CleanTalk's blog

Category: CleanTalk

CleanTalk for WordPress Updates: New Features and Improvements in Anti-Spam and Security
We have released fresh updates for two of our plugins — CleanTalk Anti-Spam and CleanTalk Security for WordPress. In the new versions (v6.59 and v2.159 respectively), we have not only added useful features, but also fixed some issues to make your protection against spam and threats even more effective and stable.

What’s new in CleanTalk Anti-Spam v6.59 for WordPress

We have improved the plugin and made several important changes:
1. Fixed a bug with a honeypot on the WordPress search form
  Starting with WordPress 6.3.0, the search form can be rendered dynamically via JavaScript. This prevented the honeypot field used to detect bots from working correctly. In the update, we have adapted our code to this new logic — now everything works correctly.
2. Improved Anti-Crawler
  The Anti-Crawler (Bot Protection) function is designed to block suspicious bots that:
scan the site for vulnerabilities,

aggressively parse content or images,

load the server and cause a decrease in site speed.

Anti-Crawler helps protect site resources from bots. In the new version, we have fixed the issue due to which blocking could not work when using an alternative mechanism for storing data in the database (Store data in the website database).

More about the function: Anti-Crawler (Bot Protection) checks the visitor on the first visit, and if it is determined to be a suspicious bot, it receives a blocking screen on the second request. Trusted bots (Google, Bing, etc.) are automatically whitelisted.
1. Added a constant to exclude feeds from Anti-Crawler
  Now you can exclude WordPress feeds from bot checking. How to use https://cleantalk.org/help/anti-crawler-exclusion
  This is useful if you actively use RSS/Atom feeds on your site.
2. Mailchimp embed forms support
  We have adapted the replacement of Mailchimp embed form values, which made anti-spam protection compatible with these subscription forms.
3. New hook for anti-spam widget visibility
  Previously, only the administrator could see anti-spam statistics in the admin panel. Now, with the new hook, you can extend access to this data to other roles (for example, editors or SEO specialists).
4. Integration with QuickCal (Escapion theme)
  If you use the Escapion theme, which includes the QuickCal plugin, the QuickCal form is now automatically protected from spam by CleanTalk.
5. Improved integration with RegistrationMagic
  Previously, every time a value was entered in a RegistrationMagic form field, a request was made to the anti-spam service, which created an extra load. Now everything is optimized – the request is sent only when the form is fully submitted.
Dashboard ‹ CleanTalk s blog — WordPress 07 11 2025

What’s new in CleanTalk Security v2.159 for WordPress
1. New feature – File editor blocking
  When malicious code is detected, the WordPress file editor is automatically blocked. This helps prevent further infection and prevents attackers from changing other files through the built-in editor. You can manage the modes:
Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025 03 11 PM

Auto – the editor is blocked only when there is a threat;

On – the editor is always disabled;

Off – blocking is disabled.
1. SecurityLog – changing user role
  In the security log, you can now change the role of users directly from the interface. This is especially useful for administrators when investigating suspicious activity.
2. New signature for JS files
  The scanner has been improved for analyzing and detecting malicious code in JavaScript files. This increases the depth and accuracy of site analysis.
Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025

CleanTalk changes its role

How to update
The update is available in the WordPress.org repository. Just go to the admin panel → Plugins → Update CleanTalk Anti-Spam and Security to the latest versions.

You can track the changelog here
https://wordpress.org/plugins/cleantalk-spam-protect/#developers
https://wordpress.org/plugins/security-malware-firewall/#developers

If you have any ideas, wishes or want to share feedback – we are always in touch via support. Just write your opinion, questions or suggestions in the comments
July 11, 2025
CleanTalk Anti-Spam is now available for Everest Forms users
I’d love to announce that CleanTalk Anti-Spam technology is now available to Everest forms users as a built-in Anti-Spam solution.

You can find it under Settings,
```
WordPress console -> Everest Forms -> Settings -> Integrations -> CleanTalk
```
Screenshot 2025 07 11 at 12.53.52 PM

CleanTalk with Everest forms supports almost same stack of technologies like native Anti-Spam plugin by CleanTalk,
- Automated filtration bots.
- Filter spammers by IP, Email, IP networks.
- Real-time email verification for existence, fake or real email.
- Anti-Spam logs up to 45 days.
- Tech support, 27/7.
- Customize message to forbidden visitors.
- Delegate control of your websites to other accounts at CleanTalk.org.
We’ve been testing this integration since May 12th, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.

In order to activate the protection, add a new website to the Dashboard or sign up for an account.

Have questions? Just drop a message in the comment form down below.
July 11, 2025
Spam Bot xr*******@*****ok.com

If you have noticed a recent surge in spam from xr*******@*****ok.com, you are dealing with one of the oldest spam threats. Active since May 4, 2018, this spambot continues to attack thousands of websites around the world, flooding forms such as comment sections, registration pages, and contact forms.

Spam messages from this bot typically contain aggressive advertising content, including offers of suspicious services, questionable products, and outright scams. The bot uses various languages and advertising phrases to attract attention and tries to mislead website visitors.

The main goal of these spam attacks is to push website visitors to external malicious or fraudulent links, compromise user security, or collect personal data for further spam campaigns.

xr*******@*****ok.com Spambot – Why it is dangerous

This spambot uses a vast network of IP addresses around the world, making IP-based blocking ineffective. It uses automation scripts designed to fill out various website forms, bypass major spam filters, and overload your site with unwanted content.

Current Stats:

First discovered: May 4, 2018

Last active: June 25, 2025

Total websites attacked: 12,789

Daily spam requests blocked by CleanTalk: ~1,100

Possible consequences of spam content on your site

Allowing spam content to appear on your site or responding to spam emails can cause you to face serious problems, including:

Reputation damage: Visitors who see spam or suspicious content may lose trust in your website and brand.

Security risks: Spam links often lead to malware, phishing sites, or scams, putting your visitors at risk.

SEO penalties: Search engines may penalize your site for hosting spam content, significantly reducing your site’s visibility.

Data Security Threats: Replying to spam emails can expose your email address to further targeted attacks or phishing attempts.

An effective way to stop spam xr*******@*****ok.com

CleanTalk Anti-Spam Integration

CleanTalk works in the background, automatically filtering spam content, fake registrations, and offensive submission forms without annoying CAPTCHAs or complicated settings.

CleanTalk supports:

WordPress, Joomla, Drupal, OpenCart, Magento and other popular CMS platforms

Custom website creation with CleanTalk’s robust API integration

👉 View CleanTalk installation guide

Beware of spam with CleanTalk

CleanTalk provides comprehensive spam protection with:

✅ Real-time spam filtering

✅ Protection against automated bot submissions

✅ No CAPTCHAs or annoying puzzles

✅ Real-time email address verification whether the email address exists or not

Protect your website effortlessly. Install CleanTalk in less than 5 minutes and protect your site from threats like xr*******@*****ok.com.

👉 Get Started Now

Stop worrying about spam – let CleanTalk protect your site.

July 1, 2025
Phone numbers encoded by WordPress plugin
We’ve extended protection against crawling personal data on public pages. Since version 6.55 plugin encodes phone numbers as well as emails on any public page in your WordPress.

Encoding works by two switches. Either you turn on global encoding for all content on the site,
```
WordPress console -> Settings -> Anti-Spam by CleanTalk -> Advanced Settings -> Encode contact data -> Encode phone numbers.
```
Here are full manual how to use this option https://cleantalk.org/help/email-encode

Or use short code below to encode a specific phone number in article,
```
[apbct_encode_data] +1 11*********44 [/apbct_encode_data]
```
Here are more details for the short code https://cleantalk.org/help/using-shortcodes-hooks-to-encode-contact-data

Here is an example of encoded phone number,

We are happy to assist you at +1***********30.

That’s all, phone number is encoded and protected against crawling by spam bots!

Finally, In the Anti-Spam log track interactions (encoding contact data by real visitors) with contact data on a website. There you find date, time and location of visitors who saw your phone number on a site https://cleantalk.org/my/show_requests

Screenshot 2025 06 20 at 12.49.53 PM

Have a question? Just drop the comment in the form down below. Cheers!
June 25, 2025
ya**********@***il.com is Sending Spam and Malicious Requests – How to Stop it
If your site is suddenly inundated with spam from the address ya**********@***il.com, you are not alone. This email is part of a large-scale spam botnet targeting thousands of sites worldwide. The spam it sends is disguised as legitimate customer messages, in different languages, messages like “I would like to know your price”:

Xin chào, tôi muốn biết giá của bạn.
Sveiki, aš norėjau sužinoti jūsų kainą.
Sveiki, es gribēju zināt savu cenu.
Hola, quería saber tu precio..
Ciao, volevo sapere il tuo prezzo.
Hola, volia saber el seu preu.

Perhaps they are expecting a response from you by email and to receive your email for some further actions with it.

At CleanTalk, we have detected and blocked this bot since October 10, 2024, and since then it has become one of the most active spammers. Every day, we block about 16,000 spam requests associated with this address on our clients’ websites.

This email address have been stuck on your blacklist for a while now:

ya**********@***il.com on **********@***il.com“>CleanTalk blocklist

yawiviseya gmail com Email spam report 06 26 2025 06 28 PM

What is the ya**********@***il.com spambot?

This spambot is part of an automated system (botnet) that sends spam using rotating IP addresses and scripts. It imitates real users to bypass basic site protections and fills forms with spam content.

Its purpose: to promote suspicious links, overload your site’s forms, and potentially inject malicious data — all using a disposable email address like ya**********@***il.com.

Current stats:
- Detected: October 10, 2024
- Last seen: June 23, 2025
- Websites attacked: 8,572
- Spam requests blocked daily: ~16,000
How to stop spam from ya**********@***il.com

The fastest way: use CleanTalk Anti-Spam.
CleanTalk works silently in the background to filter out spam comments, contact form abuse, fake registrations, and more. It blocks spam email addresses like ya**********@***il.com before they even reach your site.

CleanTalk is available for:

WordPress, Joomla, Drupal, OpenCart, Magento, etc.

Custom websites via API integration.

👉 CleanTalk Installation Guide

ya**********@***il.com is part of a widespread spam campaign. Using CleanTalk Anti-Spam and the Personal Blacklist feature, you can block him and similar bots before they harm your site.

🧩 Want full protection?

✅ Blocks fake registrations and spam submissions
✅ Filters bots and fake emails in real time
✅ No CAPTCHAs or puzzles – clean and fast

Stay ahead of spam – let CleanTalk handle the bots so you can focus on your content. Protect your site in under 5 minutes.
👉 Start now
June 23, 2025
WP CLI support in Security by CleanTalk (WordPress plugin)
We’ve added to Security by CleanTalk support of WP CLI commands. The list of commands,
- Service setup, including interactions with cloud to get an API key and synchronization.
- Various settings of the plugin.
- Settings for templates.
- Malware scanner commands.
Full guide with examples is here https://cleantalk.org/help/security-wp-cli

It works on plugins starting version 2.156 which has been released on May 19, 2025.

Have questions? Please drop us a message in the comment form down below.
June 23, 2025
Anti-spam protection for WS Form Lite has been released!
We have protected one more contact form for WordPress, this is WP Forms lite,

WS Form LITE – Drag & Drop Contact Form Builder for WordPress

Anti-Spam by CleanTalk (plugin) protects all kinds of submissions posted through this form against spambots and spam posted by real visitors (with some rate of false/negatives).

Anyway, to set up the protection follow steps,
- Download and install WS Form Lite https://wordpress.org/plugins/ws-form/
- Download and install Anti-Spam by CleanTalk https://cleantalk.org/help/install-wordpress
- Go to WordPress console -> Settings -> Anti-Spam by CleanTalk.
- Click ‘GET ACCESS KEY’ button.
- Wait until the plugin synced data with the cloud.
- Copy a form short code of from WordPress console -> WS Form -> Forms.
  - For example: [ws_form id=”1″]
Screenshot 2025 06 16 at 12.46.47 PM
- Post the short code in any post/page on your site.
Screenshot 2025 06 16 at 12.47.05 PM
- Go to the page as a regular website visitor (you must be logged out from WordPress console, for example use Anonymous mode in your browser).
- Test the form with whatever First, Last name and use email st********@****le.com. This is email marked to test “spam” submission.
- If everything is fine, you have a message,
*** Forbidden. Sender blacklisted. Anti-Spam by CleanTalk. ***

Screenshot 2025 06 16 at 12.30.54 PM
- If not, just ask us here https://cleantalk.org/my/support/open
That’s all. Enjoy spam free website!
June 16, 2025
Stop Spam in Ultimate Member
Stop Spam in Ultimate Member and Protect Your WordPress Community

If you’re using Ultimate Member, having strong spam protection is essential to keeping your WordPress membership site or online community secure. Managing user registrations is a key part of your daily workflow — and without proper Ultimate Member spam protection, your site can quickly become a target for fake sign-ups and spam accounts.

These fake registrations don’t just waste your time — they slow down your site, overload your database, and damage your brand’s reputation. If you’re looking to block spam registrations in WordPress, or searching for the best way to Stop-Spam-in-Ultimate Member, the CleanTalk anti-spam plugin is a smart, reliable solution.

Without solid protection, your WordPress community stays vulnerable to bots and fake users. Whether you’re running a private network, a public forum, or a membership directory, you need strong WordPress membership plugin security. CleanTalk handles the spam for you, giving you more time to focus on building a safe, engaged community.

Stop Spam in Ultimate Member: Why You Can’t Rely on Basic Spam Protection Anymore

While Ultimate Member offers features like email verification and manual approval, they aren’t enough to prevent spam registrations in WordPress — especially as bots become more advanced. If you’re looking for a reliable way to Stop-Spam-in-Ultimate Member, you’ll need more than just the built-in tools.

Modern spambots can:
- Rotate IP addresses to avoid detection
- Use disposable emails to bypass verification
- Overload your site with fake registrations in seconds
Even if you rely on basic protections, these tactics can still slip through, resulting in wasted time and unnecessary site clutter.

If you’re tired of dealing with fake registrations, it’s time to upgrade your protection. CleanTalk provides a seamless solution that works quietly in the background, allowing you to focus on what really matters — growing and managing your WordPress community.matters.

What You Really Need to Protect Your WordPress Community

To truly secure your site and keep it fast and user-friendly, you need a solution that:
- Blocks spam registrations automatically
- Maintains high site performance
- Seamlessly protects your Ultimate Member registration and login forms
- Works without disrupting legitimate users
This is where CleanTalk stands out as a smart and scalable solution. It’s designed to protect your community while allowing real users to sign up with ease.

With CleanTalk, your site remains spam-free without interrupting the experience for genuine visitors. Start using CleanTalk today and make your community management hassle-free!

How to Set Up CleanTalk with Ultimate Member

Setting up CleanTalk is quick and easy:
1. Install the CleanTalk Anti-Spam plugin from your WordPress dashboard.
2. Register at cleantalk.org and get your personal API key.
3. Go to Settings → Anti-Spam by CleanTalk in WordPress, and paste your API key.
4. In the Settings of CleanTalk, enable the following options :
Once you’ve completed the setup, CleanTalk will automatically begin blocking fake users — no extra effort needed.

Want a spam-free site with minimal effort? Get started with CleanTalk now!

What to Expect After Enabling CleanTalk

After activating CleanTalk, you’ll notice several key improvements:
- Spam registrations are blocked before they can take root, meaning your database stays cleaner and more organized
- Your website will perform better, since spam accounts no longer clutter your system
- You’ll spend less time on moderation and more time engaging with your real users
- The user experience remains smooth, with no extra steps required for genuine visitors
These benefits are all designed to help you run a cleaner, faster site without worrying about spam.

Test: Submit a Fake Spam Registration

Visit your site’s registration page . Fill out the form using the following test credentials: name — Test, email — st********@*****le.com, and password — Test1234. Submit the form. If everything is working correctly, you should receive an error message such as “Spam detected” or “Forbidden,” and the user should not be registered.

If you don’t see any message or the registration still goes through, it might indicate that CleanTalk is not properly integrated. Please contact our support team for help: su*****@*******lk.org

Check CleanTalk Logs:
1. Go to your CleanTalk Spam Logs
2. Filter by:
  - Type: Registration
  - Email: st********@*****le.com
3. You should see your test attempt marked as Blocked
Example result:

Conclusion: Ultimate Member + CleanTalk = Clean, Fast, and Secure Community

Ultimate Member is a fantastic tool for building your community, but without proper protection from bots and spam, you’re leaving your site vulnerable.

By using CleanTalk, you can block fake registrations before they even reach your system, keeping your site fast, secure, and user-friendly.

With CleanTalk running in the background, you can focus on what matters most: building your community and providing a seamless user experience for your legitimate visitors. Protect your WordPress membership site today and ensure it stays clean and secure.

Get started with CleanTalk now and enjoy a spam-free site with improved performance and security!

For more details about Ultimate Member, feel free to check out the link.
May 13, 2025
No more missing GitHub Issues: How to automate task creation when GitHub Issues appear in your GitHub repositories
How does it work?

As soon as someone creates an issue in your GitHub repository, the integration automatically creates a task in the specified project and board in doBoard.

The task is created on behalf of the user specified in the settings, so the whole team immediately understands who is responsible for processing it.

Optionally, you can set up notifications in the Telegram chat so that the team immediately learns about all changes in issues.

A real example from our team

Previously, we received all notifications about new issues by email, and this was not the most effective solution. Dozens of different emails come every day, and some important tasks could get lost. Sometimes it took several weeks to respond, and this raised legitimate questions from users and slowed down our work.

Deprecated Optional parameter data declared before required parameter url · Issue 65 · CleanTalk phpbb3 1 3 2 antispam 04 28 2025 04 29 PM

In search of a solution, we considered several options and the most effective solution would be to create tasks in our doBoard project management system. We have developed an integration between GitHub and doBoard using API. Now every new issue immediately becomes a task in doBoard, where it is easy to see, discuss and assign a responsible person. As a result, our team’s response time has been reduced to 1-2 days, which is usually needed to evaluate proposals or discuss details.

GitHub issue Deprecated Optional parameter data declared before required parameter url created automatically 04 28 2025 04 36 PM

Why do we recommend this integration?
1. No more missed issues: everything appears automatically in doBoard.
2. It is immediately clear who is doing what: no mess.
3. No more wasting time sorting mail: tasks appear on their own.
You can now also automate your work with GitHub Issues using our integration, you won’t need much time to connect your repositories, the package itself and instructions can be found here https://github.com/CleanTalk/github-to-doboard?tab=readme-ov-file.
April 28, 2025
WooCommerce – Get Better Feedback from Customers
Make your WooCommerce store even better with the Customer Reviews for WooCommerce plugin. Reviews are a huge part of online shopping — up to 97% of customers read reviews before buying. This plugin makes it easy to get feedback, build trust, and encourage repeat purchases.

Main Features:
- Automated Review Requests: After a purchase, customers get an email or WhatsApp message with a review form. If they don’t leave a review, they’ll promptly receive a friendly reminder.
- Spam Protection: The plugin filters out spam and makes sure the reviews are real.
- SEO-Friendly: In case they forget to leave a review, we’ll kindly follow up with a reminder.
- Google Shopping Integration: First of all, it integrates seamlessly with Google Shopping, which significantly enhances the visibility and quality of your product listings.
- Discounts for Reviews: Moreover, you can easily offer discounts via email or WhatsApp as an incentive for customers to leave reviews, helping you build trust and boost engagement.
- Q&A Section: In addition, a built-in Q&A section appears right on your product pages, allowing you to proactively address customer questions and reduce hesitation during the buying process.
- Multilingual Support: To begin with, the plugin offers full multilingual support — it works in over 30 languages and is fully compatible with WPML, Polylang, and TranslatePress.
- Review Verification: Furthermore, the CusRev platform actively verifies each review to ensure authenticity and build customer trust.
- Easy Import/Export: Lastly, managing your reviews is a breeze — you can effortlessly import and export them whenever needed, saving time and keeping your data organized.
Why Use Customer Reviews for WooCommerce?

Customer reviews can help increase sales and give you feedback to improve your products or services. Start using it today and build trust with your customers!

How to Install:
1. Search for “Customer Reviews for WooCommerce” and click.
1. Сlick “Install and Activate” to get started.
Дизайн без названия (9)

After activation:

Go to WooCommerce → Settings → Customer Reviews.

Enable review collection, set up automatic email reminders, and add visual elements like star ratings to enhance the customer experience.

Testing the Review Process

Make a test purchase in your store.

Check whether the review request email is sent (if you’ve enabled that feature).

Submit a review as a customer and verify how it appears on the product page — this helps ensure everything looks and works as expected.

Security and Spam Protection

Enable the anti-spam filter — you can integrate it with CleanTalk for added protection.

Make sure it’s not possible to leave a review without making a purchase. If that option is disabled, you’re in great shape.
April 16, 2025

CleanTalk

Sign up / Sign in

Solutions

Anti-Spam for websitee

Filter fake emails

Hide contact data

Stop spam emails in Contact form 7 (CF7)

Stop spam in Elementor form builder

Stop spam in WPForms

Website malware scanner

WordPress Security & Firewall Plugin

Documentation

License agreement

Signs of Malware

Contact us

Create a support ticket