CleanTalk's blog

    Sign up

    Author: Alexander

    • CleanTalk Security Plugin Tools for WordPress

      CleanTalk Security Plugin Tools for WordPress

      1. Protection against brute-force attacks is essential to prevent unauthorized access to systems and accounts. Brute-force attack is a method where attackers sequentially try all possible combinations of account passwords and sometimes gain access to the system. The CleanTalk plugin has options such as:
        1.1. Number of unsuccessful authorizations before blocking occurs.
        1.2. Lockout time of the visitor which is the time period between login attempts.
        1.3. Time period the IP will be blocked for when the limit of unsuccessful authorizations is reached.

      2. User Actions Log is designed to track user actions in the WordPress Dashboard and ensure security. It allows you to record and display user actions in real time, to see which pages of the website backend and at what time they were visited. This tool is useful for detecting and preventing hacking attempts, unauthorized access, and other suspicious activities on the website.

      3. Security Firewall is designed to block access to the site under certain conditions:
        3.1. CleanTalk Database of Dangerous IP Addresses is being used to block access to the site for those IP addresses that have already participated in hacking attempts into other sites.
        3.2. Your Personal Lists of IP Addresses is being used to block access to the site.
        You can add custom IP addresses, networks, and countries on your CleanTalk Dashboard.
        Visitors that were blocked by the Security FireWall will not be able to pass it and get to your site.

      4. Security Report provides a summary of how the plugin works on your websites. The report is being sent once a week to your email address and provides the following statistics:
        4.1. Blocked requests in Security FireWall
        4.2. Number of brute-force attempts
        4.3. Successful admin logins
        4.4. Malware scanner statistics

      5. The option “Notifications of administrator users authorizations” sends you a notification by email every time you successfully log in with an administrator account. This allows you to quickly receive information about unauthorized users.

      6. Real-Time Traffic Monitor feature provides you with real-time traffic information on your website. It helps you in tracking visitors activity and detect potentially malicious traffic — these can be password cracking attempts, SQL injections, DDOS attacks, and other threats.

        The feature also allows you to see bots activity on your site. Bots can have different intentions, but it’s important to be able to distinguish real users from automated bots. You can view the list of bots and take action to block unwanted activity.
        You can see data such as IP address, location, country, and other information that will help determine if a visitor is a suspicious or unwanted bot. It will also help you make the appropriate security settings.

        The feature works In real time, meaning you can see the activity immediately without a delay. You can view the current users on the site, as well as which pages or sections of the site are currently being viewed.

      7. Malware Scanner is one of the features of the CleanTalk Security Plugin for WordPress that is designed to detect and remove malicious code on your website.
        Daily automatic site scanning. The plugin scans your site once a day and you will receive up-to-date information about your site cleanness. You can choose the time period for the automatic site scanning — every 12 hours, 24 hours, 3 days, 7 days, 14 days, or every 30 days.

        The Malware Scanner feature analyzes all files on your site, including the WordPress core files, themes and plugins. It looks for vulnerabilities, malicious scripts, and other suspicious elements that may be related to malicious code.

        When Malware Scanner detects malware or suspicious files, it alerts you instantly via email. You will receive a detailed report of the found threats, including the file names. This will help you quickly respond and take necessary actions to remove malware.

        Automatic Malicious Code Removal: The CleanTalk Security Plugin for WordPress provides this feature to automatically remove malicious code. If there is a known signature for the detected malicious code, the file will be disinfected automatically.

      8. The option “Collect and send PHP log” allows you to automate the process of checking your PHP logs for errors that occur while your site is running. Errors could appear for a short period of time and only when one specific function is running, they can’t be spotted in other circumstances so sometimes it’s hard to catch them. The CleanTalk Scanner will check your website backend once per hour. Statistics of errors are available in your CleanTalk Dashboard.

      9. 2FA: WordPress Two-Factor Authentication is a tool to provide an additional level of security for the website administrator account.
        The main purpose of 2FA is to protect user accounts from unauthorized access, even if an attacker knows the user’s password.
        When a user enters their password to log into their WordPress account, 2FA requires them to provide a second authentication code. The code is being sent to the WordPress account email address.

        The CleanTalk Security plugin allows administrators to set up 2FA for various user roles. So they can grant 2FA to certain groups of users.
        The option “Custom WP-Login URL” in the CleanTalk Security Plugin for WordPress allows you to change the default login URL of your WordPress Dashboard (wp-login.php). This is useful for several reasons:

        • Protection against brute-force attacks: Changing the login URL of the admin panel makes it less predictable and harder for attackers to determine. Most brute-force scripts and bots look for the standard URL, so using a custom URL improves security.
        • Hiding the fact that WordPress is being used: Many hackers and attackers specifically look for sites built on WordPress in order to gain access to them. Changing the login URL makes your site less vulnerable for attacks that are being made by the principle “Default WordPress Login URL Search” .
        • If you use a custom login URL, this may be more memorable and convenient for you. You can choose an URL that is easy to remember or related to your brand.
        • Prevent spam and DDoS attacks: Changing your login URL can help you prevent spam bots and DDoS attacks that often target a standard URL. This can significantly reduce the amount of unwanted activity and improve the performance of your site.

      10. The option “Prevent collecting of authors’ logins” in the CleanTalk Security Plugin for WordPress is an additional tool to protect your site from malicious attacks and unauthorized access.

        One of the most common ways of attacking websites is by attempting to hijack the accounts of the administrator or content authors. A hacker can use various methods to gain access to usernames and passwords and use them for malicious purposes such as injecting malicious code, modifying website content, and even stealing user data.

        The option in the CleanTalk Security Plugin can greatly reduce the risk of such attacks. This feature allows you to hide the names of your authors (logins) from public view on the site, storing them in the database for administrative access only.

        Firstly, it will prevent attackers from accessing authors’ data, which will significantly complicate the hacking process. Secondly, the site will look more secure and inaccessible to hackers. Thirdly, using this option reduces the likelihood of data leakage and privacy violations.

      11. The option “Disable XML-RPC” in the CleanTalk Security Plugin is an important step to increase security and prevent potential attacks on your site.

        XML-RPC is a protocol that allows you to remotely interact with your WordPress site. It was created to facilitate data transfer and information exchange with other platforms. However, due to several vulnerabilities, XML-RPC can become an entry point for hackers.

        One of the main reasons for disabling XML-RPC is the possibility of an attack called brute-force. This attack involves attempts to forcefully input different random passwords for administrative accounts in a rapid succession. XML-RPC, by its very nature, allows attackers to carry out such attacks because it allows iterative validation of multiple passwords without restrictions. Disabling XML-RPC greatly reduces the risk of such attacks and prevents unauthorized access to your site.

        In addition, XML-RPC can also be used to carry out DDoS (Distributed Denial of Service) attacks. Attackers can use XML-RPC to send a large number of requests to your site at the same time, which can lead to server overload and temporary site denial of service. Disabling XML-RPC protects your site from such attacks and helps keep it running for your visitors.

        Disabling XML-RPC in WordPress is quite simple. You can do this with the CleanTalk Security Plugin and enable the option “Disable XML-RPC”. It is recommended to disable XML-RPC unless you are using it to communicate with other platforms or services.

      12. The option “Disable REST API for non-authenticated users”. The REST API is a set of programming interfaces that allow you to interact with your WordPress site and access data and functionality. However, access to the REST API can become a vulnerability for attackers if the option “Disable REST API for non-authenticated users” is not enabled. Examples: getting a list of all posts, creating a new post or updating an existing one, deleting a post, getting/creating users and comments.

        Disabling the REST API for unauthenticated users has several benefits. First, it reduces the risk of an attack on your site. If an attacker gains access to the REST API, they can use this opportunity to obtain sensitive data, change site content, or perform other unwanted actions. Disabling the REST API for unauthenticated users helps in preventing these potential attacks.

        Second, disabling the REST API for unauthenticated users helps improve the performance of your site. The REST API can put a load on the server, especially when trying to process many requests from unauthenticated users. Disabling this feature for these users reduces the server load and speeds up your site response.

        Enabling the option “Disable REST API for non-authenticated users” in the CleanTalk Security Plugin is very simple. Just activate this option in the plugin settings and save the changes. It is important to note that this option will not affect authenticated users, and they will be able to continue using the REST API without any issues. If you only use the WordPress Dashboard to work with the site and want to increase the security level of your resource, then it is recommended to disable the WP REST API.

      13. The option “Forbid to show your website in <iframe> tags on third-party websites” in CleanTalk Security prevents your site from being embedded in an <iframe> on other websites. An <iframe> is an HTML element that allows you to embed one web page inside another. Technically speaking, <iframe> can be used to display your site on other third-party sites while still maintaining visual and functional content. However, this can also lead to security risks and undesirable consequences.

        This has several advantages. First, it protects your site from potential fraudulent activities. Some attackers may create embedded iframe-copies of your website to fraudulently collect personal information from your visitors or malicious targets. Disabling <iframe> prevents this possibility and protects your users.

        Second, opting out of showing your site in an <iframe> on third-party websites helps you control content and prevent copyright loss. If your site is embedded in another website’s <iframe> without your consent, this may result in improper display and control of your content. Disabling <iframe> allows you to retain full control over how and where your site is displayed.

        Enabling the option “Forbid to show your website in <iframe> tags on third-party websites”in the CleanTalk Security Plugin is very simple. It is enough to activate this option in the plugin settings, and your site will be protected from embedding in <iframe> tags on third-party websites.

      14. The option “Add these headers to the HTTP responses on the public pages: X-Content-Type-Options, X-XSS-Protection” in CleanTalk Security allows you to add the X-Content-Type-Options and X-XSS-Protection security headers to the HTTP responses on your site’s public pages. These headers tell browsers how to process the content of the page and prevent possible XSS-based attacks and malware downloads.

        XSS (cross-site scripting) and drive-by download attacks are among the most common and dangerous threats in the online environment. XSS attacks can allow attackers to inject and execute malicious code on your site, while drive-by download attacks attempt to download and install malicious software without the admin’s knowledge.

        The X-Content-Type-Options header tells the browser that page content should only be processed according to the specified MIME type (Multipurpose Internet Mail Extensions). This helps prevent possible attacks based on the content type and provides an additional layer of protection.

        The X-XSS-Protection header is designed to protect against XSS (cross-site scripting) attacks. It includes built-in protection mechanisms in the browser that allow you to detect and block attempts to execute malicious scripts in a timely manner.
        Enabling the option “Add these headers to the HTTP responses on the public pages: X-Content-Type-Options, X-XSS-Protection” in the CleanTalk Security Plugin is very simple. Just enable this option in the plugin settings and headers will be automatically added to the HTTP responses on public pages of your site.

        In this article we have tried to tell you about the main and most useful options of the CleanTalk Security Plugin for WordPress. You can install the plugin from the official WordPress directory here: https://wordpress.org/plugins/security-malware-firewall

        If you have any questions about the CleanTalk Security Plugin functions, feel free to ask them in the comments and we will be happy to assist you.
    • Importance of Using the CleanTalk Email Checker Service to Validate Email Addresses for Existence

      Importance of Using the CleanTalk Email Checker Service to Validate Email Addresses for Existence

      Email Checker is an important tool that helps to verify the legitimacy of email addresses. Email Checker is a software tool that checks the validity of an email address in real-time. This ensures that emails are not only sent but also delivered to the intended recipients. Email addresses validation, on the other hand, is a process of verifying the email address using several methods, such as syntax checks, MX record checks, and email filtering. These checks help in reducing the likelihood of invalid email addresses being added to your mailing lists, further reducing the number of bounced emails and the potential of spam complaints.

      A very large number of websites use subscription forms for updates, user registrations or order/checkout forms. Website owners use the email addresses of their clients for newsletter mailing lists. The same forms are also often being used by spam bots in spam purposes, so if the form is not protected, then spam email addresses will be added to the mailing list.

      CleanTalk Anti-Spam Service provides tools for checking email addresses for existence. If you are using any of the CleanTalk Anti-Spam plugins, email address checking is being done automatically and non-existent email addresses will be blocked. How to install the CleanTalk Anti-Spam plugin on a website can be found on our help pages, here are our detailed guides for popular CMS: https://cleantalk.org/help/install 

      CleanTalk also provides access to the Online Email Checker Service: https://cleantalk.org/email-checker . You can go to the verification page and enter the email address you want to check and get the result whether this address exists or not.

      Email communication has become one of the most critical ways of exchanging information in today’s digital world. Whether for business purposes or personal communication, sending emails has become a necessary part of our daily life. However, sending emails to invalid email addresses can be counterproductive. 

      How to reduce the risk of sending emails to fake addresses

      Sending emails to invalid or fake email addresses can be counterproductive. It can lead to a high bounce rate, reducing email engagement, impact sender reputation and even result in email accounts being marked as spam. Email servers may consider emails that were sent to fake email addresses as spam and report it as such. This can lead to the email account being marked as spam, which can have negative consequences for the sender.

      The use of the CleanTalk Email Checker and Email Validation tools can help with reducing the likelihood of these issues and ensure that emails are delivered to the appropriate recipients.

    • What is the CleanTalk Security FireWall

      What is the CleanTalk Security FireWall

      Security Firewall for WordPress websites is a tool that helps in protecting your website from hacking and other cyber attacks. In today’s world, hackers can attack websites using a variety of tools and methods. The CleanTalk Security Firewall blocks malicious attacks such as SQL injections, malware scripts, and more.

      There are many threats that can hit a website and the CleanTalk Security Firewall is an important and necessary security measure. This tool offers a number of features that keeps your site secure. Here are a few reasons why the CleanTalk Security Firewall is essential for your WordPress site.

      How to install the CleanTalk Security Plugin on your site: https://cleantalk.org/help/install-wordpress-security 

      1. The CleanTalk Database of Dangerous IP Addresses is being used to protect against malicious attacks.
        CleanTalk uses its own database that contains dangerous IP addresses other sites were attacked with. This database is constantly updated and contains a list of known IP addresses activities of which are associated with unwanted activities such as spam, brute-force, hacks and other types of cyber attacks.

        When a user visits a site, CleanTalk automatically checks the user’s IP address for suspicious activities in the database. If the address is found, CleanTalk denies access to the site or blocks any attempts of sending inappropriate content to the site.
        Thus, the Database of Dangerous IP Addresses helps in preventing attacks and protects websites from unwanted actions, which makes CleanTalk an effective tool for protecting web resources.
      1. Web Application FireWall is a part of the CleanTalk Security FireWall and it is designed for blocking attack attempts such as XSS, MySQL-injections, attempts to upload malicious files and check traffic for known exploits.
        WordPress is one of the most popular Content Management Systems (CMS) and web application vulnerabilities can be used to hack a site or steal sensitive information such as logins and passwords.
        Web Application Firewall for WordPress enhances website security and protects your website from potential security threats and data loss.


      2. Security FireWall Log to monitor entire activity on the site. The Security FireWall Log shows all visits to the site and you can see the details about which IP addresses and which pages were visited, the number of requests made to the site, the geo location of the IP address and the User Agent used.


        Using this data, you can determine the IP addresses that generate a large number of requests to the site or visit non-existent pages of the site, then you can blacklist or whitelist the IP address.
        All Security FireWall Logs are stored in your CleanTalk Dashboard and kept for 7 days. You can use various filters to evaluate the activity of IP addresses on the site, get data for the last 7 days and add entries to your Personal Lists.

      All in all, Security Firewall is an essential security measure for your WordPress site. It offers many features that keep your website protected from various types of cyber attacks. It’s a good practice to use the CleanTalk Security Firewall for protecting your data and keeping your site secure.

      You can view information about CleanTalk Security Plugin in the WordPress directory: https://cleantalk.org/help/install-wordpress-security 

      How to install the CleanTalk Security Plugin on your site: https://cleantalk.org/help/install-wordpress-security 

    • Effective Way to Protect Your Email Address on Your Website From Spammers With Email Encoder

      Effective Way to Protect Your Email Address on Your Website From Spammers With Email Encoder

      Protecting email addresses from spammers is an important security rule for everybody on the Internet. Since spammers can capture email addresses with their automatic bot-programs, your inbox could become a trash can for many years if it wasn’t protected enough.

      If you neglect protecting your inbox from spam, it could be filled with useless and unnecessary information. It could lead to missing important emails that might be more important to you. In some cases spam could become a dangerous malicious software that might harm your computer or your files.

      To protect your email address from spam and crawlers/parsers you can use CleanTalk Anti-Spam Plugin that offers encoding and hiding your email address on your website. Our module protects email addresses from automatic crawlers and spammers and prevents your address to be added to spam mailing lists.

      Other practical methods of protecting email addresses include using a symbol of comma or round brackets instead of dots, JavaScript code for hiding or encoding the addresses right inside of the HTML markup. If you use WordPress as your CMS, you can also use CleanTalk WordPress Email Encoder to hide your email address.

      CleanTalk Email Encoder & Obfuscator — is a tool for encoding and hiding of your email address from bots and crawlers. It is an additional option in the CleanTalk Anti-Spam Plugin.

      Generally, protection of your email address on your website and in your electronic documents is important for getting rid of a bombardment of your inbox by unwanted advertisements, fraudulent emails and preventing from being used in other malicious activities, that’s why it’s important to take measures to protect your own email address. CleanTalk Anti-Spam Plugin offers simple and effective methods of protecting your email address on your website.

    • CleanTalk Launched an Online Service for Planning and Managing Projects and Tasks

      CleanTalk Launched an Online Service for Planning and Managing Projects and Tasks

      We are glad to inform you that the CleanTalk Team launched a new service that helps in managing your projects and tasks.

      Our new service doBoard is intended for helping in organizing workflows and managing tasks within teams. To manage your tasks effectively, a convenient tool is required that lets you plan the time of your employees and time frames of the tasks.

      Tasks can be planned and controlled with many methods including stickers where you write down your notes. Of course, effective team work is impossible in that case. You will have to spend a huge amount of time on routine actions.

      A few years ago our team ran into a problem of planning our tasks, we could not tell precisely in what time frames our various task lists will be finished and could not predict the exact release dates of the new service features. We did a research of different task management tools that offer a convenient team work space, while the tool had to be simple and easy for work as we wanted to integrate our own tools into it. Nonetheless, nothing sufficed all our particular needs and we decided that such tool will be developed by us for managing tasks and projects.

      Today we are ready to introduce you our new project “doBoard”. We have already finished transferring all our projects and tasks in our new service and we are using it for team work for more than 2 months.

      No matter of your workplace, at home or in the office, our service provides you with effective work flow planning for your employees and for other parties who are involved in your projects. Regardless of your business area, effective workflow management plays an important role in achieving your goals. You can even plan your home renovation and construction and assign the tasks between the contractors, or plan a preparation for an important event.

      The CleanTalk Team offers you to try the new service and we will be glad to receive your feedback. Welcome on doBoard to manage your work.

    • Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)

      Our Investigation of the Hack of One Website (OR: How We Investigated a Hack of One Website)

      We were contacted by one WordPress website owner with the issue of a website hack. Consequences of the hack were that their whole website content was deleted, meaning articles, pictures, plugins and themes were gone and visiting the website displayed a blank page. What was left in the folder «wp-content» was a single folder «uploads», new files in the root directory and many custom files «.htaccess» in other folders.

      What measures were taken in the first place before restoring the website. To avoid future successful connections from the hacker, all passwords were changed, including database ones, authorization over HTTP was enabled, installation of any files and themes were allowed only over FTP.

      What Has Been Done to Find Out the Source of the Hack

      The main task was gathering information about how the hacker managed to get access to the website and delete all of its content.

      The first step was saving the entire file system in a way where the files can not be created anew but to be saved in their current state (It’s important to know for identifying the creation time of the malicious files).

      • saving nginx «access.log» on the date of the detected hack
      • saving nginx «error.log» on the date of the detected hack
      • saving nginx «syslog» on the date of the detected hack

      Input data:

      • logs «access.log» (200 MB) «error.log» (47 MB)
      • website files

      The local repository of Splunk was chosen for the log analysis, data sources were the files «access.log» and «error.log».

      To determine the time when the website infection happened, the creation time of the suspicious files in the website folder was inputted.

      The next step was selecting a set of lines from the log files within a certain time period and the server response 200, while requests from «admin_ajax» and «wp_cron» were excluded.

      Thus, we found the hacker’s IP address that was able to get a response 200 for its POST request to this address: /wp-content/themes/seotheme/db.php?

      Next, we analyzed every line of activity of this IP address within the same time period. Based on this data, we see that someone created this folder: /wp-content/themes/seotheme

      Furthermore,

      • the cybercriminal from the IP address 43.153.77.57 was able to get a response 200 to their POST request while forcing /wp-content/themes/seotheme/db.php?u and in the end a number of malicious files was created which were started being called; 
      • a set of files «.htaccess» was created and modified specifically for the Apache-like webserver to allow executing files; 
      • the file «index.php» was modified, added obfuscated malicious code;
      • the file «plugins.php» was modified, added obfuscated malicious code;
      • the file «pluggable.php» was modified, added obfuscated malicious code; 
      • there were some eval constructions in the files, and parsing them was impossible.
      • It’s also impossible to know the origin of the folder /wp-content/themes/seotheme and the files in it, the reason is self-deletion of the malware results.

      How to prevent future hacks:

      1. constant monitoring of the website files for any new unknown files in the system,
      2. aggressive response to status changes of the «.htaccess» files if you use an Apache web-server
      3. force to implement any filesystem actions with a protected FTP account only, you can edit your wp-config.php by adding the code below:
      define( 'FS_METHOD', 'ftpext' );

define( 'FTP_BASE', '/yoursitepath' );
    • WordPress. How to hide email address from bots and spammers

      WordPress. How to hide email address from bots and spammers

      If your email address is posted on the site in the open form, then this is an easy way for bots and spammers to get it for further use and to send spam to you, and to send comments on other sites. Cleantalk Anti-Spam Plugin for WordPress allows you to obscure email addresses on public pages.

      How to obscure email address to hide from bots and spammers

      First of all, you need to install the Cleantalk Anti-Spam Plugin for WordPress. To install the plugin, you can use the instruction.

      After installing the plugin, go to WordPress DashboardSettings Anti-Spam by Cleantalk and mark the Encode Contact Data option and save the settings.

      To check how the obscure email address option works, open a new browser window in incognito mode and go to the page of your site on which your email address was posted. As well as you can try an example below.

      Click the hidden email to see the magic: st********@*****le.com

      On the page, you will see that the email address is hidden. To decode the email address, click on it, and at that moment the anti-spam will check for bots, this will take a few seconds for decoding. After the check is performed, you will see the email in open form. The bots that could not perform the check will be blocked.

      Why do you need to hide email address on website

      Almost every web owner places his contact information on his website so customers can contact it. Sometimes an indication of your email address directly on your website can be the most convenient way for your customers to contact you. However, the simple publication of your email address in the form of simple text can lead to undesirable consequences.

      To hide the email address, you can try to obscure the address manually, for example, email at example dot com. But this method is little effective and the bots recognize it. To solve the problem of collecting email addresses by bots, we have developed a reliable verification method that allows you to block bots.

    • WordPress DDoS Protection. How to Mitigate DDoS Attacks

      WordPress DDoS Protection. How to Mitigate DDoS Attacks

      How to Mitigate DDoS Attacks on WordPress

      To mitigate DDoS attacks you can implement several methods.

      The first method is to forbid access to your website by IP address on the level of your webserver by adding a rule in the file «.htaccess» manually.

      The second method is to install the CleanTalk Security plugin for WordPress, our feature Traffic Control that protects from DoS is enabled by default.

      CleanTalk Traffic Control monitors each request from any IP address and if the number of requests exceeds the limit in a certain time period then this IP address will be temporarily blocked and it wouldn’t be able to access your website at all.

      For instance, if an IP address sends requests to your website with a frequency of 1000 requests per 1 hour, such activity will definitely be blocked for 1 hour.

      You can adjust the settings of Traffic Control as you want and as you find appropriate. To do that, go to your WP Dashboard → Settings → Security by CleanTalk → General Setting → Firewall.

      Time frame to measure page hits – here you can set a time period which will be taken to calculate the number of requests of your visitors.

      Block a visitor if the count of the opened pages in the time frame more than – here you can set your limit of requests after exceeding which any IP address will be blocked.

      Block a visitor if they exceed the limit of opened pages for X minutes – this option is meant for setting a time period a blocked IP address will be put in.

      Ignore logged-in users – tick this option to ignore all requests going from your logged-in users.

      Also, on the tab Firewall, you can see all IP addresses that are visiting your website right now.


      What are DDoS and DoS?

      These are types of attacks on a website when a lot of requests are being sent. If the number of requests is quite high then it will result in problems with the website functioning.

      The difference between DDoS and DoS consists of that DDoS has a distributed attack, meaning it is executed from many IP addresses, while DoS has just one or a few IP addresses.

      Why DDoS and DoS might be dangerous to a website

      Such types of attacks is based on the fact that a webserver has to process each request, thus running all website page scripts, loading all pictures, and so on spending its resources. As a result, the website will function slower or start giving an error on attempts of visiting any page.
      The second trouble is in a high volume of your website traffic, in some cases, it may lead to unexpected expenses or a warning from your hosting provider.

      It’s unwise to underestimate the dangers of such types of attacks and spend your time forbidding IP addresses manually, it’s more efficient to give this task to the automated tools.

      You can install the plugin Security & Malware scan by CleanTalk from the WordPress catalog.

    • Additional Services of CleanTalk Anti-Spam in Demand

      Additional Services of CleanTalk Anti-Spam in Demand

      This article is about our extra services that are in the most demand among the clients of CleanTalk Anti-Spam. The Personal Lists feature (by IP and email addresses) does not count in this review as it’s not an extra feature, it is included in the basic package of the service.

      Extra Package expands the service features and offers other options if you need them. The features included in the Extra Package are not necessary for all of our clients, therefore, the price of the Anti-Spam service stays unchanged for all of our clients and the features might be chosen to be used only by those clients who really need them.

      1. The most popular extra feature is Blocking by Country. Adding a country to the Anti-Spam blacklist allows to block comments, signups and other data from any website forms from the IP addresses that are being considered as a part of the blacklisted country. Keep in mind that only submitted data to the website forms will be blocked, not visiting the website, people still be able to visit your website from the blacklisted countries.
        Read more about Blocking by Country.

      2. The second most popular extra feature is Stop-Words. Stop-Words block messages that contain any word you added to your Personal Lists. It allows blocking messages containing profanity, obscene language and strengthening the Anti-Spam protection from manual spam by adding specific words to your Stop-Words list. Read more about Stop-Words.

      3. Blocking by Countries in SpamFireWall (SFW) takes the third place among popular extra features. The feature blocks access to the website for bots while a normal visitor is able to open any website pages as usual. Each IP address of the blacklisted country will be forbidden to visit your website by the SFW screens, each initial website page load will trigger the SFW check for bots. Normal visitors are able to pass the SFW screens and load the website pages and later on the SFW screens will not disturb them. Meanwhile, bots that fail the SFW check will always get the SFW screens and never visit your website. Read more about Blocking by Countries in SpamFireWall.

      4. The fourth place is taken by the feature of blacklisting domains. When mail domains are added to your Personal Lists all data submitted to your website forms containing the blacklisted domains will be blocked. Read more about blacklisting domains.

      5. Blocking by Language is on the fifth place. All messages in the chosen languages will be blocked when you add these languages to your Personal Lists. At the moment we offer the following languages:
        Chinese
        Korean
        Japanese
        Hindi
        Arabic
        Cyrillic
        Indonesian

        Read more about Blocking by Language.

      We hope that this article gives you a good hint about useful extra features for tuning your Anti-Spam license to be more convenient and functional for you.
      We will be happy to answer your questions and comments.

    • How Do Our Clients Use the CleanTalk Blacklists Database

      How Do Our Clients Use the CleanTalk Blacklists Database

      This article is about how the data of the CleanTalk Blacklists Database is being used by our clients in their businesses.

      Brief description of what the CleanTalk Blacklists Database is
      The CleanTalk Anti-Spam and Security services get data of malicious actions that are being performed on the websites of our clients. IP and email addresses of the suspicious visitors are being added to the CleanTalk Blacklists Database.
      The CleanTalk Blacklists Database is being updated in real time, outdated addresses (that weren’t used for attacks for a certain period of time) are being deleted from the Database while new addresses with malicious activity spotted on several websites at once are being added to the Database.

      What are Possible Ways of Using the CleanTalk Blacklists Database of Spam IP and Email Addresses

      Based on the examples of our clients we want to demonstrate the ways of how they use our data of spam active addresses.

      Online marketing
      Owners of online businesses send their marketing offers and deals by launching their mailing campaigns. They collect their leads from their website forms after receiving completed checkouts or after getting new signups. Spammers on the other hand use website forms to send spam and they can use either lists of fake email addresses or real email addresses of random people.

      In both cases when our clients launch their marketing campaigns using these unreliable email addresses nobody gets anything good. Quantity of emails sent to fake addresses or to unaware people will increase, random people most likely mark such emails as spam or report them. Thus, there are risks for the online email campaigns to get a lot of spam reports and as a result the webservers might be blacklisted, percentage of successfully delivered emails might be lower than expected, there might be problems in delivering emails to legitimate users.

      To avoid this the mailing lists have to be checked for spam and refined from fake and spam addresses. The outcome of the mailing campaign will be much better and more precise.

      Website builders
      Website builders such as WIX.com use our data of spam active addresses for strengthening their defense from spam and malicious activity on websites of their clients. If webservers get an online request from an address that is in the CleanTalk Database then this is a good reason for verification to be made stricter.

      Enterprise networks
      To protect enterprise networks from unauthorized access and hacking. Protection for such networks usually consists of several layers of authentication and other security tools. The CleanTalk Blacklists Database of Spam IP and Email Addresses is one of the tools that helps making protection more reliable.

      Protection for mobile applications
      The CleanTalk Blacklists Database of Spam IP and Email Addresses is also being used for protection from spam signups and spam registrations in mobile applications.

      Protection for API, web applications
      In this case anti-spam checks are being performed for the addresses that call the API and if the address is blacklisted in the Database then it’s a good cause to pay a closer attention to it and take necessary measures.
      The most common ways of using our CleanTalk Blacklists Database of Spam IP and Email Addresses were mentioned in this article to help reinforce the security level of any online business. It’s possible to get access to the CleanTalk Blacklists Database with our APIs or by downloading it in files.