Descripción

🛡️ Safeguard your WordPress website effortlessly with Zero Spam for WordPress! Say goodbye to spam, malicious users, and a variety of sneaky attacks that can disrupt your online presence. Our plugin, powered by an advanced behavior detection engine, integrates seamlessly with Zero Spam, Stop Forum Spam, and Project Honeypot to provide you with a robust defense system.

🔍 Rest easy knowing that our plugin utilizes multiple detection methods to swiftly identify and halt potential threats. Whether it’s pesky spam, devious trolls, or cunning hackers, Zero Spam for WordPress is here to protect your digital kingdom.

💪 Take your website’s security to the next level with our seamless integration with popular plugins like WooCommerce, GiveWP, Gravity Forms, and many more. By joining forces, we ensure comprehensive protection for your valuable online assets.

💫 Don’t let spam and malicious users run amok on your WordPress website. Choose Zero Spam for WordPress and enjoy a safer, more enjoyable online experience. It’s time to take control and keep your virtual doorstep spam-free and secure!

Worry-free, Powerful Protection at Your Fingertips

Say goodbye to captchas and moderation queues—spam is no longer a user or administrator’s problem.
Our intelligent behavior detection engine dynamically blocks threats, keeping your site safe.
Benefit from seamless integration with global IP reputation providers for enhanced security.
Take control with the ability to block IPs temporarily or permanently, ensuring unwanted visitors stay out.
Geolocation integration allows you to track the origins of threats, providing valuable insights.
Safeguard your site by blocking entire countries, regions, zip/postal codes, and cities.
Utilize the optional disallowed list using splorp’s Comment Blacklist to further enhance your protection.
Block known disposable and malicious email domains effortlessly using disposable.
Our plugin employs multiple detection techniques, including the renowned solution by David Walsh.

But wait, there’s more! Enhanced Protection for Various Forms

Protect your valuable comments, user registrations, and login forms from unwanted intrusions.
Safeguard your GiveWP forms, preventing attempts to test stolen credit cards.
Enjoy seamless integration with popular form plugins such as Gravity Forms, Contact Form 7, WPForms, Formidable Form Builder, Fluent Forms, and wpDiscuz.
Ensure secure registrations for your WooCommerce store.
Protect your Mailchimp for WordPress sign-ups from potential abuse.
Keep your ProfilePress registrations safe and secure.
Plus, our plugin seamlessly integrates into any existing theme or plugin, providing ultimate flexibility.

Experience the peace of mind that comes with Zero Spam for WordPress—your reliable shield against spam and malicious threats.

Expert Support at Your Service

Our dedicated team of highly-experienced developers is here to provide you with unparalleled support.
Have questions or need assistance? Join the vibrant support forum and tap into a wealth of knowledge.
Share your feedback, report bugs, or suggest new features on Github to help us continuously improve.
For direct inquiries or personalized assistance, feel free to contact us directly.

With Zero Spam for WordPress, you not only get exceptional protection but also a reliable support system that ensures your peace of mind.

Enhance Detection with Optional 3rd-Party Integrations

Zero Spam for WordPress offers the flexibility to integrate with additional services, bolstering its ability to detect spam and malicious users. While these integrations are entirely optional and not mandatory for Zero Spam to function, they can provide valuable insights. Prior to opting into any of these services, we recommend reviewing their respective terms of use and privacy policies.

Zero Spam – Utilize their advanced spam score analysis by sharing visitor IP and, when available, email. Take a look at their Privacy Policy and Terms of Use for more details.
ipbase.com – Access detailed geolocation information by sharing visitor IP. Familiarize yourself with their Privacy Policy and Terms of Use.
ipinfo.io – Gather comprehensive geolocation details by sharing visitor IP. Refer to their Privacy Policy and Terms of Use for further information.
ipstack – Obtain extensive geolocation insights by sharing visitor IP. Review their Privacy Policy and Terms of Use to learn more.
Stop Forum Spam – Verify if visitors’ IPs have been reported for spam-related activities. Explore their Privacy Policy and Terms of Use for additional details.
Project Honeypot – Check if visitors’ IPs have been flagged for suspicious behavior. Refer to their Privacy Policy and Terms of Use for more information.
Google Maps – Enable plotting of attack locations on Google Maps. Please review their Privacy Policy and Terms of Use for complete details.

Additionally, you have the option to contribute to Zero Spam’s improvement by enabling the sharing of detection information. For further information on the shared data, kindly refer to our FAQ.

Capturas

Dashboard
Log
Settings
Add blocked IP address
Add blocked location

Instalación

Upload the entire zero-spam folder to the /wp-content/plugins/ directory.
Activate the plugin through the Plugins screen (Plugins > Installed Plugins).
Visit the plugin setting to configure as needed (Settings > Zero Spam).

For more information & developer documentation, see the wiki.

Preguntas frecuentes

Does Zero Spam for WordPress block user IPs?

Not on its own. Zero Spam for WordPress does not automatically block IP addresses. If a visitor is blocked, it could be due to manual blocking by the site admin or their presence in IP blacklists such as Stop Forum Spam, Project Honeypot, or the Zero Spam.

In the event that a legitimate user is blocked, refer to the Log (Admin > Dashboard > Zero Spam > Log) for further details on the reason behind the block. You have the flexibility to adjust the strictness of the 3rd-party blacklist checks or disable them if your users are prone to being flagged as spam or malicious.

Does Zero Spam for WordPress check Jetpack comments?

No, it doesn’t. Zero Spam for WordPress does not have integration with Jetpack. If you have any inquiries regarding this, please refer to https://wordpress.org/support/topic/incompatible-with-jetpack-comments for more details.

How do I boost performance of Zero Spam for WordPress?

Enable caching for optimal performance. Enabling caching is highly recommended as it helps prevent repetitive calls to third-party APIs and access checks during each page visit.

To further optimize performance, you can adjust the cache and API timeout settings in the admin panel based on your server specifications and specific requirements.

Does Zero Spam support WP-CLI commands?

wp zerospam autoconfigure — Auto-configures with recommended settings.
wp zerospam settings — Displays all plugin settings.
wp zerospam set --[SETTING_KEY]=[VALUE] — Updates a plugin setting.

Are you getting a `ftp_fget` PHP warning?

Some hosts have issues with they way they access files. If you’re seeing a ftp_fget PHP notice, setting the FS_METHOD constant to direct in wp-config.php above the line /* That's all, stop editing! Happy Pressing. */ should solve the problem:

define('FS_METHOD', 'direct');

If hosting with Pantheon, see their known issues page for more information and what to do to resolve it with their $_ENV['PANTHEON_ENVIRONMENT'] variable check.

Reseñas

Eli 22 de mayo de 2023 1 respuesta

The plugin seems to be highly effective against combating spam comments, registrations etc. Support team is very fast in replying to support requests, going above and beyond to develop solutions for customers. I recommend.

codejp3 13 de diciembre de 2022 3 respuestas

Has been my go-to anti-spam plugin for quite some time. I've used many of the techniques individually on many sites. Having them rolled up into a single plugin is just amazing! All 1-star reviews that say it doesn't work, don't have it setup/integrated properly, which can take a little bit of effort. There is no magical anti-spam protection that instantly happens when you activate it. BUT, once you do implement a few of the techniques this plugin provides, spam becomes a thing of the past. Prior to v5.2.15, would have been an easy 5-star rating. Because of v5.2.15, I regrettably have to give it 1-star review. Plugin author: This is an ANTI-SPAM plugin, NOT a Ukraine support plugin. If you want to show your support for Ukraine, make a plugin for it. DON'T ruin a useful plugin by injecting unrelated political beliefs it into it. Blocking spam is blocking spam. Supporting Ukraine is supporting Ukraine. Mix them together and you just end up ruining both. v5.2.15 feat(ukraine): we’ll no longer provide protection for .ru, .su, and .by domains & will display a banner of support for the ukrainian people on those sites – united with ukraine Personal Note to the Plugin Author: It's your plugin, you can do what you want, but here's an important question: Is this plugin for YOU (the plugin author) to broadcast political beliefs, or for US (the plugin users) to block spam? Between those two, which one is more important? Pick one and go with it. If you pick personal political beliefs over plugin user functionality then it's only a matter of time until someone takes all of your hard work on this plugin, removes your political beliefs, releases it as a new plugin, and surpasses you in # of installs, making this plugin obsolete. You will be your own undoing. Would hate to see that happen to an otherwise WONDERFUL & AMAZING plugin! Remove personal politics from this plugin, and my review will change to the 5-star review that it deserves.

yiannisc 21 de septiembre de 2022

I used this plugin to reduce spam and it works like a treat. Highly recommended.

richardquerrey 6 de septiembre de 2022

This plugin undergoes a UI change every few months, and continues to make the same mistake - it doesn't remember what the previous settings were on 'big' updates. Which is a huge dev failure. If you have it on multiple sites, suddenly your contact form is getting spammed to high heaven again. Then you have to go back in, and redo the settings.

divishop 9 de agosto de 2022 1 respuesta

Plugin keeps telling me to upgrade even after I dismiss the notice.

krakenupkrafts 12 de mayo de 2022

This is a must-install plugin. Didn't take a hit on performance and the obnoxious barrage of spam has STOPPED! So much frustration out of my life since install.

Leer todas las 136 reseñas

Colaboradores y desarrolladores

Este software es de código abierto. Las siguientes personas han contribuido a este plugin.

Ben Marshall

"Zero Spam for WordPress" ha sido traducido a 1 idioma local. Gracias a los traductores por sus contribuciones.

Traduce "Zero Spam for WordPress" a tu idioma.

¿Interesado en el desarrollo?

Revisa el código, echa un vistazo al repositorio SVN o suscríbete al registro de desarrollo por RSS.

Registro de cambios

v5.5.1

fix(david walsh): fix for jquery not defined error, related to the zerospamdavidwalsh method, resolves #359

v5.5.0

feat(profilepress): added support for profilepress registrations

v5.4.7

fix(david walsh): fix for missing david walsh dependency, resolves #345

v5.4.6

fix(admin): fix for php notice about missing database_query_arguments
fix(whitelist): fix for whitelisted ips not getting triggered on comments, resolves #350

v5.4.5

fix(security): fixed sql injection vulnerability in the zero spam admin log table query

v5.4.4

refactor(project honeypot): resolves #344, added additional check & debug info for ip type support
fix(wpforms): resolves #343, fix for jquery dependency
fix(registration): resolves #342, fix for failed registration output
fix(php8): resolves #341, fix for php8+ compatibility issue

v5.4.3

fix(emojis): fix for fatal error when emojis are disabled

v5.4.2

feat(ipbase): added support for ipbase.com
feat(security): added additional advanced security protections

v5.4.1

feat(dashboard): dashboard ui enhancements
perf(sharing): performance improvements when sharing data
fix(memberpress): removed memberpress support, they made fundamental changes to their plugin that’s ganna require a rework
fix(uninstall): fix issue where the plugin couldn’t be deleted
fix(cli): resolves #33
chore(charts): updated chart.js to 3.9.1

v5.4.0

chore(admin): updated the after-activation message
chore(spam): updated splorp’s wordpress comment blacklist
feat(givewp): enhanced security using the david walsh method on legacy forms
feat(admin): major ui enhancements
feat(gravityforms): adds support for gravity forms
feat(reports): improved error logs
feat(wpdiscuz): resolves #327, added support for wpdiscuz
feat(wpforms): now supports checking blocked email addresses
feat(email): enhanced email security checks
fix(double requests): issue with double checks being performed per page visit
fix(blocks): fix for blocked ips not getting properly blocked
fix(locations): fix for blocked locations not getting added/updated
fix(comments): fix for valid comment submissions being flagged
fix(admin): missing country flag in ip details modal
fix(woocommerce): fix for login woocommerce registrations fixed
fix(david walsh): fix for flagged submissions when using the david walsh technique
perf(misc): misc performance improvements related to 3rd-party api queries

v5.3.9

fix(admin): fix issue with admin notice not dismissing properly, resolves #319

v5.3.8

chore(zero spam api): updated the zero spam api to v2

v5.3.7

chore(readme): documentation updates

v5.3.6

fix(admin): fix for admin notice not getting dismissed when clicked, resolves #318

v5.3.5

chore(readme): added 3rd-party service integration documentation to the readme
chore(admin): revised the admin message that’s displayed with zero spam enhanced protection is enabled, but a valid api key is not provided

v5.3.4

fix(notice): removed dismiss button on intial install to ensure plugin settings are configured before use

v5.3.3

feat(zero spam settings): displays dismissible notices for enhanced protection and invalid license keys
feat(dates): updated the admin tables to display dates based on the site settings, resolves #305
fix(ukraine): removed the ukraine banner

v5.3.2

feat(zero spam api): now reports spam and malicious email addresses

v5.3.1

fix(zero spam api): update to limit number of requests when sharing data

v5.3.0

fix(woocommerce): fix for spam getting triggered during woo checkout with create account checked, resolves #313
refactor(zero spam api): performance improvements when sharing detections

v5.2.15

feat(ukraine): we’ll no longer provide protection for .ru, .su, and .by domains & will display a banner of support for the ukrainian people on those sites – united with ukraine

v5.2.14

fix(woocommerce): fixes issues with woocommerce login not working, resolves #310

v5.2.13

feat(woocommerce): added support for woocommerce registrations, resolves #306
fix(admin): fix for displaying & adding blocked ip addresses, resolves #308

v5.2.12

refactor(wordpress coding standards): misc updates to conform to wordpress coding standards

= v5.2.11

fix(security): fixes the missing orderby parameter sanitization in the admin dashboard
fix(admin settings): fixed whitespace issue in textarea setting fields, resolves #303
fix(admin log): updated date column to use the local setting date & time format, resolves #305

v5.2.10

fix(security): fixes the missing parameter sanitization in the admin dashboard, resolves #301

v5.2.9

feat(zero spam): you can now define your zero spam license key in wp-config.php using the constant ZEROSPAM_LICENSE_KEY, resolves #298
fix(admin): fix for setting action buttons not doing anything, resolves #295
fix(admin): fixes php notice for in_array in class-utilities, resolves #299

v5.2.8

feat(memberpress): resolves #286, added support for the memberpress login page
fix(memberpress): updated memberpress sign-up hook priority to ensure it runs
refactor(admin): now using nonces to process zero spam admin actions

v5.2.7

perf(settings): performance improvement to settings being loaded
style(admin): added check for zero spam license key when enabled
style(admin): misc. admin interface improvements

v5.2.6

fix(undefined method): fix for undefined types method

v5.2.5

feat(givewp): now checks submitted emails against the blocked email domains list
perf(everything): refactoring of code for a boost in performance
docs(readme): misc. readme file updates
fix(admin): fix for error log not clearing

v5.2.4

feat(memberpress): resolves #283, now supports memberpress registration forms
feat(mailchimp4wp): resolves #121, now supports mailchimp4wp forms
refactor(misc): misc. updates to comply with wordpress coding standards.
style(admin): misc. admin interface improvements

v5.2.3

feat(givewp): now support givewp donation forms
style(notices): minor update to default detection notice

v5.2.2

fix(db): resolves #281, fixes db update error for multisite installations
fix(db): fix for unsanitized db log entries
style(admin): new cf7 icon added for blocked log

v5.2.1

fix(woocommerce): resolves #280, fixes login integration breaking woocommerce login form

v5.2.0

feat(login): now protects user login attempts
feat(project honeypot): resolves #201, project honeypot ip checks now integrated
perf(sharing): blocked ips are no longer shared with zerospam.org
perf(database): doesn’t log .ico requests anymore that normally resulted in 2 entries per detection
style(admin): misc admin interface improvements
refactor(misc): cleaning up code & wordpress coding standards updates
refactor(zero spam api): updated version on the zero spam api endpoint

v5.1.7

fix(php notice): fix for some hosts firing a php notice when unable to retrieve the list of recommended blocked email domains

v5.1.6

feat(fluent forms): resolves #276, fluent forms is now supported
fix(php notice): resolves #277, fix for array_intersect(): Argument #2 must be of type array, bool

v5.1.5

feat(dashboard widget): resolves #275, added the ability to control the dashboard widget visibility
feat(settings): button to quickly override and update settings to zero spam’s recommended
feat(email domains): resolves #246, ability to block disposable and malicious email domains
perf(sharing): sharing detections optimized
perf(disallowed list): removed the unused cron to sync disallowed words
chore(disallowed list): updated to the lastest splorp’s disallowed list
docs(htaccess): added a notice & recommended max number of blocked ips when using .htaccess
fix(ipinfo): fix for uncaught ipinfo exception

v5.1.4

fix(htaccess): resolves #274, fix for newer apache versions and option to select the method ips are blocked

v5.1.3

perf(blocked ips): moved blocked ips to .htacess for improved performance
refactor(woocommerce): woocommerce registration forms support dropped in place of 3rd-party IP checks
docs(admin): misc updates to admin interface

v5.1.2

perf(geolocation): improved performance for geolocation and data sharing
docs(readme): updated readme file
refactor(misc): added some functionality to make debugging easier
fix(ipinfo): resolves #273, loads the ipinfo library only if enabled

v5.1.1

feat(geolocation): resolves #270, added support for ipinfo geolocation
feat(cli): resolves #271, added WP CLI support
feat(admin): resolves #237, new admin dashboard widget
refactor(admin): wordpress coding standards fixes
refactor(settings): minor update to settings section title
docs(readme): updated readme file

v5.1.0

feat(ipstack): ipstack errors are logged to the zerospam.log file in the uploads directory
feat(cloudflare): resolves #267, checks http_cf_ipcountry against blocked countries
feat(admin): resolves #264, adds ability to export & import settings
perf(davidwalsh): resolves #266, only loads the david walsh script on pages that are needed
fix(caching): resolves #258, added no-cache header to the blocked page output
refactor(stopforumspam): increased the default confidence score for stop forum spam to help prevent false positives
docs(faq): added common question about how to boost performance of the plugin

v5.0.13

fix(updates): resolves #262, sanitized & escaped variables
fix(standards): resolved #261, sanitized & escaped variables
fix(cron jobs): resolves #260, removed the remote call to splorp’s blacklist on Github

v5.0.12

Fixed issue with WPForms AJAX forms not getting validated by Zero Spam for WordPress #238
David Walsh detection technique applied to WPForms & CF7
Miscellaneous admin UI improvements
Added ability to disable syncing WP’s Disallowed Comment Keys

v5.0.11

Improved protection for comments, CF7, Formidbale, registrations, WooCommerce and WPForms submissions.
David Walsh detection technique applied to core WP registration forms.

v5.0.10

PHP notice fix

v5.0.9

Performance enhancements
Various admin UI improvements
Strengthened comment & registration spam detections

v5.0.8

Fix for admin first-time config notice

v5.0.7

Added first-time configuration notice & auto-configure recommended settings functionality
Added the ability to regenerate the honeypot ID
Various admin UI improvements
WP Disallowed Comment Keys are automatically updated weekly using https://github.com/splorp/wordpress-comment-blacklist
Strengthened comment spam detections using WP core disallowed list
David Walsh’s spam technique is back! https://github.com/bmarshall511/wordpress-zero-spam/issues/247

v5.0.6

Various admin UI improvements
Strengthened comment spam detections

v5.0.5

Fix autoloader compatibility with Windows paths (https://github.com/bmarshall511/wordpress-zero-spam/pull/236)
Various admin UI improvements

v5.0.4

Fix for when checks should be preformed

v5.0.3

Added support for Formidable Form Builder
Fixed PHP error related to a blacklist call

v5.0.2

Admin UI enhancements
Added support for WooCommerce
Added Cloudflare IP address support (https://github.com/bmarshall511/wordpress-zero-spam/issues/220)
Update to data sharing option
Added ability to block individual locations (country, region, zip & city)
Added support for WPForms

v5.0.1

Updated readme file & documentation
Can now be installed via composer
Updated the required PHP version

v5.0.0

Initial v5.0.0 release
Huge performance enhancements
More control over settings to fine-tune functionality
Lots of bug fixes & improvements