Antispam plugin with a sophisticated tool set for effective day to day comment and trackback spam-fighting. Build with data protection and privacy in …
Say Goodbye to comment spam on your WordPress blog or website. Antispam Bee blocks spam comments and trackbacks effectively, without captchas and without sending personal information to third party services. It is free of charge, ad-free and 100% GDPR compliant.
After you have activated Antispam Bee the plugin will block spam comments out of the box. However, you may want to visit Settings
Antispam Bee to configure your custom set of anti-spam options that works best for your site.Antispam Bee works best with default WordPress comments. It does not help to protect form plugins and does not prevent spam registrations. Hopefully we can provide better hooks for third party plugins to use Antispam Bee to fill this gap in the forthcoming new major version.
Antispam Bee works best with default WordPress comments. It is not compatible with Jetpack, wpDiscuz or Disqus Comments as those plugins load a new comment form within an iframe. Thus Antispam Bee can not access the comment form directly.
Whether Antispam Bee works with a comment form submitted via AJAX depends on how the AJAX request is made. If the request goes to the file that usually also receives the comments, Antispam Bee could work with it out of the box (the WP Ajaxify Comments plugin does this, for example).
If the comments are sent to the admin-ajax.php
, the antispam_bee_disallow_ajax_calls
filter must be used to run ASB for requests to that file as well. If the script does not send all form data to the file, but only some selected ones, further customization is probably necessary, as exemplified in this post by Torsten Landsiedel (in German).
Antispam Bee is developed in Europe. You might have heard we can be a bit nitpicky over here when it comes to privacy. The plugin does not save private user data and is 100% compliant with GDPR.
No, the plugin works as is. You may want to configure your favorite settings, though.
Generally yes. However, commissioning the Antispam Bee plugin for canceled or shortened IP addresses in comment metadata is not recommended. Because the name and the e-mail address of the comments are not unique, an IP address is the only reliable measure. The more complete the stored IP addresses, the more reliable the assignment or detection of spam.
If the antispam plugin has passed some spam comments, these comments can be reported for analysis. A Google table was created for this purpose.
If WordPress is operated with Apache + Varnish, the actual IP address of the visitors does not appear in WordPress. Accordingly the Antispam-Plugin lacks the base for the correct functionality. An adaptation in the Varnish configuration file /etc/varnish/default.vcl provides a remedy and forwards the original (not from Apache) IP address in the HTTP header X-Forwarded-For:
if (req.restarts == 0) {
set req.http.X-Forwarded-For = client.ip;
}
No, Antispam Bee is free forever, for both private and commercial projects. You can use it on as many sites as you want. There is no limitation to the number of sites you use the plugin on.
A complete documentation is available on pluginkollektiv.org.
IMPORTANT: If you use the country check and are behind a proxy or similar, you need to use the antispam_bee_trusted_ip
filter to get the correct IP from a header like HTTP_X_FORWARDED
(don’t return an empty value here, otherwise all comments are marked as spam).
* Fix: Usage of core filter pre_comment_user_ip
breaks ASB if the IP address is removed for GDPR compliance
IMPORTANT: If you use the country check and are behind a proxy or similar, you need to use the pre_comment_user_ip
filter to get the correct IP from a header like HTTP_X_FORWARDED
.
* Fix: Read client IP for country check from REMOTE_ADDR
only (filterable via pre_comment_user_ip
)
* Fix: No spam reason in spam notification email, and related PHP warning
* Fix: Remove outdated info from readme
* Enhancement: Show upgrade notice on plugin overview page
* Maintenance: Tested up to WordPress 6.3
allow_empty_comment
is set to truearia-label
to work around bug in a11y testing toolscomment_form_field_comment
from 10 to 99pre_comment_user_ip
.dashboard_glance_items
callback / thx @toschoHTTP_FORWARDED_FOR
headerFor the complete changelog, check out our GitHub repository.