Category: CleanTalk

  • CleanTalk for WordPress Updates: New Features and Improvements in Anti-Spam and Security

    CleanTalk for WordPress Updates: New Features and Improvements in Anti-Spam and Security

    We have released fresh updates for two of our plugins — CleanTalk Anti-Spam and CleanTalk Security for WordPress. In the new versions (v6.59 and v2.159 respectively), we have not only added useful features, but also fixed some issues to make your protection against spam and threats even more effective and stable.

    What’s new in CleanTalk Anti-Spam v6.59 for WordPress


    We have improved the plugin and made several important changes:

    1. Fixed a bug with a honeypot on the WordPress search form
      Starting with WordPress 6.3.0, the search form can be rendered dynamically via JavaScript. This prevented the honeypot field used to detect bots from working correctly. In the update, we have adapted our code to this new logic — now everything works correctly.
    2. Improved Anti-Crawler
      The Anti-Crawler (Bot Protection) function is designed to block suspicious bots that:

    scan the site for vulnerabilities,

    aggressively parse content or images,

    load the server and cause a decrease in site speed.

    Anti-Crawler helps protect site resources from bots. In the new version, we have fixed the issue due to which blocking could not work when using an alternative mechanism for storing data in the database (Store data in the website database).

    More about the function: Anti-Crawler (Bot Protection) checks the visitor on the first visit, and if it is determined to be a suspicious bot, it receives a blocking screen on the second request. Trusted bots (Google, Bing, etc.) are automatically whitelisted.

    1. Added a constant to exclude feeds from Anti-Crawler
      Now you can exclude WordPress feeds from bot checking. How to use https://cleantalk.org/help/anti-crawler-exclusion
      This is useful if you actively use RSS/Atom feeds on your site.
    2. Mailchimp embed forms support
      We have adapted the replacement of Mailchimp embed form values, which made anti-spam protection compatible with these subscription forms.
    3. New hook for anti-spam widget visibility
      Previously, only the administrator could see anti-spam statistics in the admin panel. Now, with the new hook, you can extend access to this data to other roles (for example, editors or SEO specialists).
    4. Integration with QuickCal (Escapion theme)
      If you use the Escapion theme, which includes the QuickCal plugin, the QuickCal form is now automatically protected from spam by CleanTalk.
    5. Improved integration with RegistrationMagic
      Previously, every time a value was entered in a RegistrationMagic form field, a request was made to the anti-spam service, which created an extra load. Now everything is optimized – the request is sent only when the form is fully submitted.
    Dashboard ‹ CleanTalk s blog — WordPress 07 11 2025 03 04 PM
    Dashboard ‹ CleanTalk s blog — WordPress 07 11 2025

    What’s new in CleanTalk Security v2.159 for WordPress

    1. New feature – File editor blocking
      When malicious code is detected, the WordPress file editor is automatically blocked. This helps prevent further infection and prevents attackers from changing other files through the built-in editor. You can manage the modes:
    Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025 03 11 PM
    Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025 03 11 PM

    Auto – the editor is blocked only when there is a threat;

    On – the editor is always disabled;

    Off – blocking is disabled.

    1. SecurityLog – changing user role
      In the security log, you can now change the role of users directly from the interface. This is especially useful for administrators when investigating suspicious activity.
    2. New signature for JS files
      The scanner has been improved for analyzing and detecting malicious code in JavaScript files. This increases the depth and accuracy of site analysis.
    Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025 03 30 PM
    Security by CleanTalk Settings ‹ CleanTalk s blog — WordPress 07 11 2025
    Screenshot 2025 07 11 153046
    CleanTalk changes its role

    How to update
    The update is available in the WordPress.org repository. Just go to the admin panel → Plugins → Update CleanTalk Anti-Spam and Security to the latest versions.

    You can track the changelog here
    https://wordpress.org/plugins/cleantalk-spam-protect/#developers
    https://wordpress.org/plugins/security-malware-firewall/#developers

    If you have any ideas, wishes or want to share feedback – we are always in touch via support. Just write your opinion, questions or suggestions in the comments

  • CleanTalk Anti-Spam is now available for Everest Forms users

    CleanTalk Anti-Spam is now available for Everest Forms users

    I’d love to announce that CleanTalk Anti-Spam technology is now available to Everest forms users as a built-in Anti-Spam solution.

    You can find it under Settings,

    WordPress console -> Everest Forms -> Settings -> Integrations -> CleanTalk
    CleanTalk settings under Everest forms.
    Screenshot 2025 07 11 at 12.53.52 PM

    CleanTalk with Everest forms supports almost same stack of technologies like native Anti-Spam plugin by CleanTalk,

    • Automated filtration bots.
    • Filter spammers by IP, Email, IP networks.
    • Real-time email verification for existence, fake or real email.
    • Anti-Spam logs up to 45 days.
    • Tech support, 27/7.
    • Customize message to forbidden visitors.
    • Delegate control of your websites to other accounts at CleanTalk.org.

    We’ve been testing this integration since May 12th, 2025, it’s firm and stable by now. Anyway, if you have any questions or issues, just drop a message in the comment section down below.

    In order to activate the protection, add a new website to the Dashboard or sign up for an account.

    Have questions? Just drop a message in the comment form down below.

  • Spam Bot xr*******@*****ok.com

    If you have noticed a recent surge in spam from xr*******@*****ok.com, you are dealing with one of the oldest spam threats. Active since May 4, 2018, this spambot continues to attack thousands of websites around the world, flooding forms such as comment sections, registration pages, and contact forms.

    Spam messages from this bot typically contain aggressive advertising content, including offers of suspicious services, questionable products, and outright scams. The bot uses various languages ​​and advertising phrases to attract attention and tries to mislead website visitors.

    The main goal of these spam attacks is to push website visitors to external malicious or fraudulent links, compromise user security, or collect personal data for further spam campaigns.

    xr*******@*****ok.com Spambot – Why it is dangerous

    This spambot uses a vast network of IP addresses around the world, making IP-based blocking ineffective. It uses automation scripts designed to fill out various website forms, bypass major spam filters, and overload your site with unwanted content.

    Current Stats:

    First discovered: May 4, 2018

    Last active: June 25, 2025

    Total websites attacked: 12,789

    Daily spam requests blocked by CleanTalk: ~1,100

    Possible consequences of spam content on your site

    Allowing spam content to appear on your site or responding to spam emails can cause you to face serious problems, including:

    Reputation damage: Visitors who see spam or suspicious content may lose trust in your website and brand.

    Security risks: Spam links often lead to malware, phishing sites, or scams, putting your visitors at risk.

    SEO penalties: Search engines may penalize your site for hosting spam content, significantly reducing your site’s visibility.

    Data Security Threats: Replying to spam emails can expose your email address to further targeted attacks or phishing attempts.

    An effective way to stop spam xr*******@*****ok.com

    CleanTalk Anti-Spam Integration

    CleanTalk works in the background, automatically filtering spam content, fake registrations, and offensive submission forms without annoying CAPTCHAs or complicated settings.

    CleanTalk supports:

    WordPress, Joomla, Drupal, OpenCart, Magento and other popular CMS platforms

    Custom website creation with CleanTalk’s robust API integration

    👉 View CleanTalk installation guide

    Beware of spam with CleanTalk

    CleanTalk provides comprehensive spam protection with:

    ✅ Real-time spam filtering

    ✅ Protection against automated bot submissions

    ✅ No CAPTCHAs or annoying puzzles

    ✅ Real-time email address verification whether the email address exists or not

    Protect your website effortlessly. Install CleanTalk in less than 5 minutes and protect your site from threats like xr*******@*****ok.com.

    👉 Get Started Now

    Stop worrying about spam – let CleanTalk protect your site.

  • Phone numbers encoded by WordPress plugin

    Phone numbers encoded by WordPress plugin

    We’ve extended protection against crawling personal data on public pages. Since version 6.55 plugin encodes phone numbers as well as emails on any public page in your WordPress.

    Encoding works by two switches. Either you turn on global encoding for all content on the site,

    WordPress console -> Settings -> Anti-Spam by CleanTalk -> Advanced Settings -> Encode contact data -> Encode phone numbers.

    Here are full manual how to use this option https://cleantalk.org/help/email-encode

    Or use short code below to encode a specific phone number in article,

    [apbct_encode_data] +1 11*********44 [/apbct_encode_data]

    Here are more details for the short code https://cleantalk.org/help/using-shortcodes-hooks-to-encode-contact-data

    Here is an example of encoded phone number,

    We are happy to assist you at  +1***********30.

    That’s all, phone number is encoded and protected against crawling by spam bots!

    Finally, In the Anti-Spam log track interactions (encoding contact data by real visitors) with contact data on a website. There you find date, time and location of visitors who saw your phone number on a site https://cleantalk.org/my/show_requests

    Track contact data interaction on a site.
    Screenshot 2025 06 20 at 12.49.53 PM

    Have a question? Just drop the comment in the form down below. Cheers!

  • ya**********@***il.com is Sending Spam and Malicious Requests – How to Stop it

    ya**********@***il.com is Sending Spam and Malicious Requests – How to Stop it

    If your site is suddenly inundated with spam from the address ya**********@***il.com, you are not alone. This email is part of a large-scale spam botnet targeting thousands of sites worldwide. The spam it sends is disguised as legitimate customer messages, in different languages, messages like “I would like to know your price”:

    Xin chào, tôi muốn biết giá của bạn.
    Sveiki, aš norėjau sužinoti jūsų kainą.
    Sveiki, es gribēju zināt savu cenu.
    Hola, quería saber tu precio..
    Ciao, volevo sapere il tuo prezzo.
    Hola, volia saber el seu preu.

    Perhaps they are expecting a response from you by email and to receive your email for some further actions with it.

    At CleanTalk, we have detected and blocked this bot since October 10, 2024, and since then it has become one of the most active spammers. Every day, we block about 16,000 spam requests associated with this address on our clients’ websites.

    This email address have been stuck on your blacklist for a while now:

    ya**********@***il.com on **********@***il.com“>CleanTalk blocklist

    yawiviseya gmail com Email spam report 06 26 2025 06 28 PM
    yawiviseya gmail com Email spam report 06 26 2025 06 28 PM

    What is the ya**********@***il.com spambot?


    This spambot is part of an automated system (botnet) that sends spam using rotating IP addresses and scripts. It imitates real users to bypass basic site protections and fills forms with spam content.

    Its purpose: to promote suspicious links, overload your site’s forms, and potentially inject malicious data — all using a disposable email address like ya**********@***il.com.

    Current stats:

    • Detected: October 10, 2024
    • Last seen: June 23, 2025
    • Websites attacked: 8,572
    • Spam requests blocked daily: ~16,000

    How to stop spam from ya**********@***il.com


    The fastest way: use CleanTalk Anti-Spam.
    CleanTalk works silently in the background to filter out spam comments, contact form abuse, fake registrations, and more. It blocks spam email addresses like ya**********@***il.com before they even reach your site.

    CleanTalk is available for:

    WordPress, Joomla, Drupal, OpenCart, Magento, etc.

    Custom websites via API integration.

    👉 CleanTalk Installation Guide

    ya**********@***il.com is part of a widespread spam campaign. Using CleanTalk Anti-Spam and the Personal Blacklist feature, you can block him and similar bots before they harm your site.

    🧩 Want full protection?

    ✅ Blocks fake registrations and spam submissions
    ✅ Filters bots and fake emails in real time
    ✅ No CAPTCHAs or puzzles – clean and fast

    Stay ahead of spam – let CleanTalk handle the bots so you can focus on your content. Protect your site in under 5 minutes.
    👉 Start now

  • WP CLI support in Security by CleanTalk (WordPress plugin)

    WP CLI support in Security by CleanTalk (WordPress plugin)

    We’ve added to Security by CleanTalk support of WP CLI commands. The list of commands,

    • Service setup, including interactions with cloud to get an API key and synchronization.
    • Various settings of the plugin.
    • Settings for templates.
    • Malware scanner commands.

    Full guide with examples is here https://cleantalk.org/help/security-wp-cli

    It works on plugins starting version 2.156 which has been released on May 19, 2025.

    Have questions? Please drop us a message in the comment form down below.

  • Anti-spam protection for WS Form Lite has been released!

    Anti-spam protection for WS Form Lite has been released!

    We have protected one more contact form for WordPress, this is WP Forms lite,

    Anti-Spam by CleanTalk (plugin) protects all kinds of submissions posted through this form against spambots and spam posted by real visitors (with some rate of false/negatives).

    Anyway, to set up the protection follow steps,

    • Download and install WS Form Lite https://wordpress.org/plugins/ws-form/
    • Download and install Anti-Spam by CleanTalk https://cleantalk.org/help/install-wordpress
    • Go to WordPress console -> Settings -> Anti-Spam by CleanTalk.
    • Click ‘GET ACCESS KEY’ button.
    • Wait until the plugin synced data with the cloud.
    • Copy a form short code of from WordPress console -> WS Form -> Forms.
      • For example: [ws_form id=”1″]
    Screenshot 2025 06 16 at 12.46.47 PM
    Screenshot 2025 06 16 at 12.46.47 PM
    • Post the short code in any post/page on your site.
    Screenshot 2025 06 16 at 12.47.05 PM
    Screenshot 2025 06 16 at 12.47.05 PM
    • Go to the page as a regular website visitor (you must be logged out from WordPress console, for example use Anonymous mode in your browser).
    • Test the form with whatever First, Last name and use email st********@****le.com. This is email marked to test “spam” submission.
    • If everything is fine, you have a message,

    *** Forbidden. Sender blacklisted. Anti-Spam by CleanTalk. ***

    Screenshot 2025 06 16 at 12.30.54 PM
    Screenshot 2025 06 16 at 12.30.54 PM

    That’s all. Enjoy spam free website!

  • No more missing GitHub Issues: How to automate task creation when GitHub Issues appear in your GitHub repositories

    No more missing GitHub Issues: How to automate task creation when GitHub Issues appear in your GitHub repositories

    How does it work?

    As soon as someone creates an issue in your GitHub repository, the integration automatically creates a task in the specified project and board in doBoard.

    The task is created on behalf of the user specified in the settings, so the whole team immediately understands who is responsible for processing it.

    Optionally, you can set up notifications in the Telegram chat so that the team immediately learns about all changes in issues.

    A real example from our team

    Previously, we received all notifications about new issues by email, and this was not the most effective solution. Dozens of different emails come every day, and some important tasks could get lost. Sometimes it took several weeks to respond, and this raised legitimate questions from users and slowed down our work.

    Deprecated Optional parameter data declared before required parameter url · Issue 65 · CleanTalk phpbb3 1 3 2 antispam 04 28 2025 04 29 PM
    Deprecated Optional parameter data declared before required parameter url · Issue 65 · CleanTalk phpbb3 1 3 2 antispam 04 28 2025 04 29 PM

    In search of a solution, we considered several options and the most effective solution would be to create tasks in our doBoard project management system. We have developed an integration between GitHub and doBoard using API. Now every new issue immediately becomes a task in doBoard, where it is easy to see, discuss and assign a responsible person. As a result, our team’s response time has been reduced to 1-2 days, which is usually needed to evaluate proposals or discuss details.

    GitHub issue Deprecated Optional parameter data declared before required parameter url created automatically 04 28 2025 04 36 PM
    GitHub issue Deprecated Optional parameter data declared before required parameter url created automatically 04 28 2025 04 36 PM

    Why do we recommend this integration?

    1. No more missed issues: everything appears automatically in doBoard.
    2. It is immediately clear who is doing what: no mess.
    3. No more wasting time sorting mail: tasks appear on their own.

    You can now also automate your work with GitHub Issues using our integration, you won’t need much time to connect your repositories, the package itself and instructions can be found here https://github.com/CleanTalk/github-to-doboard?tab=readme-ov-file.

  • WooCommerce – Get Better Feedback from Customers

    WooCommerce – Get Better Feedback from Customers

    Make your WooCommerce store even better with the Customer Reviews for WooCommerce plugin. Reviews are a huge part of online shopping — up to 97% of customers read reviews before buying. This plugin makes it easy to get feedback, build trust, and encourage repeat purchases.

    Main Features:

    • Automated Review Requests: After a purchase, customers get an email or WhatsApp message with a review form. If they don’t leave a review, they’ll promptly receive a friendly reminder.
    • Spam Protection: The plugin filters out spam and makes sure the reviews are real.
    • SEO-Friendly: In case they forget to leave a review, we’ll kindly follow up with a reminder.
    • Google Shopping Integration: First of all, it integrates seamlessly with Google Shopping, which significantly enhances the visibility and quality of your product listings.
    • Discounts for Reviews: Moreover, you can easily offer discounts via email or WhatsApp as an incentive for customers to leave reviews, helping you build trust and boost engagement.
    • Q&A Section: In addition, a built-in Q&A section appears right on your product pages, allowing you to proactively address customer questions and reduce hesitation during the buying process.
    • Multilingual Support: To begin with, the plugin offers full multilingual support — it works in over 30 languages and is fully compatible with WPML, Polylang, and TranslatePress.
    • Review Verification: Furthermore, the CusRev platform actively verifies each review to ensure authenticity and build customer trust.
    • Easy Import/Export: Lastly, managing your reviews is a breeze — you can effortlessly import and export them whenever needed, saving time and keeping your data organized.

    Why Use Customer Reviews for WooCommerce? 

    Customer reviews can help increase sales and give you feedback to improve your products or services. Start using it today and build trust with your customers!

    How to Install:

    1. Search for “Customer Reviews for WooCommerce” and click.
    2
    1. Сlick “Install and Activate” to get started.
    Дизайн без названия (9)
    Дизайн без названия (9)

    After activation:

    Go to WooCommerce → Settings → Customer Reviews.

    Enable review collection, set up automatic email reminders, and add visual elements like star ratings to enhance the customer experience.

    Дизайн без названия (4)

    Testing the Review Process

    Make a test purchase in your store.

    Check whether the review request email is sent (if you’ve enabled that feature).

    Submit a review as a customer and verify how it appears on the product page — this helps ensure everything looks and works as expected.

    Security and Spam Protection

    Enable the anti-spam filter — you can integrate it with CleanTalk for added protection.

    Make sure it’s not possible to leave a review without making a purchase. If that option is disabled, you’re in great shape.