CleanTalk's blog

Category: CleanTalk

Improved Accuracy in Your Personal Area Widget
We’ve been busy bees making your personal area widget even more helpful. Now you’ll have a clearer picture of how we’re protecting your site from spam. And a special shout-out to those of you who shared your thoughts – your feedback is what helps us make these improvements!
1. Clearer Spam Count: The “blocked spam” count now specifically reflects the number of spam requests blocked over the past year. This provides a more relevant overview of your spam protection activity.
2. Comprehensive Data: The graph now includes data from both Anti-Spam and SpamFireWall, giving you a complete picture of all blocked requests. This helps you better understand the overall effectiveness of your security measures.
1. Precise Terminology: We’ve updated the widget’s wording to be more accurate and avoid confusion.
  1. The widget title has also been updated to “7 days Anti-Spam and SpamFireWall stats”
  2. “Spam attacks” has been changed to “Requests were blocked by Anti-Spam and SpamFireWall”
  3. “Spam blocked” in the legend is now “Requests blocked”
We’re excited about these changes because it means you can relax knowing you’ve got a clear picture of your spam protection and any potential trouble brewing. And this is all thanks to your awesome feedback! We love working together to make things better.

We’re on a mission to make your experience top-notch, and you’re a big part of that! Your feedback helps us steer the ship in the right direction. So if you ever have a suggestion or spot something that could be better, don’t hesitate to let our support team know. We’re a team, and we love working together to make things awesome!
November 1, 2024
Bots and Your Website: How Much of Your Traffic is Fake?
Not all your website traffic is genuine. Hidden within your analytics are bots – automated programs that can mimic human behavior. Think of them like little robots that visit your website and pretend to be people. While some bots are harmless (like the ones that help Google find your site), others can cause trouble. They can clog up your contact forms with spam, create fake accounts, and even place phony orders. Those fake traffic bots are like a bunch of party crashers at your online store who aren’t there to buy anything, just to cause a mess!

Just how big is this problem?

Well, studies show that up to 30% of all web traffic might actually be bots! That means almost one in three “visitors” to your site might not be a real person. And when it comes to contact forms, things get even worse. Experts say that up to 40% of all form submissions could be spam generated by bots. That’s a lot of wasted time and effort dealing with junk! Even registrations and orders can be affected, with estimates suggesting that 10% of new accounts and 5% of online orders could be fake.

Why should you care?

These sneaky bots can cause a lot of headaches for businesses. They can:
- Waste your time: Dealing with spam messages and fake accounts takes time and effort away from real customers.
- Mess up your data: Bots can make your website statistics unreliable, making it harder to understand how real people are using your site.
- Hurt your reputation: If your contact form is full of spam, it makes your business look unprofessional.
- Cost you money: Fake orders can lead to financial losses and logistical nightmares.
So, what can you do about it?

Imagine having a super-smart bouncer for your website, someone who can spot fake traffic bots before they even get through the door. That’s what CleanTalk Anti-Spam and Security plugins do! They’re like a 24/7 security team dedicated to keeping your website safe and clean.

Here’s how CleanTalk helps protect your forms and keeps spam away:
- CleanTalk is a pro at protecting all kinds of forms on your website, from contact forms to registration forms and even order forms. It checks every submission to make sure it’s from a real person, not a spam bot trying to cause trouble.
- CleanTalk can even help you get rid of spam that’s already on your website. It can scan your comments and other content to find and remove those spam links that bots leave behind.
CleanTalk is like having a dedicated team of experts protecting your website, making sure your forms are safe, your content is clean, and those pesky bots are kept far, far away
October 30, 2024
Moving On: A Farewell to UNI/UniForce
Hey everyone,

We’ve got some news about our UNI/UniForce product line, and while it might not be the easiest thing to share, we wanted to be upfront and personal with you all about it.

Here’s the deal: we’ve decided to sunset UNI/UniForce. What does that mean exactly?
- November 1st, 2024: This is the day we’re putting a pause on active development.
- November 1st, 2025: This is the official end-of-life date for UNI/UniForce. After this point, we won’t be able to provide technical support for it anymore.
We know this might come as a surprise, and we truly appreciate you sticking with us and using UNI/UniForce. This wasn’t a decision we made lightly. Sometimes, in the tech world, we have to make choices about where to focus our energy to build the best possible future.

What happens next?

We understand that you might be looking for a replacement solution. Great news! CleanTalk offers a robust set of APIs that can be integrated into a wide variety of applications. You can find out more about CleanTalk’s API options and how they can help protect your projects here: https://cleantalk.org/help/api-cleantalk-all

CleanTalk also provides a powerful blacklist checking tool that allows you to instantly verify if an IP address, email address, subnet, or domain is listed on any major blacklists. This can be a valuable resource for maintaining your security and reputation. Give it a try here: https://cleantalk.org/blacklists

If you have any questions about this transition or need help exploring alternatives, please don’t hesitate to reach out to our support team. They’re always happy to help!

Thanks for being awesome!
October 28, 2024
WordCamp US 2024
Let share a few notes from WCUS2024,
1. Disney moved a few dozens of websites to WordPress. They use SEO to measure value of content/posts, looks like the trust algorithms of search engines to confirm valuables of sites. Here are examples,
  - https://disneyconnect.com/
  - https://disneyparksblog.com/
2. There was a such interesting case of rebuilding https://www.recipetineats.com by https://humanmade.com. They’ve boosted site views from 25M/month to 45M/month. Key moments,
  - Hosting, backend and frontend improvements returned up to 20% of boost.
  - Added schemas for recipes.
  - Used X-Ray to track PHP code. I hope this is link is correct https://github.com/aws-observability/aws-otel-php link to home page of the project.
  - Moved the site to enterprise ready plugins. Under ‘enterprise ready’ they mean superfast, secure and maintainable plugins.
  - They used old platform and design during the rebuilding. They had good data to compare results before and after the project was done.
3. Elementor uses Patchstack to validate reports about vulnerabilities. Elementor has its own ecosystem for working with other plugins; according to them, every 30th plugin created on wordpress.org operates within this ecosystem.
4. Gravatar they are working on creating a “network” profile, not just an avatar. In the future, they see themselves as a Single Sign-On provider. It’s interesting why websites do not widely use Facebook/X for the same purpose—I’m referring to the idea of a network profile. An example of a network profile is https://gravatar.com/ronnie.
  - They updated the plugin for the first time in 12 years: https://wordpress.org/plugins/gravatar-enhanced/#description.
  - I would like something similar on our blog and research.
5. I spoke with 6-7 participants, and 3 of them use CleanTalk. Some were even surprised—why aren’t we showcasing our work? 🙂
Bonus

I’ve found a few scenery locations in Portland, OR, here are photos of them as well as me and some of our customers. Thank you guys for a great camp!

Timothy and Zach from BigScoots.

Portland Japanese Garden.

PDX.

NorhtBridge burger in Bdridgetown BBQ. The best burger I ever had!

Jonahtan and co from Kiinsta.

Steel Bridge.
October 24, 2024
PAYG is no longer used in adding extra website

The Pay-As-You-Go payment method will no longer be used when adding extra websites to your Anti-Spam or Security license. When you need to add an extra website and no free slots are left in your current license, your plan will be automatically upgraded.

If you have any questions feel free to ask a question in the comments below or create a private ticket.

October 11, 2024
The Real Person Badge – the Anti-Spam New Feature

Bots are among us all over the internet. They visit websites, gather information, and write comments and reviews. So how do you distinguish such a bot from a real comment or review author? That’s where The Real Person appears.

The Real Person is a benchmark system for WordPress that separates real users from bots. It shows a special badge for the author of a comment or review, that the author passed all Anti-Spam filters and acts as a real person. As well as his email is also confirmed to exist.

Here’s an example of what The Real Person badge looks like on a WordPress website. You can also see the live badge in the comments below the post.

The Real Person is free and is a part of the Anti-Spam protection cloud service.

How to enable the feature

The feature is disabled by default. To enable it follow the short guide.

Don’t forget to check The Real Person badge in the comments below ↓

October 4, 2024
Service outage on September 19th

Dear CleanTalk Clients,

We have experienced a service outage that lasted approximately 12 hours and 15 minutes. Due to a failure with one of our servers, there was no connection from 5:15 PM (GMT0) on September 19th to 5:30 AM (GMT0) on September 20th. As a result, some spam attacks could be missed by our anti-spam plugins and reached backend of sites.

We are pleased to announce that the issue has been resolved and full service has been restored. Our team is now working to address any potential consequences of the outage and implement measures to prevent similar occurrences in the future.

September 20, 2024
Alerts vs Action: Update on the Malware Scanner by CleanTalk

We wanted to give you a heads-up about a small but important change regarding the differences between our Malware Scanner by CleanTalk trial and premium versions. Don’t worry, it’s nothing too big, but it is important. So, straight to business!

Here’s the thing: the trial version of our scanner is like having a super vigilant friend keeping an eye on your website 24/7. You know, that one friend who always spots trouble from a mile away? It’s constantly on the lookout, scouring every nook and cranny of your site for any signs of malware.

But, while our trial version is good at playing detective and searching for potential threats, it stays an alarm system. It will alert you to danger, but won’t chase it away.

Now, this is where our premium plan comes in. Imagine upgrading from that vigilant friend to a cyber-security superhero. Now malware isn’t only bound to be detected — it’s bound to be cured! You’re not just getting alerts — you’re getting instant healing.

So, while our trial version still shows its ability to keep an eye out for potential issues, your next-level problem-solving and peace of mind start with the paid plan.

We appreciate you taking the time to read this, and we want you to know how much we value having you as part of the CleanTalk family. Your online safety is our top priority, and we’re always working on ways to keep your website happy, healthy, and malware-free!

Questions? Concerns? Just a sudden urge to chat about web security? Don’t hesitate to reach out. We’re always here for you — and we love a good tech talk!

Stay awesome!

Update by September 6, 2024

Check this guide to identify a malware on WordPress.

August 28, 2024
How to Detect VPN IPs with CleanTalk BlackLists Database
In today’s digital world, ensuring the security and integrity of your website is paramount. One crucial aspect of this is detecting and managing traffic from VPNs (Virtual Private Networks). VPNs can be used for legitimate purposes, but they are also frequently used by spammers and malicious actors to mask their identities. CleanTalk’s BlackLists Database offers a powerful tool for identifying and managing VPN traffic. This guide will walk you through the process of detecting VPN IPs using CleanTalk BlackLists Database.

Why is it Important to Detect VPN Traffic?

Detecting VPN traffic is essential for several reasons:

Enhanced Security: VPNs can be used by malicious actors to hide their true IP addresses, making it harder to track their activities. By identifying and managing VPN traffic, you can better protect your website from potential threats.
Spam and Hacking Prevention: Spammers often use VPNs to bypass IP-based spam filters. Detecting VPN traffic helps in reducing spam submissions and maintaining the quality of user interactions on your site.
Accurate Analytics: VPNs can skew your website analytics by masking the true geographic locations of visitors. Identifying VPN traffic helps in maintaining more accurate visitor data.
CleanTalk BlackLists Database for VPN and Malicious Traffic Detection
CleanTalk’s BlackLists Database provides a comprehensive resource for identifying VPNs, hosting services, and other potentially harmful network types. The database includes information on the type of network, spam frequency, and whether the IP has been involved in spam or malicious activities.

Here’s an example of a response from the CleanTalk API:
```
{
  "data": {
    "IP_ADDRESS": {
      "domains_count": 0,
      "domains_list": null,
      "in_antispam_previous": 0,
      "spam_frequency_24h": 0,
      "spam_rate": 1,
      "in_security": 1,
      "country": "US",
      "in_antispam": 1,
      "frequency": 33,
      "in_antispam_updated": "2024-07-28 05:40:40",
      "updated": "2024-07-28 16:40:43",
      "appears": 1,
      "network_type": "hosting",
      "submitted": "2022-08-22 00:15:40",
      "sha256": "69b4bf5e24594462df40c591636ed9ad3438e8f2d6284069d0c71e8c0ee8a9ad"
    }
  }
}
```
In this response, the network_type is “hosting,” which often overlaps with VPN. For TOR networks, network_type will be ”tor”. For more accurate detection of traffic from VPN addresses, we recommend using the parameter in our API “network_type”. For networks belonging to VPN services, it will have the value “network_type”: “paid_vpn”. However, we also recommend using the “hosting” network type for more accurate traffic detection.

Some examples of IP types:
https://cleantalk.org/blacklists/85.192.161.161 IP type is not indefined
https://cleantalk.org/blacklists/67.223.118.81 IP is belongs to the hosting network type
https://cleantalk.org/blacklists/109.70.100.1 IP is belongs to the network TOR type
https://cleantalk.org/blacklists/66.249.64.25 IP is belongs to the network type good_bots (this is Google search bot).

Accessing CleanTalk BlackLists Database

You can access the CleanTalk BlackLists DataBase in two ways:
1. API Access: The API provides real-time updates and allows you to query IP addresses on demand. This is ideal for applications requiring the most up-to-date information.
2. Database Files: You can also download database files, which are updated hourly. This method is suitable for offline processing or bulk operations.
For detailed pricing information and access levels, visit CleanTalk’s pricing page.

Integration Capabilities

Example Code for Checking VPN IPs Using CleanTalk API
This example demonstrates how to use the CleanTalk API to check IP addresses and block traffic based on specific conditions.

Logic of the Check:
1. If the network type is neither “hosting” nor “good_bots”, block the IP address if the data was updated within the last 7 days and the spam frequency is greater than 5.
2. Block IP addresses if the network type is “hosting”, “paid_vpn” or “tor”.
3. Allow IP addresses if the network type is “good_bots”.
```
import requests
import datetime

API_KEY = 'your_api_key'
IP_ADDRESS = 'IP_ADDRESS'

response = requests.get(f'https://api.cleantalk.org/?method_name=spam_check&auth_key={API_KEY}&ip={IP_ADDRESS}')
data = response.json()

ip_info = data['data'][IP_ADDRESS]
network_type = ip_info['network_type']
updated_date = datetime.datetime.strptime(ip_info['updated'], '%Y-%m-%d %H:%M:%S')
frequency = ip_info['frequency']

# Check logic
if network_type in ['hosting', 'tor', 'paid_vpn']:
    print("Block this IP address")
elif network_type == 'good_bots':
    print("Allow this IP address")
elif (network_type != 'hosting' and network_type != 'good_bots' and 
      (datetime.datetime.now() - updated_date).days <= 7 and frequency > 5):
    print("Block this IP address")
else:
    print("Allow this IP address")
```
Description of the Logic Fetching Data from CleanTalk API:
1. A request is sent to the CleanTalk API to get information about the IP address.
2. The JSON response is parsed to extract information about the IP address.

Checking Network Type:
1. If network_type is “hosting”, “paid_vpn” or “tor”, the IP address is blocked.
2. If network_type is “good_bots”, the IP address is allowed.

Additional Check:
1. If the network type is neither “hosting” nor “good_bots”, the updated_date and frequency are checked.
2. If the data was updated within the last 7 days and the spam frequency is greater than 5, the IP address is blocked.
3. Otherwise, the IP address is allowed.
This code allows you to configure traffic filtering based on the network type and other parameters provided by the CleanTalk API, ensuring the security of your site and preventing unwanted traffic. You can learn more about using the spam_check API here https://cleantalk.org/help/api-spam-check.

Benefits of Using CleanTalk for VPN Detection

Using CleanTalk for VPN detection offers several advantages:
1. Comprehensive Coverage: CleanTalk’s database covers a wide range of IP addresses, including those used by VPNs, hosting services, and other potentially harmful networks.
2. Real-Time Data: The API provides real-time data, ensuring you always have the most current information.
3. Easy Integration: CleanTalk’s solutions are easy to integrate into your existing systems, offering flexibility and customization based on your specific needs.
4. Enhanced Security: By effectively identifying and managing VPN traffic, you can better protect your website from spam, fraud, and other malicious activities.
For more information about CleanTalk BlackLists Database, visit CleanTalk BlackLists.

Detecting VPN IPs is crucial for maintaining the security and integrity of your website. CleanTalk’s BlackLists Database provides a robust solution for identifying and managing VPN traffic. With real-time API access and comprehensive database files, you can ensure your site remains secure and spam-free. Explore CleanTalk’s pricing options to find the right plan for your needs and start protecting your site today.
August 2, 2024
Payment Issue Alert: Important Information and Our Actions to Resolve It
We’ve found a glitch in our payment system that messed up PayPal payments for about 300 of you who paid between May 1 and July 18. Some debit and credit cards didn’t get charged right. We understand fully that the problem is on our side. The team is working hard to fix things and make it right for everyone affected.

We’ve sent emails to people whose payments were wrong. You can also check your payment history to see if anything’s missing. We’ve marked the payments that didn’t go through.

What We Did
1. We’ve made sure you can continue using your account without interruption.
2. To thank you for your patience, we’re adding 3 extra months of service starting July 29th.
3. We kindly request that you process the payment for the original license period again.
Important Points to Note
- You’ll only be charged once, even if you pay again.
- The extra 3 months are our gift to you.
- You have until October 29, 2024, to finish paying.
Next Steps
1. Please verify your bank or PayPal statement to confirm whether the affected payment was charged.
2. Visit your payment history page to complete the payment. You can select a suitable package.
3. Click the “Renew” button to process the failed payment. This action will maintain your active license and initiate the bonus period.
Need Help?

We understand this may be frustrating. Sorry for the inconvenience it caused. Our support team is here to lend a hand, as always. Don’t hesitate to contact us.
July 30, 2024