups are being denied), but you will have stronger anti-spam protection on your website.

Is CleanTalk better than Akismet?

Please look at this features comparison here


  • Albanian (sq_AL) – thanks to fjalaime
  • French (fr_FR) – thanks to Gilles Santacreu
  • Spanish (es_ES) – thanks to Andrew Kurtis and WebHostingHub

Max power, all-in-one, premium anti-spam WordPress plugin. No comments & registrations spam, no contact spam, protects any forms. Just install and forget spam.


  • AntiSpam settings are easy to use to protect any contact forms. For example - Ninja forms, Fluent forms and etc.
  • AntiSpam plugin rejected a spam bot at the CAPTCHA less registration form. The plugin provides explanation to visitor and websites about each rejected comment/registration or contact message.
  • Use AntiSpam analytics tool for each website in service Dashboard to have information about spam/legitimate stats.
  • Use AntiSpam log to control anti-spam plugin.
  • CleanTalk works faster than most of other anti-spam plugins.
  • The Dashboard with a map of most spam active countries per your account.
  • The plugin deletes/removes the existing spam comments and users accounts.
  • CleanTalk's dashboard update link.
  • CleanTalk's dashboard.
  • SpamFireWall log.


Installation instructions

  1. Download, install and activate ‘Anti-spam by CleanTalk’.

  2. Get Access key

  3. Enter Access key in the settings: WordPress console -> Settings -> Antispam by CleanTalk

  4. Do dummy spam comment (registration or contact message) with email You should see notice: Forbidden. Sender blacklisted.

  5. Done! The plugin is ready to use.

Video guide – Anti-Spam Plugin Installation in WordPress.

Important! To test spam protection you must post a dummy submissions as website visitor (use must logged out from WordPress console), because the plugin doesn’t filter submissions from WordPress administrators.

How can setup plugin in WPMU version?

In WordPress multisite version you can switch the plugin to use Global Access key. In this way the plugin doesn’t show any options to enter Access key in plugin settings and doesn’t show Trial banner in WordPress backend. To setup global CleanTalk access key for all websites in WPMS, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Make it before you activated the plugin. If the plugin already activated, deactivate it and add the code and active it again.
Now, all subsites will have this access key.

Manage and control spam protection

Go to Dashboard at the or use Android, iPhone anti-spam app to manage and control spam protection.


Why are they spamming me?

Spammers want to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites.This level of spam can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of comments every week. However, by using a CleanTalk plugin, spam can be easily handled by your WordPress website.

Is the anti-spam protection safe for mobile visitors?

Yes, it is. The plugin doesn’t block mobile visitors as well as desktop website visitors. It uses several independent anti-spam tests to decrease the number of false outcomes and to have as low false-positive rate as possible. Multiple anti-spam tests help to avoid false/positive blocks for real website visitors even if one of the tests failed.

What does the plugin do with spam comments?

Spam comments are being moved to SPAM folder by default or you can set the option to ban spam comments silently.

How can I test the anti-spam protection?

Please use the email for comments, contacts or signups to see how the anti-spam protection works. Also, you can see the logs for the last 7 days in the Dashboard or look at the folder “Spam” for banned comments.

How does the plugin stop spam?

Please, note – administrator’s actions are NOT being checked.

The plugin uses several simple tests to stop spammers:

  1. JavaScript anti-spam test. 99% of spam bots don’t have full JavaScript functions support. So, the plugin has the code which can be run by normal visitor and can’t be run by the spam bot.
  2. Email, IP, domain spam activity list entries check. The plugin uses spam activity database online at, consisting of more than 20 billion spam activity records of IPs, Emails, Domains and ASN. If the sender’s IP or Email is in the database, the sender gets some spam scores. To reduce false/positive rate the plugin not only uses the blacklist test to ban spammers, the sender will be banned when and only when multiple spam tests have been failed.
  3. Comment submit time. Spam bots usually submit the info immediately after the page has been loaded, this happens because spam bots don’t actually fill the web form, they just send $_POST data to the blog. The normal visitor sends the data after several seconds or minutes.

What about pingback, trackback spam?

The plugin passes pingbacks without any checks by default. All trackbacks will be blocked if the sender had spam activity.

Can I use CleanTalk to remove pending spam comments?

Yes, you can. The plugin has the option to test all pending comments via database of spam active IP/Email, found spam comments will be moved to Trash folder.

How does the plugin find spam in pending comments or registered accounts?

The plugin checks all non-spam comments in the blacklist database and shows you those senders who have spam activity on other websites.
There are some differences between blacklist database and API to protect you from spam bot registrations/comments online. Blacklists show all history of spam activity, but our API (which is used in spam tests) relies on other parameters too: last day of activity, number of spam attacks during the last days etc. These mechanisms help us to reduce the number of false outcomes. So, there is nothing strange, if some emails/IPs are not found by bulk comments/accounts test.

To check comments please go here:

WordPress console -> Comments -> Find spam comments

To check users please go here:

WordPress console -> Users -> Find spam users

Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)?

Yes, the plugin is compatible with WordPress MultiUser. Each blog in multisite environment has individual anti-spam options for the protection from spam bots.

After the installation I noticed that the number of spam attacks has been increased in the stats

There are a few reasons for this:

  • With the indexing of your web-site by the search systems, appearance of external links and better search results position, your web-site attracts more and more spambots.
  • Non-transparent protection systems like CAPTCHA or question/answer, that don’t have spam attacks stats, don’t let you see the whole picture, or the picture is incomplete.
  • Counting methods for spam attacks and spam bots are different for different systems, thus the diversity appears. We seek to provide detailed stats.

Why my dummy “spam” comment passed to the WordPress?

The plugin has several options to detect spam bots and humans. If you just post spammy text like this:

"I want to sell something", "Buy something here.." and etc

the comments will be passed, because the plugin detects sender as a human. So, use special email to test the anti-spam functionality or wait a few days to see how the plugin works.

Is it free or paid?

The plugin is free and distributed under the GPLv2 license.

CleanTalk anti-spam plugin works with a cloud base anti-spam service and this plugin is a Software as a service (SaaS).
CleanTalk it’s a free plugin that works with premium Cloud Anti-Spam service.

The fact that the plugin works with a premium type service is mentioned in the plugin annotation and in its WordPress catalog description.

We are ready to help you with any issue regarding CleanTalk. There are hundreds of environment compositions and we do our best to cover as many as possible.

Can I use CleanTalk with cache plugins?

Anti-spam by CleanTalk doesn’t use static HTML code in its templates, so all anti-spam functions work correctly with any WordPress cache plugins.

Does the plugin protect from spam bots if I use forms with third-party services?

Yes, it does. Plugin protects web-forms on your websites which send data to third-party servers (like MailChimp). To enable this protection set the option ‘Protect external forms’ in the plugin settings.

Does CleanTalk compatible with Cloudflare?

CleanTalk is fully compatible with CloudFlare. Service doesn’t filter CloudFlares IP’s (AS13335) through blacklists database, so in this case plugin/service filters spam bots using other anti-spam tests.

Is CleanTalk compatible with a content delivery network (CDN)?

Yes, it is. CleanTalk works with any CDN system, i.e. CloudFlare, MaxCDN, Akamai.

Can I use CleanTalk functionality in my plugins?

Yes, you can. Just use following snippet:

    include_once( ABSPATH . '/wp-content/plugins/cleantalk-spam-protect/cleantalk.php' );
//for registration test:
$res=ct_test_registration("nickname", "", "");
//or for some other messages (contact forms, comments etc.)
$res=ct_test_message("nickname", "", "", "test message");

$res now contents array with two parameters:
* $res[‘allow’] – is request allowed (1) or not (0)
* $res[‘comment’] – comment for our server’s decision.

I see two loads of script cleantalk_nocache.js. Why do you use it twice?

This script is used for AJAX JavaScript checking. Different themes use different mechanisms of loading, so we use two methods for loading our script. If you absolutely know what you are doing, you can switch one of the methods off by defining constants in your wp-config.php file:

define('CLEANTALK_AJAX_USE_BUFFER', false); //false - don't use output buffering to include AJAX script, true - use it


define('CLEANTALK_AJAX_USE_FOOTER_HEADER', false); //false - don't use wp_footer() and wp_header() for including AJAX script, true - use it

Can I add exclusions for some pages of my site?

Yes, you can. There is a special setting in plugin settings.
You could use this guide to learn more:

Can I not send my personal data to CleanTalk servers?

Yes, you can exclude your data. There is a special setting in plugin settings.
You could use this guide to learn more:

How to test Spam FireWall?

Use special IP in URL to test Spam FireWall. For example,

Attention! The incognito mode should be enabled in your browser when you do a test. To enable incognito mode press Ctrl+Shift+N for Chrome, Opera и Safari browsers; press Ctrl+Shift+P for Firefox, Internet Explorer and Microsoft Edge. A full guide to enable Incognito mode is here:

How can I enter access key in WPMU version?

To set up global CleanTalk access key for all websites in WPMU, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Now, all subsites will have this access key.

Does the plugin work with Varnish?

CleanTalk works with Varnish, it protects WordPress against spam, but by default the plugin generates a few cookies for the protection from spam bots and it also disables Varnish cache on pages where CleanTalk’s cookies have been stored. To get rid of the issue with cache turn off the option ‘Set cookies’ in the plugin settings.

WordPress console -> Settings -> CleanTalk -> Advanced settings

Now the plugin will protect WordPress comments, registrations and most of popular contact forms, but will not protect some of rarely used contact forms.

Does the anti-spam plugin work with Accelerated Mobile Pages (AMP)?

Yes, it does. But you have to turn off the SpamFireWall and the option ‘Use AJAX for JavaScript check’ in Advanced settigns of the plugin to be fully compatible with Accelerated Mobile Pages.

Should I change anything in the plugin’s settings or in my CleanTalk Dashboard when I switch my website from HTTP to HTTPS or vice versa?

No. You don’t need to change anything in the plugin’s settings or in your CleanTalk Dashboard. The plugin will work regardless of the protocol.

Spam FireWall and AntiSpam – Networks Blocking

Anti-Spam – will blocks users from selected IP or network from using contacts/messages/registrations/comments forms.
Spam FireWall – will blocks users from selected IP or network from entering the website.

Please, read more here

Spam Comment Management

By default, all spam comments are placed in the spam folder, now you can change the way the plugin deals with spam comments:

  1. Move to the Spam folder. All spam comments will be placed to the folder “Spam” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

You can prevent the proliferation of Spam folder. It can be cleaned automatically using the option “Keep spam comments for 15 days.” Enable this option in the settings of the plugin: WordPress Admin Page -> Settings -> Antispam by CleanTalk -> Advanced settings -> enable “Keep spam comments for 15 days” -> Save Changes.

  1. Move to Trash. All spam comments will be placed to the folder “Trash” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

  2. Ban comments without moving to WordPress backend. All spam comments will be deleted permanently without going to the WordPress backend except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

What comments were blocked and banned can be seen in the Anti-Spam Log here:

To manage the actions with spam comments, go to the Control Panel, select the website you want to change the actions for and go to “Settings” under the name of the website.

Please, read more here:

Is the plugin EU GDPR compatible?

Yes, it is. Please read this article,


24 september 2023 1 reactie
Если бы не помощь плагина в фильтрации вредоносов, работа сайта с форумом была бы невозможной. Отличная работа!
22 september 2023 1 reactie
I've only been using it for 3 days, but it has already fended off many attacks. The first spam postings were also recognised and blocked. It's great that there's something like this, I'll look at it for a while and then I'll change to the Basic+, maybe later to the Pro.
20 september 2023 1 reactie
I've been using CleanTalk's cloud services for my website, and I couldn't be happier. Their anti-spam solutions are incredibly effective, keeping my site free from spam comments and registrations. The user-friendly interface makes it a breeze to set up, and it works seamlessly in the background. I highly recommend CleanTalk to anyone looking for a reliable and efficient way to fight against spam. It's a 5-star solution for sure!
Lees alle 2.727 beoordelingen

Bijdragers & ontwikkelaars

“Spam protection, AntiSpam, FireWall by CleanTalk” is open source software. De volgende personen hebben bijgedragen aan deze plugin.


“Spam protection, AntiSpam, FireWall by CleanTalk” is vertaald in 20 talen. Dank voor de vertalers voor hun bijdragen.

Vertaal “Spam protection, AntiSpam, FireWall by CleanTalk” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.


6.18 Sep 14 2023

  • Fix: Exclusions. VBOUT Woocommerce Plugin service request excluded.
  • Fix: Developing. GitHub action midified.
  • New: JS. Add frontend params for typo.
  • New: Integration. Elementor UltimateAddons Register integration.
  • New: Integration. BuddyPress feedback collected on users management page.
  • Fix: Tests. SFW private lists test fixed.
  • Fix: Common. Check js hidden field drawing fixed.
  • Fix: Alt cookies. Clearing old data fixed.
  • New: AMP Plugin integration.

6.17 Aug 31 2023

  • Fix: SFW_update. Create temp table for personal data.
  • Fix: Email encoder. Prevent encoding emails into attributes aria-label.
  • New: Modal before deactivation is ready.
  • Fix: NoCookie. PreloadLocalstorage fixed. Previous value gain fixed.
  • Fix: Fixed apbct_timestamp.
  • Mod: Cookie. Cookie type is “Auto” (3) by defaults.
  • Fix: Anti-Crawler. Exclude W3 Total Cache minified files request from AC check.
  • New: Integration. MailPoet2 integration implemented.
  • Mod: Ninja forms bot-detector token gain via AltSessions.
  • Fix: AC. JSON parse to array instead of object.
  • Fix. Do not send event token to XHR if it is already sent and equal to the newly gained from moderate.
  • New: SFW. Separate 2s blacklists.

6.16 Aug 17 2023

  • Fix: External MailerLite fixed
  • Fix: Jetpack. Send apbct_timestamp to alt_cookies on alt-cookies forced forms.
  • Fix: Integration. LatePoint. Event token now can be added to dynamically rendered form.
  • Ref: Review notice
  • Fix: White Label
  • New: Integration. Zoho 3rd party service integration implemented.

6.15 Aug 3 2023

  • New. Integration. LatePoint booking integration implemented.
  • New. Integration. Cleantalk Register Widget integration implemented.
  • New. External forms. Protection via fake submit button implemented.
  • WordPress 6.3 compatibility. NinjaForms. Fixed negative response logic.
  • WordPress 6.3 compatibility. WPForms. Disable form protect on form editing for logged-in users.
  • Fix: excluded trp_get_translations_regular action Artem
  • Fix. Pixel. Added validation for pixel url.
  • Fix: Fixed apbctPrepareBlockForAjaxForms().
  • Mod. Bot-detector field clearance. Now use the name attribute instead of ID.

6.14.2 Jul 26 2023

  • Fix. Additional frontend scripts fixes.

6.14.1 Jul 26 2023

  • Fix. Public frontend scripts fixed.

6.14 Jul 20 2023

  • New. Integration. Flux Checkout for WooCommerce service requests skipped.
  • New. Integration. Some external form protection implemented.
  • Fix. Alt cookies. Parameters input_focused and key_up storing fixed.
  • Fix. apbct_cookie() call. Do not skip requests if GET contains ‘q’.
  • Fix. Exclusions. Logic modified, legacy support improved.
  • Fix. Jetpack integration. Params gathering fixed.
  • Fix. Integration. WPForms blocking message fixed.
  • Fix. Common. Checking REST availability fixed.
  • Fix. Common. DNS – using global variable DNS_TXT refactored.
  • Fix. Common. CookiesBot integration added.
  • Fix. Common. Blocking message for custom ajax forms fixed.
  • Fix. Common. Enable event token for all requests.
  • Fix. Cookies. Do not skip native cookie set if localStorage object persist.
  • Fix. Integration. Avada fusion builder. Collect the inner form data correctly.
  • Fix. Public scripts. Interception of ajax response logic fixed.
  • Fix. SFW. Force direct updating flag implemented.

6.13 Jul 06 2023

  • Fix. PHP 8.1 compat. Email encoder.
  • Fix. PHP 8.1 compat. Check users/comments. Title is not null forced.
  • Fix. Ultimate Form Builder. Message clearance.
  • Fix. NoCookie data clearance. New function apbct_clear_query_from_service_fields() clear the value of form service fields instead of unset it if the value is get-query-like.
  • Update. SFW. Check sfw temp table exists before insert data.
  • Fix. Integration. Ultimate Form Builder Lite. Glue same key values.
  • Fix. Integration. OptimizePress checkout exclusions.
  • Update. SFW. Use isTableExists instead of direct query.
  • Fix. cleantalk-public-integrations.php. ct_s2member_registration_test(). Integration fixed.
  • Fix. Settings. Use DELETE SQL-command instead TRUNCATE option deleted.
  • Fix. Settings. Checking REST availability fixed.

6.12 Jun 22 2023

  • New. Restoring WC blocked orders implemented.
  • Fix. Exclude. Excluded request from ProfilePress login form.
  • Fix. JS. External form not copied value for checkbox or radio button, fixed.
  • Fix. Exclude login. Excluded UserPro login form request.
  • Fix. Cleantalk AJAX check. Avada form builder fields collection fixed.
  • Fix. Do not load public scripts for logged-in users if “protect logged-in” option is disabled.
  • Fix. Mouse pointer data set. Alt cookie skipping condition fixed.
  • Fix. Force ajax type with constant APBCT_SET_AJAX_ROUTE_TYPE.
  • Fix. Hidden fileds exclusions refactored. Woocommerce login form sign added to exclude hidden fields attach.
  • Fixed text while encoding
  • Fix. Email encoder. Return HTML escap for privacy policy links.
  • Fix. Fetch XHR. TWT email signup form catch impemented with jQuery.
  • Fix. Comments and users checker. Whitelable mode brands shown correct.
  • Fix. Woocommerce integration. Route “\?wc-ajax=cfw_validate_email_domain” is skipped from APBCT check.
  • Fix. WC blocked orders. Hyperlinks on the admin bar fixed.
  • Fix. Common. Get fields any – message detecting fixed.

6.11.2 Jun 14 2023

  • Fix. Mouse pointer data set. Alt cookie skipping condition fixed.

6.11.1 Jun 13 2023

  • Fix. Honeypot for searchforms. Reverted changes normalized.
  • Fix. Custom forms. AJAX search pro exclusions updated.

6.11 Jun 08 2023

  • New. Bot detector added for several forms.
  • Fix. Honeypot field for search forms now contains a value.
  • Fixed error with DOMDocument
  • Added libxml_clear_errors()
  • Fix. Js. Fixed logic for case when form is excluded.
  • Add. Integration. Added integration for SendyWidgetPro.
  • Fix. Remove searchform sign from POST data check.
  • Fix. Comment checker. Comment type “review” support added.
  • Fix. White label. Brand replacement fixed.
  • Fix. Integrations. Handle case when Gravity Form rebuild document if form validation failed.
  • Fix. JS. Add check that jquery exists.
  • Fix. Javascript. Catching XHR fixed.
  • Fix. Form Signs Exclusions. Update handle for case if apbct_skip_this_form in POST[data]
  • Fix. Pixel. Special GET snippet added to skip Nitorpack CDN and caching.
  • Moved apbct_cookie to init
  • Correct apbct_page_hits cookie
  • Fix. Admin. Checking ajax requests improved.
  • Fix. apbct-public–2–public.js -> ctMouseReadInterval is declared early.
  • Fix. SFW. Triggered IP hyperlink fixed.
  • Fix. Common. Unset event_token service field from requests.
  • Fix. Integrations. Excluded wpform email validate request.

6.10 May 24 2023

  • Fix. Integrations. Ultimate Addons for Beaver Builder: Exclude login form request.
  • Fix: Integration. Digits – extra request fixed
  • New: Integration. Indeed Ultimate Membership Pro integration implemented.
  • Fix: Integration. Indeed Ultimate Membership Pro – exclude request from general forms catching.
  • Fix. Pixel. Pixel gathering fixed.
  • Fix: Fixed MetForm Integration
  • fix: fixed block message
  • fix: fixed block message – eform
  • fix: fixed unknown block response
  • Fix. WC_Invoice4U exclusion.
  • Fix. NoCookie. Remove noise from base64 string.
  • Added exlutions for Localize
  • New. Store WC spam orders.
  • Fix. Integration. Skip OptimizeCheckouts fields checks
  • New. White label. Replace brands data to apbct->data[wl_*].
  • Fix. Cookies. Native cookies mode fixed.

6.9.2 May 5 2023

  • Fix: local_storage_pixel_url fixed

6.9.1 May 2 2023

  • Fix. Fixed javascript
  • Fix: no_cookie_data_taken fixed

6.9 Apr 27 2023

  • Ref: Exclusion roles refactored, exclusion signs group added, groups names layout changed.
  • Mod: Improved code style.
  • Ref: GDPR. Removed logic.
  • Mod: Update. Cookie auto. Set setting to cookie – off, in case if data processing in auto and cache plugin detected.
  • Fix: SFW. Made the priority list a priority.
  • New: Digits integration implemented.
  • New: Modern Events Calendar integration implemented.
  • Fix: Common. Page url parameter fixed.
  • Fix: Integration. Skip Billige-teste theme 1st step checkout request.
  • Fix: Integrations. Skip WS Forms Pro request – have the direct integration.
  • Fix: Integrations. Gravity Forms block message layout fixed.

6.8 Apr 13 2023

  • Add. New tags


div> in custom response message.
* Update. WPMS. Update counters for spam users.
* Update. SFW. Update message on sfw die page.
* Fix. Manage Spam Comments. Fixed approve comment logic.
* Fix. External forms.
* Fix. Block message for BricksExtras.
* Fix. Excluded resize-image().
* Fix. FluentForm integration.
* Fix. Excluded requests from Profile Builder.

6.7 Mar 30 2023

  • Added rotateModerateAndUseIP() if attempt is failed
  • Mod. Force use CleanTalk http request instead of WP HTTP API.
  • Add. Js. Gathering errors.
  • Mod. Skip third retry if rotateModerateAndUseIP() does not help.
  • Mod: Added another MemberPress Integration Signup Form
  • Add. Js. Gather errors in db.
  • FluentForms fixed
  • Fix: fixed sendAjaxCheckingDinamicFormData()
  • Fix. HTTP lib. WP 6.2+ supporting implemented.
  • Fix. Settings. Default value for data__email_decoder_buffer added.
  • Mod: Another integration with GiveWP
  • Mod. Remove redundant option “Use SSL”.
  • Mod. Remove redundant code in API.
  • Fix: Excluded request with wcf_check_email_exists – CartFlows
  • Update. Notice review. Refactoring notice.
  • Update. Internal forms. Removed jquery dependencies.
  • Add. Js. Added mail view, cron task, and improve js execute.
  • Update. Mail view. Removed Manage notifications settings link from mail footer.
  • Fix: Fixed apbct_wp_validate_auth_cookie()
  • Fix. Integration. bbPress: replies protection fixed.
  • Fix. Common. Connection reports and Update sentinel objects fixed.

6.6 Mar 16 2023

  • Excluded qsm_save_resume_auto_save_data action
  • Exclude request from QSM – Save & Resume Addon
  • Added correct block message
  • removed jquery from scripts
  • Fix. Integrations. Added exclusion for Optima Express search.
  • Fix. Integrations. Added no_cookie_data for popup dynamic form.
  • Fix. Settings. Ajax JS setting description fixed.
  • Fixed ct_get_checkjs_value()
  • Fix: excluded the form from javascript processing
  • Fix. Users scanner. Delete action added for the non-checkable users found.
  • fix: fixed apbct_is_plugin_active function name
  • Fix. Comments managing. Public side managing comments fixed
  • Fix: Fixed apbctProcessIframes()
  • fix: fixed fusion block message
  • Fix. Admin notices. Layout styles fixed.
  • Fix. Admin notices. Dismissing notices logic fixed.
  • Fix. Admin notices. “Review” notices logic fixed.
  • Fix. Admin notices. JS errors during notice dismissing fixed.
  • Update. JS. Rewrote logic without jquery in external file.
  • New. SFW update sentinel (reporting about failing updates).
  • Fix. Readme. Old changelogs moved to ‘changelog.php’.
  • Fix. Integration. BuddyPress integration – register protection fixed.
  • Fix. Integration. JetPack contact form – js checking fixed.
  • Fix. Integration. bbPress integration – topic creation protection fixed.
  • Fix. Common. JS – added delayed listeners for delayed forms.
  • Update. JS. Handle external forms in frames.

6.5 Mar 02 2023

  • New. State autoupdating. Set new settings values during plugin update.
  • New. Integrations. Integration with LeadFormBuilder.
  • New. Integrations. Added Ultimate Membership Pro.
  • Fix. Integrations. Exclude checkbox and radio inputs from message data.
  • Fix: Fixed z-index overlay
  • Fix: Added stopping script for easylogin
  • Fix. Code. Ajax request initialization fixed.
  • Fix. JS localizing. JS object defining fixed.
  • Fix. Code. WP-Rocket JS minification preventing.
  • Fix. Code. No cookie fields ID attribute removed.
  • Fix. Remote calls. Getting template RC fixed.

6.4.1 Feb 20 2023

  • Fix. Search fields. Add unreachable option.

6.4 Feb 16 2023

New integrations added ⚙, Email Encoder functionality improved 😎, CDN support improved 🐸, many integrations fixed 🐞 and some minor issues fixed 💪🏼

  • New. Added mail encoding via buffer.
  • New. Localize data with wp_head (support Ezoic, CF, LS cache etc).
  • New. Integration. WP Booking System plugin integration implemented.
  • Fix. Skip Ajax Search Pro forms from hidden field adding.
  • Fix. Cookie apbct_timestamp is set as HttpOnly.
  • Add. Integrations. Add HubSpot integration, extend logic for external forms handler.
  • Fix. Common. CAPD catching fixed.
  • Update. Integrations. Add handler for run previous onsubmit action in dinamic rendered external forms.
  • Fix. Integration. RegistrationMagic service requests excluded.
  • Fix. Common. Collecting JS on custom forms fixed.
  • Fix. Integrations. Fix onload event handler overwrited.
  • Fix. JS. Gathering visible fields fixed.
  • Fix. Integrations. Check each external forms on page, instead of return with first exclusion.
  • Fix. Integrations. Skip woocommerce add to cart trigger.
  • Fix. Integrations. Woocommerce add excluded condition for password recovery form.
  • Fix. Integrations. Skip WooCommerce addon – Wati – action for customers who came from Whatsapp.
  • Fix. EmailEncoder. Add style color setting to popup text element.
  • Fix. Integrations. User meta through is_ajax param.

6.3.1 Feb 02 2023

  • Fix. Integrations. Add rules for catching metform fetch.

6.3 Feb 02 2023

Several form builders integrated 🎯, many integrations fixed 🐞 and some minor issues fixed 💪🏼

  • Add. Integrations. Added Mailoptin.
  • Add. Integrations. Added Metform.
  • Fix. Integration. Ultimate Form Builder collecting parameters fixed.
  • New. Common. Added new filter to preprocessed data for the visible fields comparing.
  • Fix. Integration. UFB visible fields processing filter implemented.
  • Fix. Common. No cookie data gathering fixed.
  • Fix. Integration. Skip ActiveCampaign for WooCommerce service request.
  • Fix. Integration. Skip AutomateWoo service request
  • Mod. RemoteCalls. RC run_service_template_get cooldown changed from 3600 to 60 seconds.
  • Fix. Hosting license. Checking license status fixed.
  • Fix. Hosting license. Settings saving fixed.
  • Fix. Clear no_cookie_data_taken stat on State init.
  • Fix. Kali forms precheck skipped.
  • Fix. Clear no_cookie_data_taken stat on State init.
  • Fix. Common. Akismet compatibility in comments management part.
  • Fix. Translations. Now plugin can use local .mo files.
  • Fix. Dashboard chartjs. Added options for support an outdated chartjs version 2.9.
  • Fix. Integrations. Nobletitlecalc custom plugin exclusion.
  • Fix. SFW. Queue is in progress logic fixed.
  • Fix. Integration. AutomateWoo services requests excluded.
  • Fix. Integration. WooCommerce checking JS fixed.

6.2.1 Jan 24 2023

  • Fix. Integration. Convert Pro form integration fixed.
  • Fix. Integration. AJAX forms JS detection fix.
  • Fix. NoCookie. Message field clearance from service data.
  • Fix. Updater. PHP 8.0 compatibility.
  • Fix. Search forms. New sign of search forms to handle via NoCookie mode.
  • Fix. Search forms. Fix JS error while parsing NoCookie data.

6.2 Jan 19 2023

New remote call handled added, common parameters implemented, some integrations fixed and some minor issues fixed 💪🏼

  • New. RC. Remote call service_template_get implemented.
  • New. Common. New params from JS has_focused and has_keyup.
  • Fix: If cookies_type===none – unset cookies_enabled
  • Mod. Integrations. Force AltCookies usage for Ninja Forms on NoCookies mode.
  • Mod. Integrations. Force AltCookies usage for Smart Forms on NoCookies mode.
  • Mod. Integrations. Force NoCookie data setting via direct integration for UltimateFormBuilder.
  • Mod. Chart source changed to opensource ChartJS.
  • Fix. Admin widget. Do not enqueue scripts if the widget is disabled.
  • Fix. Helper. Php notice fixed.
  • Fix. New AJAX integrations skip rules moved AJAX part.
  • Fix. ErrorToggle logic.
  • Fix. SFW. SFW outdated notice fixed.
  • Fix. Email encoder. Do not send encoded email to the cloud.
  • Fix: Fixed counter of checked comments when press pause
  • Fix. SFW. New statuses 99 implemented.
  • Fix. Added notice_email_decoder_changed banner
  • Fix. Fixed notice_email_decoder_changed()
  • Fix. SFW. Blocking pages for the testing purpose fixed.
  • Fix: Fixed counter of checked comments when press pause
  • Fix. Common. page_hits, prev_referer, site_referer parameters collecting fixed.
  • Fix. Common. Parameters collecting fixed.
  • Fix. Settings. Cookies option description fixed.
  • Fix. Admin. Dashboard widget fixed.
  • Fix. Integration. Formidable integration fixed.
  • Fix. Integration. Ultimate Form Builder integration fixed.
  • Fix. Ajax. Skipping direct integrations requests fixed.

Early changelogs look in changelog.txt