CleanTalk's blog

    Sign up

    Author: Alexander

    • te*****@*****le.com and te**@*****le.com Are Sending Spam and Malicious Requests – How to Stop Them

      te*****@*****le.com and te**@*****le.com Are Sending Spam and Malicious Requests – How to Stop Them

      If you have got a lots of spam or suspicious messages from te*****@*****le.com or te**@*****le.com lately? You’re not alone — these email addresses are widely used by spammers and hackers for sending spam, phishing attempts, and even code injection attacks.

      At CleanTalk Anti-Spam, we’ve seen tons of spam originating from these addresses, every day we block approximately 110,000 requests to our clients’ websites from te*****@*****le.com. So they’ve been on our blacklist for quite some time already:

      At CleanTalk, we’ve been filtering out spam for a long time, and these two addresses have been stuck on our blacklist for a while now:

      *****@*****le.com“>te*****@*****le.com on CleanTalk blacklist

      **@*****le.com“>te**@*****le.com on CleanTalk blacklist

      People online are already talking about issues with these emails in several forums and communities:

      WpForo Community discussion

      Reddit cybersecurity thread

      ConcreteCMS forum report

      Shopware forum on injection attempts

      Modified-shop.org forum topic

      How to Protect Your Website From Spam and Malicious Requests
      The easiest way to protect your site from spam attacks is using CleanTalk Anti-Spam. It automatically filters submissions in the background and blocks spammy emails and malicious bots from getting through to your website.

      If you want even stronger protection, just block the whole *@example.com domain. Here’s how you do it in CleanTalk:
      Use our instructions to install the anti-spam plugin on your site and connect it to the cloud, it takes no more than 5 minutes.
      We have developed plugins for all popular CMS, if your site is not made using CMS, you can use our API or libraries.

      Look at instruction How to use CleanTalk Personal BlackLists https://cleantalk.org/help/blacklist-usage.

      Once this is done, you will no longer receive spam from example.com or any other.

      Stay safe!

    • Announcement: Holiday Form Decoration Feature Removal Due to Low Demand

      Announcement: Holiday Form Decoration Feature Removal Due to Low Demand

      Dear Users,

      Earlier, we introduced the Holiday Form Decoration feature in the Anti-Spam plugin, allowing website owners to add festive designs to their WordPress comment forms. We have noticed that it did not receive the level of interest we initially anticipated.

      After evaluating user feedback and adoption rates, we have decided to remove this feature from the Anti-Spam plugin in the upcoming release 6.51. This decision allows us to focus on developing and improving features that provide greater value to our users.

      If you have any thoughts on this or would like to suggest new enhancements, feel free to share your feedback. We always strive to improve our plugin based on what truly matters to our users.

      Thank you for being part of our community and for your continued support!

      — The CleanTalk Team

    • Stop Fake Emails: CleanTalk’s New Non-Existent Email Notification

      Stop Fake Emails: CleanTalk’s New Non-Existent Email Notification

      Spammers often use fake email addresses to hide their identities and avoid consequences for their actions. This can lead to a deluge of spam comments, registrations, and other unwanted activity on your website. To combat this, CleanTalk Anti-Spam has always had a powerful feature: Non-Existent Email Notification. But now, this feature has evolved to a new form—to be useful not only for site owners but also for site visitors! 

      Now, if the email you’ve entered into a form is somehow non-existent (for example, you made a typo in it), you’ll see it right away. No confusion, no hassles, no pain!

      How it Works:

      When a user submits a form (such as a comment or registration form) on your website, CleanTalk’s system instantly checks the validity of the provided email address. If the email address is found to be non-existent or invalid, the user will receive an immediate notification. 

      An email is existent.

      An email is non-existent.

      Benefits:

      • Real-time feedback: This provides immediate alerts as you type, highlighting potential errors or typos in your email address.
      • Simple visual cues: Clear indicators like checkmarks or warning icons can quickly show whether an email address is valid or invalid.

      Experience the Difference

      By implementing CleanTalk’s Non-Existent Email Notification feature, you can significantly enhance the usability of your website while minimizing the impact of spam, and a new aspect of this feature provides even more comfort for your visitors!

    • Protecting Your WordPress Website: A Backup Guide

      Protecting Your WordPress Website: A Backup Guide

      A robust backup strategy for any WordPress website is compulsory to store important content and keep the business running in case anything goes wrong. This guide reviews the best practices for WordPress backup and reviews some of the top-rated WordPress backup plugins to simplify the process.

      Automated WordPress Backup: The Power of Plugins

      Consider the WordPress backup plugin for a better, more efficient, and more reliable solution. These plugins will automate backing up for you, even on a schedule, and quite often provide extra features, such as:

      • Restore your entire site to a previous point in time with just one click.
      • Store backups safely off-site to safeguard against server failures.
      • Receive notifications for successful or failed backups.
      • The only backup changes since the last backup have been saving storage space.

      Example of WordPress Backup Plugin: WPvivid

      WPvivid is a highly rated plugin that offers a wide range of WordPress backup and restoration options. It’s user-friendly and offers peace of mind knowing your site is safe.

      How to Use WPvivid

      Installation

      1. Login to your WordPress dashboard.
      2. Go to Plugins > Add New.
      3. Search for “WPvivid Backup”
      4. Install the plugin.
      5. Activate the plugin.

      First Backup:

      1. Go to WPvivid > Backup & Restore.
      2. Click Backup Now.
      1. Go to WPvivid > Schedule.
      2. Set up a regular schedule of automated backup.
      3. Click Save Changes.

      Restore Your Site:

      1. Go to WPvivid > Backup.
      2. Choose the backup you want to restore.
      3. Click Restore.

      Extra Tips:

      • Test Your Backups: Regularly restore your site from a backup to make sure it’s working correctly.
      • Keep Multiple Backups: Keep multiple backups to be safe from data loss. Secure Your Backups: If you’re storing backups off-site, use strong passwords and encryption. 
      • Monitor Your Backups: Keep an eye on your backup schedule and storage usage.
      • Regular Backups: Set up regular backups, preferably daily or weekly. 
      • Offsite Storage: Store backups off-site to protect against local disasters. 
      • Test Restores: Periodically test restoring your site from backups to ensure they are working.
      • Secure Backups: Protect backups with strong passwords and encryption.

      With these best practices in place and by using a reliable WordPress backup plugin, you can all but secure your WordPress site and minimize the possible disasters to the barest minimum.

      More WordPress Guides:

    • CleanTalk Anti-Spam as a No-jQuery WordPress Plugin for Optimal Performance

      CleanTalk Anti-Spam as a No-jQuery WordPress Plugin for Optimal Performance

      With this update, we polished CleanTalk Anti-Spam to do what it’s supposed to do the best. And here’s what was improved in the plugin in more detail.

      What Did We Do

      1. Reducing jQuery Dependency
        • Why jQuery? jQuery was often included to handle some JavaScript tasks but sometimes added extra weight to your website.
        • New Approach: We replaced jQuery with native JavaScript where possible. This will reduce the amount of code needed to load and parse, hence offering faster page load times.
      2. Simplify Handling of AJAX
        • AJAX and Anti-Spam: AJAX helps perform real-time anti-spam checks. However, incorrect AJAX requests may make your website slow.
        • Improved AJAX: We further improved our AJAX handling by reducing the number of requests and enhancing the data transfer process. This will keep the anti-spam checks lean without interfering with the user experience at all.
      3. The debug_ajax Option
        • The debug_ajax option was only given for development purposes and seldom, if ever, used in production environments. To make the plugin core even slimmer, we removed this option.
      4. comments__manage_comments_on_public_page Option
        • That is when comments need to be enabled on a public page. Comment visibility and comment moderation make the option work seamlessly without compromising security.

      Results

      With these optimizations, you will be guaranteed that your website-essentially pages with an active comment section see a significant improvement in speed and performance that will positively reflect in the visitor experience with better SEO rankings and hence a better overall user experience.

      Let’s see what PageSpeed Insights has to say:

      Before

      2024 12 06 14 01 12

      After

      1

      Update Today

      We recommend that you update to the latest release of CleanTalk Anti-Spam to take advantage of these performance enhancements.

      Automatic Update:

      1. Check for Updates:
        • Go to your WordPress admin dashboard.
        • Navigate to Plugins > Installed Plugins.
        • Locate the “Anti-Spam by CleanTalk” plugin.
        • You’ll see a “Update Now” button next to the plugin name.
      2. Update the Plugin:
        • Click the “Update Now” button.
        • WordPress will automatically download and install the latest version of the plugin.
    • Important Update: Changes to Our Frontend Malware Scanner

      Important Update: Changes to Our Frontend Malware Scanner

      We are always looking for ways to improve your experience with website security. As such, we will sunset the Frontend Malware Scanner within our plugin on December 1st, 2024.

      Why the change?

      • After evaluating the data we can certainly say that very few of you use the front-end malware scanner. While it is a nice feature, it has just not been that popular.
      • Also, this scanner is not as effective as we expect it to be.
      • So, we’re putting our energy into the stuff that counts. We will spend most of our time on the parts of the security tools that you use and love. This way, we can keep your website safe and sound without all that extra hassle.

      Where will this take us?

      We’re focusing our resources on making our Malware Web Scanner even more powerful! This robust tool scans and blocks threats in real time, ensuring your site stays protected from the latest online dangers. If you’ve been using our Frontend Malware Scanner, consider switching to the enhanced Malware Web Scanner to experience its full potential in safeguarding your site. To identify potential vulnerabilities and security risks, it will analyze websites for:

      • Malware external links
      • Public blacklists
      • Exposed repositories
      • Internal links
      • SSL certificates
      • CMS identification
      • Server information

      What does this mean for you?

      • Don’t sweat! All the other security features within the plugin will continue to work just fine.
      • Even more protection: We keep going further with the online scanner to make it even stronger in protecting your website.

      Questions?

      Our amazing support team is here for you. Just email them, and they will answer if anything crosses your mind. Thanks for your understanding! We look forward to serving you more with the best website security.

    • How to use Google Fonts WordPress plugin: A Simple Guide

      How to use Google Fonts WordPress plugin: A Simple Guide

      Want to give your WordPress website a professional and stylish look? Google Fonts is the perfect tool to elevate your site’s typography. By adding a wide range of free, high-quality fonts to your website, you can enhance its visual appeal and readability.

      How to Install the Google Fonts Plugin

      1. Navigate to “Plugins” and click “Add New”.
      1. Search for “Google Fonts”.
      2. Install and activate the plugin.

      How to Use the Google Fonts Plugin

      1. Go to “Fonts Plugin”
      1. Start the customization. For this, choose a certain menu.
      1. Select your desired fonts. You can search for specific fonts or browse through categories.
      1. Choose font weights and styles. Customize the appearance of your fonts.
      2. Assign fonts to different elements. Apply fonts to headings, body text, menus, buttons, and more.
      1. Save your changes.

      Best Practices for Using Google Fonts

      • Choose readable fonts. Prioritize font clarity and legibility.
      • Limit font choices. Keep your design clean and focused.
      • Consider font pairings. Combine fonts that complement each other.
      • Test on different devices. Ensure your fonts look good across various screen sizes.
      • Optimize performance. Minimize the number of font files to improve website speed.

      By following these steps and best practices, you can easily add Google Fonts to your WordPress website and significantly improve its overall design and user experience.

      Feel free to check our other beginner’s guides to make your WordPress start smooth:

      A Beginners’ Guide: Crafting Captivating Pages on Your WordPress Website

      A Beginner’s Guide: How to Install WordPress from Scratch

    • Improved Accuracy in Your Personal Area Widget

      Improved Accuracy in Your Personal Area Widget

      We’ve been busy bees making your personal area widget even more helpful. Now you’ll have a clearer picture of how we’re protecting your site from spam. And a special shout-out to those of you who shared your thoughts – your feedback is what helps us make these improvements!

      1. Clearer Spam Count: The “blocked spam” count now specifically reflects the number of spam requests blocked over the past year. This provides a more relevant overview of your spam protection activity.
      2. Comprehensive Data: The graph now includes data from both Anti-Spam and SpamFireWall, giving you a complete picture of all blocked requests. This helps you better understand the overall effectiveness of your security measures.
      1. Precise Terminology: We’ve updated the widget’s wording to be more accurate and avoid confusion.
        1. The widget title has also been updated to “7 days Anti-Spam and SpamFireWall stats”
        2. “Spam attacks” has been changed to “Requests were blocked by Anti-Spam and SpamFireWall” 
        3. “Spam blocked” in the legend is now “Requests blocked”

      We’re excited about these changes because it means you can relax knowing you’ve got a clear picture of your spam protection and any potential trouble brewing. And this is all thanks to your awesome feedback! We love working together to make things better.

      We’re on a mission to make your experience top-notch, and you’re a big part of that! Your feedback helps us steer the ship in the right direction. So if you ever have a suggestion or spot something that could be better, don’t hesitate to let our support team know. We’re a team, and we love working together to make things awesome!

    • Comprehensive Guide to WordPress Homepage Editing

      Comprehensive Guide to WordPress Homepage Editing

      Are you looking to customize your WordPress homepage? This comprehensive guide will walk you through everything you need about WordPress main page editing, from understanding the default layout to using page builders. Whether you’re a beginner looking for a step-by-step WordPress homepage editing tutorial or an experienced user wanting advanced customization tips, we’ve got you covered.

      Understanding the Default WordPress Homepage

      The default WordPress homepage typically displays your latest blog posts, styled according to your chosen theme. While this setup is simple, there may be better options for your website’s specific needs. Before you start making changes, it’s important to understand the basic structure of a WordPress homepage.

      Critical Components of a Default Homepage

      • Header: This top section usually contains your site title, logo, and navigation menu. You can learn how to edit the WordPress homepage header using the methods described below.
      • Content Area: The central part of the page where your blog posts, excerpts, or other content elements are displayed. You’ll find ways to change WordPress homepage content and layout in this guide.
      • Sidebar: An optional area on either side of the content area, commonly used for widgets. Learn how to customize your sidebar and add widgets to your WordPress homepage.
      • Footer: The bottom section typically includes copyright information, contact details, and additional links.

      Methods for Editing Your WordPress Homepage

      There are several ways to edit your WordPress front page:

      • Theme Customizer: Most modern WordPress themes offer a visual customizer that allows you to make changes without writing any code. Access it by navigating to Appearance -> Customize in your WordPress dashboard. 

      Look for homepage-related options, such as:

      • Header image or logo
      • Color scheme
      • Site identity (such as logo, name, etc.)
      • Menus
      • Background image
      • Widgets
      • Other settings, like advanced CSS.
      • Theme Editor: For more advanced customizations, you can directly edit your theme’s code. However, proceed with caution, as errors can break your site. This method is generally not recommended for beginners. If you’re comfortable with code, go to Appearance -> Theme Editor. You’ll often find the homepage template files named index.php or front-page.php.
      • Page Builder Plugins: If you prefer a visual, drag-and-drop interface, consider using a page builder plugin like Elementor, Divi, or Beaver Builder. These plugins offer pre-built templates and design options, making it easy to create a custom WordPress homepage without any coding knowledge. They are a great option for beginners looking for an easy way to design their WordPress homepage.

      Tailoring Your Homepage to Your Needs

      • Define Your Homepage’s Purpose: What do you want your homepage to achieve? Is it a product showcase, a blog, or a landing page for lead generation? Clearly outlining your goals will help you design a more effective homepage.
      • Create a Strong Visual Hierarchy: Guide visitors’ attention to key elements using size, color, and placement.
      • Optimize for Mobile Devices: Ensure your homepage is responsive and looks good on all devices.
      • Improve Loading Speed: Optimize images, reduce HTTP requests, and leverage browser caching to optimize your WordPress homepage for SEO.
      • Test Thoroughly: Preview your homepage on different devices and browsers to catch any issues.

      Example Homepage Structures

      • Business Website: Highlight key services, products, and a clear call to action (CTA).
      • Blog: Feature recent posts, popular categories, and author bios.
      • Portfolio Website: Showcase your best work with high-quality images and project descriptions.
      • E-commerce Store: Display best-selling products, featured categories, and customer testimonials.

      Remember, your homepage is the first impression visitors have of your website. Invest time in crafting a design that reflects your brand and engages your audience. By following the tips in this WordPress homepage design for beginners guide, you can create a homepage that is both beautiful and effective.

      Feel free to check our other beginner’s guides to make your WordPress start smooth:

      A Beginners’ Guide: Crafting Captivating Pages on Your WordPress Website

      A Beginner’s Guide: How to Install WordPress from Scratch

    • Bots and Your Website: How Much of Your Traffic is Fake?

      Bots and Your Website: How Much of Your Traffic is Fake?

      Not all your website traffic is genuine. Hidden within your analytics are bots – automated programs that can mimic human behavior. Think of them like little robots that visit your website and pretend to be people. While some bots are harmless (like the ones that help Google find your site), others can cause trouble. They can clog up your contact forms with spam, create fake accounts, and even place phony orders. Those fake traffic bots are like a bunch of party crashers at your online store who aren’t there to buy anything, just to cause a mess!

      Just how big is this problem?

      Well, studies show that up to 30% of all web traffic might actually be bots! That means almost one in three “visitors” to your site might not be a real person. And when it comes to contact forms, things get even worse. Experts say that up to 40% of all form submissions could be spam generated by bots. That’s a lot of wasted time and effort dealing with junk! Even registrations and orders can be affected, with estimates suggesting that 10% of new accounts and 5% of online orders could be fake.

      fake traffic bots stats

      Why should you care?

      These sneaky bots can cause a lot of headaches for businesses. They can:

      • Waste your time: Dealing with spam messages and fake accounts takes time and effort away from real customers.
      • Mess up your data: Bots can make your website statistics unreliable, making it harder to understand how real people are using your site.
      • Hurt your reputation: If your contact form is full of spam, it makes your business look unprofessional.
      • Cost you money: Fake orders can lead to financial losses and logistical nightmares.

      So, what can you do about it?

      Imagine having a super-smart bouncer for your website, someone who can spot fake traffic bots before they even get through the door. That’s what CleanTalk Anti-Spam and Security plugins do! They’re like a 24/7 security team dedicated to keeping your website safe and clean.

      Here’s how CleanTalk helps protect your forms and keeps spam away:

      • CleanTalk is a pro at protecting all kinds of forms on your website, from contact forms to registration forms and even order forms. It checks every submission to make sure it’s from a real person, not a spam bot trying to cause trouble.
      • CleanTalk can even help you get rid of spam that’s already on your website. It can scan your comments and other content to find and remove those spam links that bots leave behind.

      CleanTalk is like having a dedicated team of experts protecting your website, making sure your forms are safe, your content is clean, and those pesky bots are kept far, far away