Delegate control of your websites to other accounts at CleanTalk.org.
We’ve been testing this integration since January 6, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.
Lately, we sometimes get questions like “The code samples on GitHub are written in C#, they don’t seem to convert to VB. Do you have any code sample for visual basic ?”
The good news is that now we have! The project below demonstrates how to use the Cleantalk API with VBScript to validate registrations. Feel free to ask any questions – we’re here to help.
This script will automatically detect the form submission event and send the data to the Cleantalk API.
Please note, that the script does not perform any checks, just sends the user’s frontend data (like JavaScirpt state, mouse position etc.) to the API.
Example
VB
<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><title>Register</title><!--Bot-detector JS library wrapper. This script must be added to the HTML of the page.--><script src="https://moderate.cleantalk.org/ct-bot-detector-wrapper.js"></script></head><body><form method="post" action="your_form_handler_script"><label for="user_name">User name</label><label for="user_email">User email</label><input type="text" name="user_name" id="search_field" /><br /><input type="text" name="user_email" id="search_field" /><br /><input type="submit" /></form></body></html>
When you got added the script, the form will be updated with hidden event_token field after the script loaded. This field value you should transfer to VB Script
Once the token is provided in the API request, the VB Script will make the API takes in count the frontend data.
Make note, that data provided on event_token have the higher priority than the data set by optional VB Script setters.
CleanTalk added spam protection for Brave Forms using direct form integration. So in case, you prefer using this type of forms be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect all your contact forms from spam.
Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be Brave Forms but also many others.
To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.
Then enter «CleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».
After installing the plugin, click the «Activate» button.
After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings» button.
That’s it! From now you How to completely protect your Contact Forms from spam.
How to check Brave Forms Spam Protection
You can test the work of Anti-Spam protection for your Contact Forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.
brave
If you have any questions, add a comment and we will be happy to help you.
Create your CleanTalk account – Register now and protect your Contact Forms from spam in 5 minutes
Update
The protection works only for website visitors, not for website admins. Be sure to test the form protection using Incognito mode.
Additional features
CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, reviews.
Installation takes about 1-2 minutes.
Smart 99% protection against spambots.
Always online – 24/7 technical support.
Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.
Discover the complete list of CleanTalk Anti-Spam plugin features here.
We’re excited to introduce a new feature in CleanTalk’s Anti-Spam plugin: custom phrase settings for the Contacts Encoder.
Starting with version 6.52, you can now easily customize the default messages shown during the contact data encoding and decoding process — making the user experience better aligned with your website’s tone and style.
You can edit the following three phrases:
“The magic is on the way, please wait for a few seconds!” Shown while decoding is in progress
“The original one is” Shown right before revealing the contact information
“Decoding the contact data, let us a few seconds to finish.” Displayed while processing contact decryption
These options are available in the plugin’s Contacts Encoder settings, under the Data Processing tab.
Make your contact protection both invisible to bots and friendly to users — now in your own words.
How It Works
You can customize the Contacts Encoder messages by adding a few simple code snippets to your site’s functions.php file. For step-by-step instructions, check the guide [here].
This update helps you create a more personalized and user-friendly experience — while still protecting your contact data from bots and crawlers.
Review forms are among the most vulnerable parts of any website. That’s exactly why, in order to protect them effectively, using a WordPress plugin to stop spam in reviews is not just helpful — it’s essential. If you’re using the Site Reviews plugin for WordPress, you’ve likely seen fake reviews, spammy links, or even automated bots flooding your site.
You just spent 30 minutes deleting 17 fake reviews. And yet, tomorrow, there will likely be 25 more. As a result, it becomes a familiar — and frustrating — cycle that wastes time and drains energy.
Why You Need Spam Protection for Site Reviews in WordPress
Manual moderation quickly becomes unmanageable. Likewise, simply hiding forms doesn’t solve the problem. In both cases, the real issue remains untouched — automated spam submissions from bots and crawlers that specifically target testimonial and review forms.
If you’re searching for a way to stop fake reviews in WordPress, a dedicated anti-spam plugin is the most reliable option.
How CleanTalk Works to Stop Review Spam in WordPress
CleanTalk Anti-Spam provides direct integration with the Site Reviews plugin. It filters every form submission before it’s published, blocking anything suspicious automatically — without affecting real users.
Here’s how CleanTalk helps:
One plugin for all WordPress forms In addition to reviews, CleanTalk also protects comments, contact forms, login forms, and registration pages — offering full-site anti-spam coverage.
Seamless integration with Site Reviews plugin Better yet, CleanTalk automatically detects review forms and works right out of the box — no configuration required.
Stops spam before it hits the WordPress dashboard In fact, you won’t even see the spam. CleanTalk blocks suspicious submissions in real time, keeping your admin panel clean and distraction-free.
Cloud-based filtering with zero impact on site speed Unlike many plugins, CleanTalk does all the processing in the cloud. Your WordPress site stays lightning fast.
Invisible anti-spam protection for users As a result, users won’t encounter any interruptions or confusing fields. Instead, the form remains fast, simple, and easy to complete.
Compatible with any review form setup Whether you use shortcodes, modal popups, or custom implementations, CleanTalk has you covered.
Detailed spam logs and activity reports Easily review what was blocked and why — great for troubleshooting or analytics.
Real Results: Preventing Fake WordPress Reviews
For example, on a WordPress site with over 300 monthly reviews, CleanTalk blocked 87 fake submissions in just one week — all without a single false positive.
Behind the scenes, the plugin filtered spammy review attempts using IP blacklists, content analysis, and behavioral patterns. Meanwhile, real users experienced no interruptions whatsoever.
How to Get Started with CleanTalk Anti-Spam Plugin
Go to your WordPress admin → Plugins → Add New.
site reviews spam for wordpress 1 1
Search for “Spam protection, Anti-Spam, FireWall by CleanTalk.”
site reviews spam for wordpress 2 1
Click Install, then Activate.
site reviews spam for wordpress 3
In plugin settings, click Get Access Key Automatically, then Save Settings.
site reviews spam for wordpress 4
Your Site Reviews plugin is now protected.
Already using WPForms, Contact Form 7, or WooCommerce review forms? CleanTalk works with them too.
Stop Review Spam in WordPress and Protect Your Testimonial Forms Effortlessly
If you’re a small business owner, developer, or store admin, spam reviews can damage credibility and waste time. CleanTalk offers the easiest way to:
Prevent fake reviews from bots and link spammers
Stop spam in WordPress review forms without CAPTCHAs
Improve customer trust by keeping your reviews section clean
Save hours on manual moderation
Don’t wait for your reviews section to be overrun. One plugin. Five minutes. Zero spam
Looking for more ways to reduce fake reviews and spam in WordPress? The WordPress Plugin Directory features hundreds of tools — but very few offer real-time protection like CleanTalk. Choosing a proven solution helps keep your testimonials section clean and trusted.
CleanTalk added spam protection for Paid Membership Subscriptions forms using direct form integration. So in case, you prefer using this type of contact forms be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect all your contact forms from spam.
Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be Paid Membership Subscriptions Forms but also many others.
To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.
Then enter «CleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».
After installing the plugin, click the «Activate» button.
After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings» button.
That’s it! From now you How to completely protect your Contact Forms from spam.
How to check Paid Membership Subscriptions Forms Spam Protection
You can test the work of Anti-Spam protection for your Contact Forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.
screen
If you have any questions, add a comment and we will be happy to help you.
Create your CleanTalk account – Register now and protect your Contact Forms from spam in 5 minutes
Update
The protection works only for website visitors, not for website admins. Be sure to test the form protection using Incognito mode.
Additional features
CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, reviews.
Installation takes about 1-2 minutes.
Smart 99% protection against spambots.
Always online – 24/7 technical support.
Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.
Discover the complete list of CleanTalk Anti-Spam plugin features here.
We’ve decided to investigate the problem and share our findings with you.
How ReCaptcha v3 works
What is a score
Why you might get a score other than 0.9 in ReCaptcha v2
Why you always get a score of 0.9 in ReCaptcha v3
Our testing process
How to get an accurate score in a test environment
CleanTalk’s solutions
Research Objective
Users complain that when testing ReCaptcha v3, they always receive the same score of 0.9. However, in the same environments with ReCaptcha v2, the score varies.
What is a Score?
The score is the result of the ReCaptcha check. The closer it is to 1, the more likely the visitor is human. The closer it is to 0, the more likely the visitor is a bot.
How ReCaptcha v3 Works
Note: The following findings are based on publicly available code and our interpretation.
A user integrates the ReCaptcha script on a form page.
A unique frontend token is added to each form.
The script loads additional obfuscated code.
The obfuscated code collects frontend data (a “black box” not accessible due to Google’s code obfuscation).
Aggregated and encoded data + frontend token is sent to Google’s cloud to get a result token.
The result token is sent to the backend of the testing environment.
The backend validates the token via Google’s API, sending the backend token, result token, and the visitor’s IPaddress.
Based on the score result, the backend environment can decide whether to allow the visitor to proceed.
The backend environment decides whether to allow the visitor to proceed based on the score.
We believe ReCaptcha v3 relies on machine learning based on the traffic environment. The exact decision-making algorithms are proprietary and remain a trade secret of Google.
Why You Get Score <> 0.9 in ReCaptcha v2
ReCaptcha v2 does not use machine learning for decision-making. It operates in one of two modes:
in the user interaction mode (presence of click-the-flag mechanism on the page).
ReCaptcha v3 relies on machine learning based on traffic data. A consistent score of 0.9 indicates the system lacks sufficient data about your typical traffic to make an accurate decision. To avoid false positives, the system grants a 0.9 score to all visitors until trained.
Our Testing Process
Test Environment
A PHP website running WordPress 6.2.
ReCaptcha v3 integrated according to instructions.
Bot
A simple bot created in Python using Selenium.
The bot was run from three IP addresses, emulating the following parameters
headless
user agents
headers
clicks
form submissions
Process
The bot ran for 24 hours, performing sequential visits and form submissions with random parameters.
No live traffic was sent to the site.
Results
All bot requests returned a score of 0.9.
The score did not change over time.
No statistics appeared in Google Analytics. We hypothesize that traffic presence, volume, and quality in Google Analytics may act as a training marker for the ReCaptcha system.
How to Get an Accurate Score in a Test Environment
The recaptcha v3 model assumes long-lasting training on live traffic.
This means that the test environment must be loaded in the same way as the production environment. Which will undoubtedly cause some difficulties in deploying such an environment and getting the payload.
We believe that to get the right score a user will have to turn to testing in a productive environment.
However, the policy of most companies we know of (including CleanTalk of course) restricts any testing in a production environment.
Unfortunately, we couldn’t find specific terms for the duration of training in Google’s official documentation. We believe that the duration of training depends on the following parameters:
Traffic load
Ratio of bots to real users
Percentage of “intelligent” bots among total bot traffic
Without live traffic, no settings or configurations will yield an accurate score in a test environment.
CleanTalk’s Solutions
CleanTalk Check Bot
Decisions are made online without machine learning.
Simpler integration—no need to manually add tokens to forms.
CleanTalk provides a cloud-based anti-spam service for websites, blocking spam in real time without CAPTCHAs. It integrates with CMS platforms like WordPress and Joomla, securing comments, registrations, and contact forms. Features include SpamFireWall to block spambots, email validation, and detailed logs, ensuring seamless protection and improved user experience.
Anti-Spam CleanTalk API
CleanTalk offers a suite of APIs that integrate anti-spam functionalities into various applications. The Anti-Spam API includes methods like
check_newuser() for registration checks;
check_message() for evaluating comments and contact form submissions;
send_feedback() for moderator inputs.
The Database (Blacklists) API provides
spam_check() to verify IP and email records against CleanTalk’s database;
backlinks_check() to detect domains associated with spam;
the ip_info() method returns country codes for IP addresses.
For managing personal lists and uptime monitoring, the Dashboard API offers dedicated methods. These APIs enable developers to enhance their applications’ security and spam prevention capabilities effectively.
The latest update to Malware Auto-Cure System in the CleanTalk Security Plugin introduces significant improvements in threat detection and remediation, ensuring a more effective and reliable security solution.
Fixed the treatment process when a file may contain multiple threats.
Fixed the treatment process when a file can only be partially cured.
Added detailed logging of automatic treatment results.
Added responses to the initiation of manual treatment.
Fixed an issue where a file could never be treated due to missing instructions. Now, if an instruction becomes available after a failed treatment attempt, the treatment will succeed.
The update strengthens our commitment to proactive cybersecurity, reducing infection persistence and ensuring a higher success rate in malware remediation.
CleanTalk added spam protection for FiboSearch Search Forms for WooCommerce in the CleanTalk Anti-Spam plugin using direct form integration. So in case, you prefer using search forms be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect all your contact forms from spam.
Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be FiboSearch but also many others.
