CleanTalk's blog

    Sign up

    Author: Alexander

    • Spam Bot xr*******@*****ok.com

      If you have noticed a recent surge in spam from xr*******@*****ok.com, you are dealing with one of the oldest spam threats. Active since May 4, 2018, this spambot continues to attack thousands of websites around the world, flooding forms such as comment sections, registration pages, and contact forms.

      Spam messages from this bot typically contain aggressive advertising content, including offers of suspicious services, questionable products, and outright scams. The bot uses various languages ​​and advertising phrases to attract attention and tries to mislead website visitors.

      The main goal of these spam attacks is to push website visitors to external malicious or fraudulent links, compromise user security, or collect personal data for further spam campaigns.

      xr*******@*****ok.com Spambot – Why it is dangerous

      This spambot uses a vast network of IP addresses around the world, making IP-based blocking ineffective. It uses automation scripts designed to fill out various website forms, bypass major spam filters, and overload your site with unwanted content.

      Current Stats:

      First discovered: May 4, 2018

      Last active: June 25, 2025

      Total websites attacked: 12,789

      Daily spam requests blocked by CleanTalk: ~1,100

      Possible consequences of spam content on your site

      Allowing spam content to appear on your site or responding to spam emails can cause you to face serious problems, including:

      Reputation damage: Visitors who see spam or suspicious content may lose trust in your website and brand.

      Security risks: Spam links often lead to malware, phishing sites, or scams, putting your visitors at risk.

      SEO penalties: Search engines may penalize your site for hosting spam content, significantly reducing your site’s visibility.

      Data Security Threats: Replying to spam emails can expose your email address to further targeted attacks or phishing attempts.

      An effective way to stop spam xr*******@*****ok.com

      CleanTalk Anti-Spam Integration

      CleanTalk works in the background, automatically filtering spam content, fake registrations, and offensive submission forms without annoying CAPTCHAs or complicated settings.

      CleanTalk supports:

      WordPress, Joomla, Drupal, OpenCart, Magento and other popular CMS platforms

      Custom website creation with CleanTalk’s robust API integration

      👉 View CleanTalk installation guide

      Beware of spam with CleanTalk

      CleanTalk provides comprehensive spam protection with:

      ✅ Real-time spam filtering

      ✅ Protection against automated bot submissions

      ✅ No CAPTCHAs or annoying puzzles

      ✅ Real-time email address verification whether the email address exists or not

      Protect your website effortlessly. Install CleanTalk in less than 5 minutes and protect your site from threats like xr*******@*****ok.com.

      👉 Get Started Now

      Stop worrying about spam – let CleanTalk protect your site.

    • ya**********@***il.com is Sending Spam and Malicious Requests – How to Stop it

      ya**********@***il.com is Sending Spam and Malicious Requests – How to Stop it

      If your site is suddenly inundated with spam from the address ya**********@***il.com, you are not alone. This email is part of a large-scale spam botnet targeting thousands of sites worldwide. The spam it sends is disguised as legitimate customer messages, in different languages, messages like “I would like to know your price”:

      Xin chào, tôi muốn biết giá của bạn.
      Sveiki, aš norėjau sužinoti jūsų kainą.
      Sveiki, es gribēju zināt savu cenu.
      Hola, quería saber tu precio..
      Ciao, volevo sapere il tuo prezzo.
      Hola, volia saber el seu preu.

      Perhaps they are expecting a response from you by email and to receive your email for some further actions with it.

      At CleanTalk, we have detected and blocked this bot since October 10, 2024, and since then it has become one of the most active spammers. Every day, we block about 16,000 spam requests associated with this address on our clients’ websites.

      This email address have been stuck on your blacklist for a while now:

      ya**********@***il.com on **********@***il.com“>CleanTalk blocklist

      yawiviseya gmail com Email spam report 06 26 2025 06 28 PM
      yawiviseya gmail com Email spam report 06 26 2025 06 28 PM

      What is the ya**********@***il.com spambot?


      This spambot is part of an automated system (botnet) that sends spam using rotating IP addresses and scripts. It imitates real users to bypass basic site protections and fills forms with spam content.

      Its purpose: to promote suspicious links, overload your site’s forms, and potentially inject malicious data — all using a disposable email address like ya**********@***il.com.

      Current stats:

      • Detected: October 10, 2024
      • Last seen: June 23, 2025
      • Websites attacked: 8,572
      • Spam requests blocked daily: ~16,000

      How to stop spam from ya**********@***il.com


      The fastest way: use CleanTalk Anti-Spam.
      CleanTalk works silently in the background to filter out spam comments, contact form abuse, fake registrations, and more. It blocks spam email addresses like ya**********@***il.com before they even reach your site.

      CleanTalk is available for:

      WordPress, Joomla, Drupal, OpenCart, Magento, etc.

      Custom websites via API integration.

      👉 CleanTalk Installation Guide

      ya**********@***il.com is part of a widespread spam campaign. Using CleanTalk Anti-Spam and the Personal Blacklist feature, you can block him and similar bots before they harm your site.

      🧩 Want full protection?

      ✅ Blocks fake registrations and spam submissions
      ✅ Filters bots and fake emails in real time
      ✅ No CAPTCHAs or puzzles – clean and fast

      Stay ahead of spam – let CleanTalk handle the bots so you can focus on your content. Protect your site in under 5 minutes.
      👉 Start now

    • No more missing GitHub Issues: How to automate task creation when GitHub Issues appear in your GitHub repositories

      No more missing GitHub Issues: How to automate task creation when GitHub Issues appear in your GitHub repositories

      How does it work?

      As soon as someone creates an issue in your GitHub repository, the integration automatically creates a task in the specified project and board in doBoard.

      The task is created on behalf of the user specified in the settings, so the whole team immediately understands who is responsible for processing it.

      Optionally, you can set up notifications in the Telegram chat so that the team immediately learns about all changes in issues.

      A real example from our team

      Previously, we received all notifications about new issues by email, and this was not the most effective solution. Dozens of different emails come every day, and some important tasks could get lost. Sometimes it took several weeks to respond, and this raised legitimate questions from users and slowed down our work.

      Deprecated Optional parameter data declared before required parameter url · Issue 65 · CleanTalk phpbb3 1 3 2 antispam 04 28 2025 04 29 PM
      Deprecated Optional parameter data declared before required parameter url · Issue 65 · CleanTalk phpbb3 1 3 2 antispam 04 28 2025 04 29 PM

      In search of a solution, we considered several options and the most effective solution would be to create tasks in our doBoard project management system. We have developed an integration between GitHub and doBoard using API. Now every new issue immediately becomes a task in doBoard, where it is easy to see, discuss and assign a responsible person. As a result, our team’s response time has been reduced to 1-2 days, which is usually needed to evaluate proposals or discuss details.

      GitHub issue Deprecated Optional parameter data declared before required parameter url created automatically 04 28 2025 04 36 PM
      GitHub issue Deprecated Optional parameter data declared before required parameter url created automatically 04 28 2025 04 36 PM

      Why do we recommend this integration?

      1. No more missed issues: everything appears automatically in doBoard.
      2. It is immediately clear who is doing what: no mess.
      3. No more wasting time sorting mail: tasks appear on their own.

      You can now also automate your work with GitHub Issues using our integration, you won’t need much time to connect your repositories, the package itself and instructions can be found here https://github.com/CleanTalk/github-to-doboard?tab=readme-ov-file.

    • te*****@*****le.com and te**@*****le.com Are Sending Spam and Malicious Requests – How to Stop Them

      te*****@*****le.com and te**@*****le.com Are Sending Spam and Malicious Requests – How to Stop Them

      If you have got a lots of spam or suspicious messages from te*****@*****le.com or te**@*****le.com lately? You’re not alone — these email addresses are widely used by spammers and hackers for sending spam, phishing attempts, and even code injection attacks.

      At CleanTalk Anti-Spam, we’ve seen tons of spam originating from these addresses, every day we block approximately 110,000 requests to our clients’ websites from testing @example.com. So they’ve been on our blacklist for quite some time already:

      At CleanTalk, we’ve been filtering out spam for a long time, and these two addresses have been stuck on our blacklist for a while now:

      te*****@*****le.com on *****@*****le.com” target=”_blank” rel=”noreferrer noopener”>CleanTalk blocklist

      te**@*****le.com on **@*****le.com” target=”_blank” rel=”noreferrer noopener”>CleanTalk blocklist

      People online are already talking about issues with these emails in several forums and communities:

      WpForo Community discussion

      Reddit cybersecurity thread

      ConcreteCMS forum report

      Shopware forum on injection attempts

      Modified-shop.org forum topic

      How to Protect Your Website From Spam and Malicious Requests
      The easiest way to protect your site from spam attacks is using CleanTalk Anti-Spam. It automatically filters submissions in the background and blocks spammy emails and malicious bots from getting through to your website.

      If you want even stronger protection, just block the whole *@example.com domain. Here’s how you do it in CleanTalk:
      Use our instructions to install the anti-spam plugin on your site and connect it to the cloud, it takes no more than 5 minutes.
      We have developed plugins for all popular CMS, if your site is not made using CMS, you can use our API or libraries.

      Look at instruction How to use CleanTalk Personal BlackLists https://cleantalk.org/help/blacklist-usage.

      Once this is done, you will no longer receive spam from example.com or any other.

      Stay safe!

    • Announcement: Holiday Form Decoration Feature Removal Due to Low Demand

      Announcement: Holiday Form Decoration Feature Removal Due to Low Demand

      Dear Users,

      Earlier, we introduced the Holiday Form Decoration feature in the Anti-Spam plugin, allowing website owners to add festive designs to their WordPress comment forms. We have noticed that it did not receive the level of interest we initially anticipated.

      After evaluating user feedback and adoption rates, we have decided to remove this feature from the Anti-Spam plugin in the upcoming release 6.51. This decision allows us to focus on developing and improving features that provide greater value to our users.

      If you have any thoughts on this or would like to suggest new enhancements, feel free to share your feedback. We always strive to improve our plugin based on what truly matters to our users.

      Thank you for being part of our community and for your continued support!

      — The CleanTalk Team

    • Stop Fake Emails: CleanTalk’s New Non-Existent Email Notification

      Stop Fake Emails: CleanTalk’s New Non-Existent Email Notification

      Spammers often use fake email addresses to hide their identities and avoid consequences for their actions. This can lead to a deluge of spam comments, registrations, and other unwanted activity on your website. To combat this, CleanTalk Anti-Spam has always had a powerful feature: Non-Existent Email Notification. But now, this feature has evolved to a new form—to be useful not only for site owners but also for site visitors! 

      Now, if the email you’ve entered into a form is somehow non-existent (for example, you made a typo in it), you’ll see it right away. No confusion, no hassles, no pain!

      How it Works:

      When a user submits a form (such as a comment or registration form) on your website, CleanTalk’s system instantly checks the validity of the provided email address. If the email address is found to be non-existent or invalid, the user will receive an immediate notification. 

      An email is existent.

      An email is non-existent.

      Benefits:

      • Real-time feedback: This provides immediate alerts as you type, highlighting potential errors or typos in your email address.
      • Simple visual cues: Clear indicators like checkmarks or warning icons can quickly show whether an email address is valid or invalid.

      Experience the Difference

      By implementing CleanTalk’s Non-Existent Email Notification feature, you can significantly enhance the usability of your website while minimizing the impact of spam, and a new aspect of this feature provides even more comfort for your visitors!

    • Protecting Your WordPress Website: A Backup Guide

      Protecting Your WordPress Website: A Backup Guide

      A robust backup strategy for any WordPress website is compulsory to store important content and keep the business running in case anything goes wrong. This guide reviews the best practices for WordPress backup and reviews some of the top-rated WordPress backup plugins to simplify the process.

      Automated WordPress Backup: The Power of Plugins

      Consider the WordPress backup plugin for a better, more efficient, and more reliable solution. These plugins will automate backing up for you, even on a schedule, and quite often provide extra features, such as:

      • Restore your entire site to a previous point in time with just one click.
      • Store backups safely off-site to safeguard against server failures.
      • Receive notifications for successful or failed backups.
      • The only backup changes since the last backup have been saving storage space.

      Example of WordPress Backup Plugin: WPvivid

      WPvivid is a highly rated plugin that offers a wide range of WordPress backup and restoration options. It’s user-friendly and offers peace of mind knowing your site is safe.

      How to Use WPvivid

      Installation

      1. Login to your WordPress dashboard.
      2. Go to Plugins > Add New.
      3. Search for “WPvivid Backup”
      4. Install the plugin.
      5. Activate the plugin.

      First Backup:

      1. Go to WPvivid > Backup & Restore.
      2. Click Backup Now.
      1. Go to WPvivid > Schedule.
      2. Set up a regular schedule of automated backup.
      3. Click Save Changes.

      Restore Your Site:

      1. Go to WPvivid > Backup.
      2. Choose the backup you want to restore.
      3. Click Restore.

      Extra Tips:

      • Test Your Backups: Regularly restore your site from a backup to make sure it’s working correctly.
      • Keep Multiple Backups: Keep multiple backups to be safe from data loss. Secure Your Backups: If you’re storing backups off-site, use strong passwords and encryption. 
      • Monitor Your Backups: Keep an eye on your backup schedule and storage usage.
      • Regular Backups: Set up regular backups, preferably daily or weekly. 
      • Offsite Storage: Store backups off-site to protect against local disasters. 
      • Test Restores: Periodically test restoring your site from backups to ensure they are working.
      • Secure Backups: Protect backups with strong passwords and encryption.

      With these best practices in place and by using a reliable WordPress backup plugin, you can all but secure your WordPress site and minimize the possible disasters to the barest minimum.

      More WordPress Guides:

    • CleanTalk Anti-Spam as a No-jQuery WordPress Plugin for Optimal Performance

      CleanTalk Anti-Spam as a No-jQuery WordPress Plugin for Optimal Performance

      With this update, we polished CleanTalk Anti-Spam to do what it’s supposed to do the best. And here’s what was improved in the plugin in more detail.

      What Did We Do

      1. Reducing jQuery Dependency
        • Why jQuery? jQuery was often included to handle some JavaScript tasks but sometimes added extra weight to your website.
        • New Approach: We replaced jQuery with native JavaScript where possible. This will reduce the amount of code needed to load and parse, hence offering faster page load times.
      2. Simplify Handling of AJAX
        • AJAX and Anti-Spam: AJAX helps perform real-time anti-spam checks. However, incorrect AJAX requests may make your website slow.
        • Improved AJAX: We further improved our AJAX handling by reducing the number of requests and enhancing the data transfer process. This will keep the anti-spam checks lean without interfering with the user experience at all.
      3. The debug_ajax Option
        • The debug_ajax option was only given for development purposes and seldom, if ever, used in production environments. To make the plugin core even slimmer, we removed this option.
      4. comments__manage_comments_on_public_page Option
        • That is when comments need to be enabled on a public page. Comment visibility and comment moderation make the option work seamlessly without compromising security.

      Results

      With these optimizations, you will be guaranteed that your website-essentially pages with an active comment section see a significant improvement in speed and performance that will positively reflect in the visitor experience with better SEO rankings and hence a better overall user experience.

      Let’s see what PageSpeed Insights has to say:

      Before

      2024 12 06 14 01 12

      After

      1

      Update Today

      We recommend that you update to the latest release of CleanTalk Anti-Spam to take advantage of these performance enhancements.

      Automatic Update:

      1. Check for Updates:
        • Go to your WordPress admin dashboard.
        • Navigate to Plugins > Installed Plugins.
        • Locate the “Anti-Spam by CleanTalk” plugin.
        • You’ll see a “Update Now” button next to the plugin name.
      2. Update the Plugin:
        • Click the “Update Now” button.
        • WordPress will automatically download and install the latest version of the plugin.
    • Important Update: Changes to Our Frontend Malware Scanner

      Important Update: Changes to Our Frontend Malware Scanner

      We are always looking for ways to improve your experience with website security. As such, we will sunset the Frontend Malware Scanner within our plugin on December 1st, 2024.

      Why the change?

      • After evaluating the data we can certainly say that very few of you use the front-end malware scanner. While it is a nice feature, it has just not been that popular.
      • Also, this scanner is not as effective as we expect it to be.
      • So, we’re putting our energy into the stuff that counts. We will spend most of our time on the parts of the security tools that you use and love. This way, we can keep your website safe and sound without all that extra hassle.

      Where will this take us?

      We’re focusing our resources on making our Malware Web Scanner even more powerful! This robust tool scans and blocks threats in real time, ensuring your site stays protected from the latest online dangers. If you’ve been using our Frontend Malware Scanner, consider switching to the enhanced Malware Web Scanner to experience its full potential in safeguarding your site. To identify potential vulnerabilities and security risks, it will analyze websites for:

      • Malware external links
      • Public blacklists
      • Exposed repositories
      • Internal links
      • SSL certificates
      • CMS identification
      • Server information

      What does this mean for you?

      • Don’t sweat! All the other security features within the plugin will continue to work just fine.
      • Even more protection: We keep going further with the online scanner to make it even stronger in protecting your website.

      Questions?

      Our amazing support team is here for you. Just email them, and they will answer if anything crosses your mind. Thanks for your understanding! We look forward to serving you more with the best website security.

    • How to use Google Fonts WordPress plugin: A Simple Guide

      How to use Google Fonts WordPress plugin: A Simple Guide

      Want to give your WordPress website a professional and stylish look? Google Fonts is the perfect tool to elevate your site’s typography. By adding a wide range of free, high-quality fonts to your website, you can enhance its visual appeal and readability.

      How to Install the Google Fonts Plugin

      1. Navigate to “Plugins” and click “Add New”.
      1. Search for “Google Fonts”.
      2. Install and activate the plugin.

      How to Use the Google Fonts Plugin

      1. Go to “Fonts Plugin”
      1. Start the customization. For this, choose a certain menu.
      1. Select your desired fonts. You can search for specific fonts or browse through categories.
      1. Choose font weights and styles. Customize the appearance of your fonts.
      2. Assign fonts to different elements. Apply fonts to headings, body text, menus, buttons, and more.
      1. Save your changes.

      Best Practices for Using Google Fonts

      • Choose readable fonts. Prioritize font clarity and legibility.
      • Limit font choices. Keep your design clean and focused.
      • Consider font pairings. Combine fonts that complement each other.
      • Test on different devices. Ensure your fonts look good across various screen sizes.
      • Optimize performance. Minimize the number of font files to improve website speed.

      By following these steps and best practices, you can easily add Google Fonts to your WordPress website and significantly improve its overall design and user experience.

      Feel free to check our other beginner’s guides to make your WordPress start smooth:

      A Beginners’ Guide: Crafting Captivating Pages on Your WordPress Website

      A Beginner’s Guide: How to Install WordPress from Scratch

    CleanTalk

    About

    Dashboard

    Pricing

    Sign up / Sign in

    Solutions

    Anti-Spam for websitee

    Blacklists

    Filter fake emails

    Gantt charts

    Hide contact data

    Stop spam emails in Contact form 7 (CF7)

    Stop spam in Elementor form builder

    Stop spam in WPForms

    Website malware scanner

    WordPress Security & Firewall Plugin

    Documentation

    API

    Help

    License agreement

    Privacy Policy

    Refund Policy

    Signs of Malware

    Contact us

    Create a support ticket

    Telegram

    Contact us