We’ve extended protection against crawling personal data on public pages. Since version 6.55 plugin encodes phone numbers as well as emails on any public page in your WordPress.
Encoding works by two switches. Either you turn on global encoding for all content on the site,
WordPress console -> Settings -> Anti-Spam by CleanTalk -> Advanced Settings -> Encode contact data -> Encode phone numbers.
That’s all, phone number is encoded and protected against crawling by spam bots!
Finally, In the Anti-Spam log track interactions (encoding contact data by real visitors) with contact data on a website. There you find date, time and location of visitors who saw your phone number on a site https://cleantalk.org/my/show_requests
Screenshot 2025 06 20 at 12.49.53 PM
Have a question? Just drop the comment in the form down below. Cheers!
Anti-Spam by CleanTalk (plugin) protects all kinds of submissions posted through this form against spambots and spam posted by real visitors (with some rate of false/negatives).
Please welcome Evgenii, our new team member! Evgenii is an experienced software developer in web applications field and ready to rock nuts for cleantalk.org.
Here are a few words Evgenii could say about himself and the very first days in the company,
Can you tell briefly about yourself? What are you interested in, what do you live by?
Over the past few years, I’ve been interested in gaining experience as a digital nomad and exploring different cultures. In my free time, I enjoy camping, spending time outdoors, watching movies, and listening to music. I’m also passionate about topics like cosmology, cybersecurity, cryptocurrencies, decentralized networks, and playing musical instruments.
My favorite movies include Fight Club, The Hitchhiker’s Guide to the Galaxy, and The Dark Knight. As for books, I especially enjoy The Chronicles of Amber by Roger Zelazny and the works of Carlos Castaneda.
Whenever I get the chance, I like to stay active—my favorite sports are swimming, skateboarding, and football.
What did you find interesting in CleanTalk?
One of my key interests is cybersecurity. Over time, it has evolved from a hobby into a vital necessity for me. As the modern world becomes increasingly intertwined with the digital realm, the boundaries between the real and virtual worlds continue to blur, creating a single, interconnected reality. As a result, cybersecurity is no longer optional—it has become an essential part of everyday life for every modern person.
Unfortunately, this critical issue often receives insufficient attention, both from individuals and even some private companies. That’s why I’m especially grateful for the opportunity to combine my passion with hands-on experience at CleanTalk. I’m excited to contribute to solving the pressing challenges of cybersecurity alongside the CleanTalk team, gain valuable experience in the field, and continue growing professionally in this direction.
What kind of tasks did you find more challenging in the very first days with us?
One of the first complex and engaging tasks I worked on at CleanTalk was measuring page loading speed. This task involved considering a variety of important factors to make well-informed decisions about optimizing performance and enhancing the user experience.
Another particularly interesting challenge was implementing React into the project to enable smooth rendering of page elements and further improve the user experience. This task was both technically demanding and rewarding, as it required integrating modern technologies into an existing live system—a non-trivial and highly valuable experience.
2025 04 11 11 57 1
Do you have specific plans for the next few months?
I plan to continue growing and developing in the field of cybersecurity together with the CleanTalk team. To gain more and more experience in this area. To try to improve the CleanTalk project, giving our users more and more confidence and positive experience in working with our products.
Good start, Evgenii! Personally, I and the CleanTalk staff are happy to work with you as a team!
Protection for Leaky Paywall covers all submissions made through WordPress plugin Leaky Paywall. Anti-Spam by CleanTalk for WordPress must be installed as well.
Delegate control of your websites to other accounts at CleanTalk.org.
We’ve been testing this integration since January 6, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.
Disney moved a few dozens of websites to WordPress. They use SEO to measure value of content/posts, looks like the trust algorithms of search engines to confirm valuables of sites. Here are examples,
Moved the site to enterprise ready plugins. Under ‘enterprise ready’ they mean superfast, secure and maintainable plugins.
They used old platform and design during the rebuilding. They had good data to compare results before and after the project was done.
Elementor uses Patchstack to validate reports about vulnerabilities. Elementor has its own ecosystem for working with other plugins; according to them, every 30th plugin created on wordpress.org operates within this ecosystem.
Gravatar they are working on creating a “network” profile, not just an avatar. In the future, they see themselves as a Single Sign-On provider. It’s interesting why websites do not widely use Facebook/X for the same purpose—I’m referring to the idea of a network profile. An example of a network profile is https://gravatar.com/ronnie.
I would like something similar on our blog and research.
I spoke with 6-7 participants, and 3 of them use CleanTalk. Some were even surprised—why aren’t we showcasing our work? 🙂
Bonus
I’ve found a few scenery locations in Portland, OR, here are photos of them as well as me and some of our customers. Thank you guys for a great camp!
Timothy and Zach from BigScoots.Portland Japanese Garden.PDX.NorhtBridge burger in Bdridgetown BBQ. The best burger I ever had!Jonahtan and co from Kiinsta.Steel Bridge.
A few months ago I’ve got a great chance to visit Stripe Sessions 2024 at SF, CA. Here are my notes from this,
Stripe uses machine learning to protect merchants against fraud, as data they look through completed transactions. They identify two types of fraud – card testing and card caching. The false positive rate is 0.05%, meaning 5 false transaction per 1,000. Here is our solution against fraud for Stripe’s merchants https://blog.cleantalk.org/preventing-stripe-fraudulent-payments/
Stripe offers around one hundred payment methods (besides cards) and recommends enabling these methods either manually with country linkage or conducting payment in the buyer’s local currency. In this case, Stripe automatically shows to buyers their local payment methods. In my opinion, payments in local currency brings losses on conversion to USD, but in return a merchant improves payment conversion rates.
Stripe recommends using an embedded payment form on the seller’s website instead of redirecting the user to the Stripe site. This increases conversion by up to 11% due to fewer clicks for the buyer. We are going to implement such feature on our payment page as well, p.cleantalk.org. Here is a draft of the new design.
For clients from the US and Europe, it makes sense to offer credit/installment options at checkout. A representative from affirm.com (online credits/installments) mentioned that they work with payments starting at $50, and adding such a payment method can increase conversion by up to 60%, as well as increase the average check (typical buyer behavior when purchasing on credit).
Stripe measures the reliability of its infrastructure by the number of seconds of downtime. Currently, their downtime is 26 seconds per month, which they consider a key product feature.
There was an interesting session with the CEO of Nvidia, Jensen. He said, We are currently experiencing a new industrial revolution, comparable to the time when humans transformed the energy of fire into steam, and then steam into electrons. Now electrons are being transformed into tokens (GPU computational cycles), and the number of these tokens will change the economy and industry. He is driving the AI industry towards solving real human problems, namely building multi-stage processes and using external (to AI) ways of solving problems. For example, AI should independently write an email or call a third party to provide the correct solution to the user who requested it. We use own AI to design new chips. Nvidia employees would never have started doing what AI is currently doing in chip design.
There were also several sessions on product design (Figma, Linear) and pricing systems (Adobe, Stripe). I didn’t learn anything new here; we are doing what the experts recommend.
Stripe has launched Usage-Based Billing, which is similar to our Pay-as-you-go model (that we have launched in the end of 2023). Interestingly, it features a simple API for interacting with Stripe’s billing system, and it provides real-time tracking of consumed resources and costs. In CleanTalk we considered using Stripe before starting work on our universal page but decided against it because Stripe didn’t support cross-selling. Otherwise, it’s a good solution if you don’t have the desire or capability to develop your own system.
At the developer session, about 80% of the audience (approximately 1000 developers) use GitHub Copilot (https://github.com/features/copilot), which is GitHub’s AI language model that assists with coding. From what I quickly gathered, this tool:
Writes documentation.
Writes unit tests.
Provides clear descriptions for pull requests and commits.
And, of course, writes code.
The head of development at GitHub explained that the system is designed so that the developer must oversee the AI-written code to avoid issues similar to Tesla’s self-driving problems. Overall, we should try it out.
Stripe is very focused on code documentation. They have many in-house developments to keep their documentation up to date, which they consider a strong point and a reason why they are widely used (which I think is true, as their documentation was among the best during my time as a developer).
To enter the corporate market, besides complying with ISO standards, it would be good to implement Bring Your Own Key (BYOK). This feature allows users to encrypt their cloud data with their own key.
Stripe sees a reduction in payment processing costs by offering users the least expensive payment methods for the seller (Surcharge). However, it’s unclear whether Stripe plans to launch this feature for everyone or if they are suggesting users consider this option themselves.
In the summer of 2024, Stripe is launching cryptocurrency payment acceptance. They had previously tried accepting such payments but abandoned it in 2018 because the process took up to 30 minutes (due to insufficient computing power on buyers’ devices). Now, thanks to the increased performance of client devices, they have reduced this process to 15 seconds.
We should look into Linear, as they have ideas regarding project management and tracking. As well as Mindbody, which provides software (SaaS) around fitness, including financial services for their clients.
Bonus
In San Francisco, self-driving taxis are already fairly common. White cars with sensors are seen in the photos. Subjectively, 2 out of 10 cars are on autopilot. It’s a bit eerie to imagine that such a car will come to pick you up and take you somewhere, it immediately reminds me of Skynet.
Patrick and JensenFidji Simo, Patrick and JohnJohn and LawrenceDesign talksPayments featuresMe, morning of the first dayDriver less taxi
WordPress powers a significant portion of the internet, making it an attractive target for cyberattacks. Ensuring the security of your WordPress website is paramount. One essential aspect of WordPress security is regularly checking your wp-content directory for vulnerabilities. In this article, we’ll guide you through the process of safeguarding your wp-content folder using the powerful Security by CleanTalk plugin.
Why Checking wp-content for Malware is Crucial?
Your website’s wp-content directory is a critical part of your WordPress installation. It contains themes, plugins, and uploaded media files, making it an attractive target for hackers. Malicious actors often seek vulnerabilities in this directory to compromise your website’s security.
Checking wp-content is vital because it allows you to:
Detect Unauthorized Access: Regular checks help you identify any unauthorized changes or suspicious files within your wp-content folder.
Prevent Malware Infections: Detecting malware early can prevent it from spreading throughout your site, damaging your reputation and potentially harming your visitors.
Maintain Website Performance: A compromised wp-content directory can slow down your site and disrupt its functionality. Regular checks help maintain optimal performance.
Protect Sensitive Data: Your wp-content directory may contain sensitive information. Ensuring its security safeguards your data and user information.
Introducing Security by CleanTalk
To streamline the process of checking your wp-content directory and enhancing your WordPress security, we recommend installing the “Security by CleanTalk” plugin. This comprehensive security plugin offers a wide range of features to protect your website, including:
Real-time Firewall: Defends your site against malicious traffic and hacking attempts in real-time.
Spam Protection: Blocks spam comments and registrations to keep your site’s content clean.
Malware Scanner: Regularly scans your website for malware, vulnerabilities, and unsafe permissions.
Login Page Security: Protects your login page from brute force attacks.
Two-Factor Authentication (2FA): Adds an extra layer of login security for administrators.
IP and Country Blocking: Allows you to block specific IP addresses or entire countries to prevent malicious access.
Security Audit Trails: Keeps a record of all security-related events on your site for monitoring and analysis.
How to Install Security by CleanTalk
Follow these simple steps to install and activate Security by CleanTalk on your WordPress website:
Login to Your WordPress Admin Dashboard: Navigate to your WordPress dashboard by entering your site’s URL followed by “/wp-admin” (e.g., “https://yourwebsite.com/wp-admin“).
Go to Plugins: In the left sidebar, click on “Plugins.”
Add New Plugin: Click the “Add New” button at the top of the Plugins page.
Search for “Security by CleanTalk”: In the search bar, type “Security by CleanTalk” and press Enter.
Install and Activate: When you see the plugin in the search results, click “Install Now,” and then click “Activate” once it’s installed.
Configure Settings: Visit the “Security by CleanTalk” settings page in your WordPress dashboard to configure the plugin’s settings to your liking. Be sure to set up the malware scanner to check your wp-content directory regularly.
Enjoy Enhanced Security: With Security by CleanTalk in place, your WordPress website is now fortified against threats, and your wp-content directory will be regularly monitored for vulnerabilities.
Security by CleanTalk at WordPress.The Malware scanner checked and found an issue with wp-content.The Malware scanner cured files at wp-content.
Conclusion
Regularly checking your wp-content directory is an essential part of maintaining a secure WordPress website. To simplify this process and ensure comprehensive protection for your site, we recommend installing the “Security by CleanTalk” plugin. With its wide range of security features, this plugin will help you safeguard your website, keeping it safe from threats and ensuring the integrity of your wp-content directory.
Don’t leave the security of your WordPress site to chance—take proactive steps today by installing Security by CleanTalk and regularly checking your wp-content folder for peace of mind and a secure online presence.
As a WordPress user let me share my experience of using CAPTCHA less and CAPTCHA style Anti-Spam tools on the example of Contact form 7.
Is reCAPTCHA good or bad for Contact form 7?
Contact Form 7 users may prefer Anti-spam by CleanTalk over reCAPTCHA for several reasons, as each solution has its own advantages and disadvantages. Here are some potential reasons why some users prefer Anti-spam by CleanTalk:
Simplicity: Anti-spam by CleanTalk offers a simpler and more user-friendly solution compared to reCAPTCHA. It doesn’t require users to solve puzzles or click checkboxes, which can be seen as an added step that may deter some visitors from submitting forms.
Reduced User Friction: reCAPTCHA can sometimes lead to a less than ideal user experience, especially for those who find it challenging to complete the visual or interactive challenges. Anti-spam by CleanTalk doesn’t require any user interaction, so it doesn’t add any friction to the form submission process.
Invisible to Users: Anti-spam by CleanTalk works invisibly in the background, so users are not aware of its presence. In contrast, reCAPTCHA typically requires users to complete a task to prove they are not a bot.
Accessibility: Some users have accessibility concerns with reCAPTCHA, as it relies on visual verification. Anti-spam by CleanTalk does not present accessibility challenges in the same way, making it a more inclusive solution.
Accuracy: Anti-spam by CleanTalk uses a combination of methods, including machine learning and a vast database of known spam sources, to identify and block spam submissions. This approach can be effective in detecting and preventing spam without relying on user interaction.
Reduced False Positives: reCAPTCHA, while effective at blocking bots, may occasionally generate false positives, blocking legitimate users. Anti-spam by CleanTalk aims to minimize false positives, ensuring that genuine inquiries are not inadvertently marked as spam.
Customization: Users have the ability to customize Anti-spam by CleanTalk settings to meet their specific needs and preferences, tailoring the spam protection to their site’s requirements.
Integration: Anti-spam by CleanTalk is designed to seamlessly integrate with Contact Form 7 and other popular form plugins, making it easy for users to implement spam protection without significant configuration.
Anti-Spam by CleanTalk
It’s important to note that the choice between Anti-spam by CleanTalk and reCAPTCHA may depend on the specific needs and preferences of individual website owners. Some users may prioritize ease of use and a seamless user experience, while others may prioritize the high level of bot detection offered by reCAPTCHA. Ultimately, the choice between these solutions should align with your website’s goals and the user experience you want to provide. Additionally, some users may opt to use both solutions in combination to enhance spam protection further.
How to install Anti-Spam by CleanTalk?
To install and configure the “Anti-Spam by CleanTalk” WordPress plugin for your website, follow these steps:
1. Log in to Your WordPress Dashboard:
Navigate to your WordPress admin dashboard by entering your site’s URL followed by “/wp-admin” (e.g., “https://yourwebsite.com/wp-admin“).
2. Access the Plugins Section:
In the WordPress dashboard, locate and click on the “Plugins” option in the left-hand menu.
3. Click “Add New”:
On the Plugins page, click the “Add New” button at the top of the screen. This will take you to the Add Plugins page.
4. Search for “Anti-Spam by CleanTalk”:
In the search bar on the Add Plugins page, type “Anti-Spam by CleanTalk” and press Enter. The search results will appear.
5. Install the Plugin:
Locate the “Anti-Spam by CleanTalk” plugin in the search results. Click the “Install Now” button next to the plugin’s name.
6. Activate the Plugin:
After installation, a new button will appear that says “Activate.” Click this button to activate the Anti-Spam by CleanTalk plugin.
7. Enter Your Access Key:
Once the plugin is activated, you’ll need to enter your access key to enable the anti-spam features. You can obtain the access key by signing up for CleanTalk on their website (https://cleantalk.org/) and subscribing to their service. After subscribing, you’ll receive an access key via email.
a. In the WordPress dashboard, go to “Settings” in the left-hand menu.
b. Click on “Anti-Spam by CleanTalk” from the submenu.
c. Enter your access key in the provided field.
d. Click the “Check Access Key” button to validate your access key.
8. Configure Settings:
Once your access key is validated, you can configure the plugin settings according to your preferences. The settings allow you to customize the anti-spam protection for your site, including options for comments, registrations, contact forms, and more.
9. Save Changes:
After configuring your settings, don’t forget to click the “Save Changes” button to apply your chosen anti-spam settings.
10. Verify That It’s Working:
To ensure that the plugin is effectively blocking spam, just use email st********@*****le.com in a contact form 7. You have to see a special response from Anti-Spam by CleanTalk that describes a reason for blocking.
*** Forbidden. Sender blacklisted. ***
Anti-Spam by CleanTalk shows the reason of blocking form submission.
11. Periodic Review:
Periodically review the plugin’s dashboard to check its performance and verify that it’s actively blocking spam submissions. CleanTalk provides statistics on the number of spam attempts blocked.
That’s it! You’ve successfully installed and configured the “Anti-Spam by CleanTalk” plugin on your WordPress website. This plugin will help protect your site from unwanted spam submissions and improve the overall security and user experience of your WordPress site.
