CleanTalk's blog

Author: Denis Shagimuratov

Prevent for User Enumeration on WordPress
I’m happy to announce option Prevent collecting of authors logins which you can find under settings,
```
WordPress console -> Settings -> Security by CleanTalk -> General Settings
```
This option disables users IDs enumeration in your WordPress. So, it stands against brute force for authors names. Here is example how the enumeration works in the plain WordPress,
```
https://blog.cleantalk.org/?author=1
```
By executing such links, an attacker brute forces users list on a site to get valid IDs and use it in further attacks.

If you turn option Prevent collecting of authors logins on, the plugin disable enumeration by showing a blank page instead of valid page of author. URL for the blank page like this,
```
https://blog.cleantalk.org/author/honeypot_login_1753432662.9124
```
That’s it! Drop questions in the comment form down below.
July 25, 2025
CleanTalk Anti-Spam is now available for Everest Forms users
I’d love to announce that CleanTalk Anti-Spam technology is now available to Everest forms users as a built-in Anti-Spam solution.

You can find it under Settings,
```
WordPress console -> Everest Forms -> Settings -> Integrations -> CleanTalk
```
Screenshot 2025 07 11 at 12.53.52 PM

CleanTalk with Everest forms supports almost same stack of technologies like native Anti-Spam plugin by CleanTalk,
- Automated filtration bots.
- Filter spammers by IP, Email, IP networks.
- Real-time email verification for existence, fake or real email.
- Anti-Spam logs up to 45 days.
- Tech support, 27/7.
- Customize message to forbidden visitors.
- Delegate control of your websites to other accounts at CleanTalk.org.
We’ve been testing this integration since May 12th, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.

In order to activate the protection, add a new website to the Dashboard or sign up for an account.

Have questions? Just drop a message in the comment form down below.
July 11, 2025
Anti-Spam for Backdrop CMS

Here is an Anti-Spam module for Backdrop CMS https://backdropcms.org/project/cleantalk

This module has been ported by an enthusiast CleanTalk user Richard Peacock. Thank you so much, Richard!

Instructions to get it live you will find by the link above. Have any questions? Just drop a comment in the section down below

July 7, 2025
Phone numbers encoded by WordPress plugin
We’ve extended protection against crawling personal data on public pages. Since version 6.55 plugin encodes phone numbers as well as emails on any public page in your WordPress.

Encoding works by two switches. Either you turn on global encoding for all content on the site,
```
WordPress console -> Settings -> Anti-Spam by CleanTalk -> Advanced Settings -> Encode contact data -> Encode phone numbers.
```
Here are full manual how to use this option https://cleantalk.org/help/email-encode

Or use short code below to encode a specific phone number in article,
```
[apbct_encode_data] +1 11*********44 [/apbct_encode_data]
```
Here are more details for the short code https://cleantalk.org/help/using-shortcodes-hooks-to-encode-contact-data

Here is an example of encoded phone number,

We are happy to assist you at +1***********30.

That’s all, phone number is encoded and protected against crawling by spam bots!

Finally, In the Anti-Spam log track interactions (encoding contact data by real visitors) with contact data on a website. There you find date, time and location of visitors who saw your phone number on a site https://cleantalk.org/my/show_requests

Screenshot 2025 06 20 at 12.49.53 PM

Have a question? Just drop the comment in the form down below. Cheers!
June 25, 2025
WP CLI support in Security by CleanTalk (WordPress plugin)
We’ve added to Security by CleanTalk support of WP CLI commands. The list of commands,
- Service setup, including interactions with cloud to get an API key and synchronization.
- Various settings of the plugin.
- Settings for templates.
- Malware scanner commands.
Full guide with examples is here https://cleantalk.org/help/security-wp-cli

It works on plugins starting version 2.156 which has been released on May 19, 2025.

Have questions? Please drop us a message in the comment form down below.
June 23, 2025
Anti-spam protection for WS Form Lite has been released!
We have protected one more contact form for WordPress, this is WP Forms lite,

WS Form LITE – Drag & Drop Contact Form Builder for WordPress

Anti-Spam by CleanTalk (plugin) protects all kinds of submissions posted through this form against spambots and spam posted by real visitors (with some rate of false/negatives).

Anyway, to set up the protection follow steps,
- Download and install WS Form Lite https://wordpress.org/plugins/ws-form/
- Download and install Anti-Spam by CleanTalk https://cleantalk.org/help/install-wordpress
- Go to WordPress console -> Settings -> Anti-Spam by CleanTalk.
- Click ‘GET ACCESS KEY’ button.
- Wait until the plugin synced data with the cloud.
- Copy a form short code of from WordPress console -> WS Form -> Forms.
  - For example: [ws_form id=”1″]
Screenshot 2025 06 16 at 12.46.47 PM
- Post the short code in any post/page on your site.
Screenshot 2025 06 16 at 12.47.05 PM
- Go to the page as a regular website visitor (you must be logged out from WordPress console, for example use Anonymous mode in your browser).
- Test the form with whatever First, Last name and use email st********@****le.com. This is email marked to test “spam” submission.
- If everything is fine, you have a message,
*** Forbidden. Sender blacklisted. Anti-Spam by CleanTalk. ***

Screenshot 2025 06 16 at 12.30.54 PM
- If not, just ask us here https://cleantalk.org/my/support/open
That’s all. Enjoy spam free website!
June 16, 2025
Say Hi to Evgenii — The New Guy on the Block!
Please welcome Evgenii, our new team member! Evgenii is an experienced software developer in web applications field and ready to rock nuts for cleantalk.org.

Here are a few words Evgenii could say about himself and the very first days in the company,
- Can you tell briefly about yourself? What are you interested in, what do you live by?
Over the past few years, I’ve been interested in gaining experience as a digital nomad and exploring different cultures. In my free time, I enjoy camping, spending time outdoors, watching movies, and listening to music. I’m also passionate about topics like cosmology, cybersecurity, cryptocurrencies, decentralized networks, and playing musical instruments.

My favorite movies include Fight Club, The Hitchhiker’s Guide to the Galaxy, and The Dark Knight. As for books, I especially enjoy The Chronicles of Amber by Roger Zelazny and the works of Carlos Castaneda.

Whenever I get the chance, I like to stay active—my favorite sports are swimming, skateboarding, and football.
- What did you find interesting in CleanTalk?
One of my key interests is cybersecurity. Over time, it has evolved from a hobby into a vital necessity for me. As the modern world becomes increasingly intertwined with the digital realm, the boundaries between the real and virtual worlds continue to blur, creating a single, interconnected reality. As a result, cybersecurity is no longer optional—it has become an essential part of everyday life for every modern person.

Unfortunately, this critical issue often receives insufficient attention, both from individuals and even some private companies. That’s why I’m especially grateful for the opportunity to combine my passion with hands-on experience at CleanTalk. I’m excited to contribute to solving the pressing challenges of cybersecurity alongside the CleanTalk team, gain valuable experience in the field, and continue growing professionally in this direction.
- What kind of tasks did you find more challenging in the very first days with us?
One of the first complex and engaging tasks I worked on at CleanTalk was measuring page loading speed. This task involved considering a variety of important factors to make well-informed decisions about optimizing performance and enhancing the user experience.

Another particularly interesting challenge was implementing React into the project to enable smooth rendering of page elements and further improve the user experience. This task was both technically demanding and rewarding, as it required integrating modern technologies into an existing live system—a non-trivial and highly valuable experience.

2025 04 11 11 57 1
- Do you have specific plans for the next few months?
I plan to continue growing and developing in the field of cybersecurity together with the CleanTalk team. To gain more and more experience in this area. To try to improve the CleanTalk project, giving our users more and more confidence and positive experience in working with our products.
- Good start, Evgenii! Personally, I and the CleanTalk staff are happy to work with you as a team!
June 2, 2025
Spam protection is available for HubSpot and Leaky Paywall
I’m glad to announce our experienced developers added spam protection to Anti-Spam by CleanTalk for Leaky Paywall and HubSpot users!

The protection works in this way,
- Protection for HubSpot is designed for embedded forms. No additional configuration required in the settings of Anti-Spam by CleanTalk.
- Protection for Leaky Paywall covers all submissions made through WordPress plugin Leaky Paywall. Anti-Spam by CleanTalk for WordPress must be installed as well.
To active protection for both services, simply install Anti-Spam by CleanTalk for WordPress,
https://cleantalk.org/help/install-wordpress

Make sure you are using at least 6.50 version of our plugin.

Have any questions? Drop a message in the comment form down below!

Have fun in promoting your business online!
April 14, 2025
CleanTalk Anti-Spam is now available for Fluent Forms users
I’d love to announce that CleanTalk Anti-Spam technology is now available to Fluent Forms users as a built-in Anti-Spam solution.

You can find it under Settings,
```
WordPress console -> Fluent Forms -> Global settings -> Security -> CleanTalk
```
CleanTalk with Fluent forms supports almost same stack of technologies like native Anti-Spam plugin by CleanTalk,
- Automated filtration bots.
- Filter spammers by IP, Email, IP networks.
- Real-time email verification for existence, fake or real email.
- Anti-Spam logs up to 45 days.
- Tech support, 27/7.
- Customize message to forbidden visitors.
- Delegate control of your websites to other accounts at CleanTalk.org.
We’ve been testing this integration since January 6, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.

In order to activate the protection, add a new website to the Dashboard or sign up for an account.
April 11, 2025
WordCamp US 2024
Let share a few notes from WCUS2024,
1. Disney moved a few dozens of websites to WordPress. They use SEO to measure value of content/posts, looks like the trust algorithms of search engines to confirm valuables of sites. Here are examples,
  - https://disneyconnect.com/
  - https://disneyparksblog.com/
2. There was a such interesting case of rebuilding https://www.recipetineats.com by https://humanmade.com. They’ve boosted site views from 25M/month to 45M/month. Key moments,
  - Hosting, backend and frontend improvements returned up to 20% of boost.
  - Added schemas for recipes.
  - Used X-Ray to track PHP code. I hope this is link is correct https://github.com/aws-observability/aws-otel-php link to home page of the project.
  - Moved the site to enterprise ready plugins. Under ‘enterprise ready’ they mean superfast, secure and maintainable plugins.
  - They used old platform and design during the rebuilding. They had good data to compare results before and after the project was done.
3. Elementor uses Patchstack to validate reports about vulnerabilities. Elementor has its own ecosystem for working with other plugins; according to them, every 30th plugin created on wordpress.org operates within this ecosystem.
4. Gravatar they are working on creating a “network” profile, not just an avatar. In the future, they see themselves as a Single Sign-On provider. It’s interesting why websites do not widely use Facebook/X for the same purpose—I’m referring to the idea of a network profile. An example of a network profile is https://gravatar.com/ronnie.
  - They updated the plugin for the first time in 12 years: https://wordpress.org/plugins/gravatar-enhanced/#description.
  - I would like something similar on our blog and research.
5. I spoke with 6-7 participants, and 3 of them use CleanTalk. Some were even surprised—why aren’t we showcasing our work? 🙂
Bonus

I’ve found a few scenery locations in Portland, OR, here are photos of them as well as me and some of our customers. Thank you guys for a great camp!

Timothy and Zach from BigScoots.

Portland Japanese Garden.

PDX.

NorhtBridge burger in Bdridgetown BBQ. The best burger I ever had!

Jonahtan and co from Kiinsta.

Steel Bridge.
October 24, 2024

CleanTalk

Sign up / Sign in

Solutions

Anti-Spam for websitee

Filter fake emails

Hide contact data

Stop spam emails in Contact form 7 (CF7)

Stop spam in Elementor form builder

Stop spam in WPForms

Website malware scanner

WordPress Security & Firewall Plugin

Documentation

License agreement

Signs of Malware

Contact us

Create a support ticket