Category: CleanTalk

  • Moving On: A Farewell to UNI/UniForce

    Moving On: A Farewell to UNI/UniForce

    Hey everyone,

    We’ve got some news about our UNI/UniForce product line, and while it might not be the easiest thing to share, we wanted to be upfront and personal with you all about it.

    Here’s the deal: we’ve decided to sunset UNI/UniForce. What does that mean exactly?

    • November 1st, 2024: This is the day we’re putting a pause on active development. 
    • November 1st, 2025: This is the official end-of-life date for UNI/UniForce. After this point, we won’t be able to provide technical support for it anymore.

    We know this might come as a surprise, and we truly appreciate you sticking with us and using UNI/UniForce. This wasn’t a decision we made lightly. Sometimes, in the tech world, we have to make choices about where to focus our energy to build the best possible future.

    What happens next?

    We understand that you might be looking for a replacement solution. Great news! CleanTalk offers a robust set of APIs that can be integrated into a wide variety of applications. You can find out more about CleanTalk’s API options and how they can help protect your projects here: https://cleantalk.org/help/api-cleantalk-all 

    CleanTalk also provides a powerful blacklist checking tool that allows you to instantly verify if an IP address, email address, subnet, or domain is listed on any major blacklists. This can be a valuable resource for maintaining your security and reputation. Give it a try here: https://cleantalk.org/blacklists 

    If you have any questions about this transition or need help exploring alternatives, please don’t hesitate to reach out to our support team. They’re always happy to help!

    Thanks for being awesome!

  • WordCamp US 2024

    WordCamp US 2024

    Let share a few notes from WCUS2024,

    1. Disney moved a few dozens of websites to WordPress. They use SEO to measure value of content/posts, looks like the trust algorithms of search engines to confirm valuables of sites. Here are examples,
      • https://disneyconnect.com/
      • https://disneyparksblog.com/
    2. There was a such interesting case of rebuilding  https://www.recipetineats.com by https://humanmade.com. They’ve boosted site views from 25M/month to 45M/month. Key moments,
      • Hosting, backend and frontend improvements returned up to 20% of boost.
      • Added schemas for recipes.
      • Used X-Ray to track PHP code. I hope this is link is correct https://github.com/aws-observability/aws-otel-php link to home page of the project.
      • Moved the site to enterprise ready plugins. Under ‘enterprise ready’ they mean superfast, secure and maintainable plugins.
      • They used old platform and design during the rebuilding. They had good data to compare results before and after the project was done.
    3. Elementor uses Patchstack to validate reports about vulnerabilities. Elementor has its own ecosystem for working with other plugins; according to them, every 30th plugin created on wordpress.org operates within this ecosystem.
    4. Gravatar they are working on creating a “network” profile, not just an avatar. In the future, they see themselves as a Single Sign-On provider. It’s interesting why websites do not widely use Facebook/X for the same purpose—I’m referring to the idea of a network profile. An example of a network profile is https://gravatar.com/ronnie.
    5. I spoke with 6-7 participants, and 3 of them use CleanTalk. Some were even surprised—why aren’t we showcasing our work? 🙂

    Bonus

    I’ve found a few scenery locations in Portland, OR, here are photos of them as well as me and some of our customers. Thank you guys for a great camp!

  • PAYG is no longer used in adding extra website

    PAYG is no longer used in adding extra website

    The Pay-As-You-Go payment method will no longer be used when adding extra websites to your Anti-Spam or Security license. When you need to add an extra website and no free slots are left in your current license, your plan will be automatically upgraded.

    If you have any questions feel free to ask a question in the comments below or create a private ticket.

  • The Real Person Badge – the Anti-Spam New Feature

    The Real Person Badge – the Anti-Spam New Feature

    Bots are among us all over the internet. They visit websites, gather information, and write comments and reviews. So how do you distinguish such a bot from a real comment or review author? That’s where The Real Person appears.

    The Real Person is a benchmark system for WordPress that separates real users from bots. It shows a special badge for the author of a comment or review, that the author passed all Anti-Spam filters and acts as a real person. As well as his email is also confirmed to exist.

    Here’s an example of what The Real Person badge looks like on a WordPress website. You can also see the live badge in the comments below the post.

    Screenshot 2024 09 25 115706

    The Real Person is free and is a part of the Anti-Spam protection cloud service.

    How to enable the feature

    The feature is disabled by default. To enable it follow the short guide.

    Don’t forget to check The Real Person badge in the comments below ↓

  • Service outage on September 19th

    Service outage on September 19th

    Dear CleanTalk Clients,

    We have experienced a service outage that lasted approximately 12 hours and 15 minutes. Due to a failure with one of our servers, there was no connection from 5:15 PM (GMT0) on September 19th to 5:30 AM (GMT0) on September 20th. As a result, some spam attacks could be missed by our anti-spam plugins and reached backend of sites.

    We are pleased to announce that the issue has been resolved and full service has been restored. Our team is now working to address any potential consequences of the outage and implement measures to prevent similar occurrences in the future.

  • Alerts vs Action: Update on the Malware Scanner by CleanTalk

    Alerts vs Action: Update on the Malware Scanner by CleanTalk

    We wanted to give you a heads-up about a small but important change regarding the differences between our Malware Scanner by CleanTalk trial and premium versions. Don’t worry, it’s nothing too big, but it is important. So, straight to business!

    Here’s the thing: the trial version of our scanner is like having a super vigilant friend keeping an eye on your website 24/7. You know, that one friend who always spots trouble from a mile away? It’s constantly on the lookout, scouring every nook and cranny of your site for any signs of malware.

    But, while our trial version is good at playing detective and searching for potential threats, it stays an alarm system. It will alert you to danger, but won’t chase it away.

    Now, this is where our premium plan comes in. Imagine upgrading from that vigilant friend to a cyber-security superhero. Now malware isn’t only bound to be detected — it’s bound to be cured! You’re not just getting alerts — you’re getting instant healing.

    So, while our trial version still shows its ability to keep an eye out for potential issues, your next-level problem-solving and peace of mind start with the paid plan.

    We appreciate you taking the time to read this, and we want you to know how much we value having you as part of the CleanTalk family. Your online safety is our top priority, and we’re always working on ways to keep your website happy, healthy, and malware-free!

    Questions? Concerns? Just a sudden urge to chat about web security? Don’t hesitate to reach out. We’re always here for you — and we love a good tech talk!

    Stay awesome!

    Update by September 6, 2024

    Check this guide to identify a malware on WordPress.

  • How to Detect VPN IPs with CleanTalk BlackLists Database

    How to Detect VPN IPs with CleanTalk BlackLists Database

    In today’s digital world, ensuring the security and integrity of your website is paramount. One crucial aspect of this is detecting and managing traffic from VPNs (Virtual Private Networks). VPNs can be used for legitimate purposes, but they are also frequently used by spammers and malicious actors to mask their identities. CleanTalk’s BlackLists Database offers a powerful tool for identifying and managing VPN traffic. This guide will walk you through the process of detecting VPN IPs using CleanTalk BlackLists Database.

    Why is it Important to Detect VPN Traffic?

    Detecting VPN traffic is essential for several reasons:

    Enhanced Security: VPNs can be used by malicious actors to hide their true IP addresses, making it harder to track their activities. By identifying and managing VPN traffic, you can better protect your website from potential threats.
    Spam and Hacking Prevention: Spammers often use VPNs to bypass IP-based spam filters. Detecting VPN traffic helps in reducing spam submissions and maintaining the quality of user interactions on your site.
    Accurate Analytics: VPNs can skew your website analytics by masking the true geographic locations of visitors. Identifying VPN traffic helps in maintaining more accurate visitor data.
    CleanTalk BlackLists Database for VPN and Malicious Traffic Detection
    CleanTalk’s BlackLists Database provides a comprehensive resource for identifying VPNs, hosting services, and other potentially harmful network types. The database includes information on the type of network, spam frequency, and whether the IP has been involved in spam or malicious activities.

    Here’s an example of a response from the CleanTalk API:

    {
      "data": {
        "IP_ADDRESS": {
          "domains_count": 0,
          "domains_list": null,
          "in_antispam_previous": 0,
          "spam_frequency_24h": 0,
          "spam_rate": 1,
          "in_security": 1,
          "country": "US",
          "in_antispam": 1,
          "frequency": 33,
          "in_antispam_updated": "2024-07-28 05:40:40",
          "updated": "2024-07-28 16:40:43",
          "appears": 1,
          "network_type": "hosting",
          "submitted": "2022-08-22 00:15:40",
          "sha256": "69b4bf5e24594462df40c591636ed9ad3438e8f2d6284069d0c71e8c0ee8a9ad"
        }
      }
    }

    In this response, the network_type is “hosting,” which often overlaps with VPN. For TOR networks, network_type will be ”tor”. For more accurate detection of traffic from VPN addresses, we recommend using the parameter in our API “network_type”. For networks belonging to VPN services, it will have the value “network_type”: “paid_vpn”. However, we also recommend using the “hosting” network type for more accurate traffic detection.

    Some examples of IP types:
    https://cleantalk.org/blacklists/85.192.161.161 IP type is not indefined
    https://cleantalk.org/blacklists/67.223.118.81 IP is belongs to the hosting network type
    https://cleantalk.org/blacklists/109.70.100.1 IP is belongs to the network TOR type
    https://cleantalk.org/blacklists/66.249.64.25 IP is belongs to the network type good_bots (this is Google search bot).

    Accessing CleanTalk BlackLists Database

    You can access the CleanTalk BlackLists DataBase in two ways:

    1. API Access: The API provides real-time updates and allows you to query IP addresses on demand. This is ideal for applications requiring the most up-to-date information.
    2. Database Files: You can also download database files, which are updated hourly. This method is suitable for offline processing or bulk operations.

    For detailed pricing information and access levels, visit CleanTalk’s pricing page.

    Integration Capabilities

    Example Code for Checking VPN IPs Using CleanTalk API
    This example demonstrates how to use the CleanTalk API to check IP addresses and block traffic based on specific conditions.

    Logic of the Check:
    1. If the network type is neither “hosting” nor “good_bots”, block the IP address if the data was updated within the last 7 days and the spam frequency is greater than 5.
    2. Block IP addresses if the network type is “hosting”, “paid_vpn” or “tor”.
    3. Allow IP addresses if the network type is “good_bots”.

    import requests
    import datetime
    
    API_KEY = 'your_api_key'
    IP_ADDRESS = 'IP_ADDRESS'
    
    response = requests.get(f'https://api.cleantalk.org/?method_name=spam_check&auth_key={API_KEY}&ip={IP_ADDRESS}')
    data = response.json()
    
    ip_info = data['data'][IP_ADDRESS]
    network_type = ip_info['network_type']
    updated_date = datetime.datetime.strptime(ip_info['updated'], '%Y-%m-%d %H:%M:%S')
    frequency = ip_info['frequency']
    
    # Check logic
    if network_type in ['hosting', 'tor', 'paid_vpn']:
        print("Block this IP address")
    elif network_type == 'good_bots':
        print("Allow this IP address")
    elif (network_type != 'hosting' and network_type != 'good_bots' and 
          (datetime.datetime.now() - updated_date).days <= 7 and frequency > 5):
        print("Block this IP address")
    else:
        print("Allow this IP address")
    

    Description of the Logic Fetching Data from CleanTalk API:
    1. A request is sent to the CleanTalk API to get information about the IP address.
    2. The JSON response is parsed to extract information about the IP address.

    Checking Network Type:
    1. If network_type is “hosting”, “paid_vpn” or “tor”, the IP address is blocked.
    2. If network_type is “good_bots”, the IP address is allowed.

    Additional Check:
    1. If the network type is neither “hosting” nor “good_bots”, the updated_date and frequency are checked.
    2. If the data was updated within the last 7 days and the spam frequency is greater than 5, the IP address is blocked.
    3. Otherwise, the IP address is allowed.
    This code allows you to configure traffic filtering based on the network type and other parameters provided by the CleanTalk API, ensuring the security of your site and preventing unwanted traffic. You can learn more about using the spam_check API here https://cleantalk.org/help/api-spam-check.

    Benefits of Using CleanTalk for VPN Detection

    Using CleanTalk for VPN detection offers several advantages:

    1. Comprehensive Coverage: CleanTalk’s database covers a wide range of IP addresses, including those used by VPNs, hosting services, and other potentially harmful networks.
    2. Real-Time Data: The API provides real-time data, ensuring you always have the most current information.
    3. Easy Integration: CleanTalk’s solutions are easy to integrate into your existing systems, offering flexibility and customization based on your specific needs.
    4. Enhanced Security: By effectively identifying and managing VPN traffic, you can better protect your website from spam, fraud, and other malicious activities.

    For more information about CleanTalk BlackLists Database, visit CleanTalk BlackLists.

    Detecting VPN IPs is crucial for maintaining the security and integrity of your website. CleanTalk’s BlackLists Database provides a robust solution for identifying and managing VPN traffic. With real-time API access and comprehensive database files, you can ensure your site remains secure and spam-free. Explore CleanTalk’s pricing options to find the right plan for your needs and start protecting your site today.

  • Payment Issue Alert: Important Information and Our Actions to Resolve It

    Payment Issue Alert: Important Information and Our Actions to Resolve It

    We’ve found a glitch in our payment system that messed up PayPal payments for about 300 of you who paid between May 1 and July 18. Some debit and credit cards didn’t get charged right. We understand fully that the problem is on our side. The team is working hard to fix things and make it right for everyone affected.

    We’ve sent emails to people whose payments were wrong. You can also check your payment history to see if anything’s missing. We’ve marked the payments that didn’t go through.

    1

    What We Did

    1. We’ve made sure you can continue using your account without interruption.
    2. To thank you for your patience, we’re adding 3 extra months of service starting July 29th.
    3. We kindly request that you process the payment for the original license period again.

    Important Points to Note

    • You’ll only be charged once, even if you pay again.
    • The extra 3 months are our gift to you.
    • You have until October 29, 2024, to finish paying.

    Next Steps

    1. Please verify your bank or PayPal statement to confirm whether the affected payment was charged.
    2. Visit your payment history page to complete the payment. You can select a suitable package.
    3. Click the “Renew” button to process the failed payment. This action will maintain your active license and initiate the bonus period.

    Need Help?

    We understand this may be frustrating. Sorry for the inconvenience it caused. Our support team is here to lend a hand, as always. Don’t hesitate to contact us.

  • Conversion rates, feature of AI and payments. Notes by Stripe Sessions 2024

    Conversion rates, feature of AI and payments. Notes by Stripe Sessions 2024

    A few months ago I’ve got a great chance to visit Stripe Sessions 2024 at SF, CA. Here are my notes from this,

    1. Stripe uses machine learning to protect merchants against fraud, as data they look through completed transactions. They identify two types of fraud – card testing and card caching. The false positive rate is 0.05%, meaning 5 false transaction per 1,000. Here is our solution against fraud for Stripe’s merchants https://blog.cleantalk.org/preventing-stripe-fraudulent-payments/
    2. Stripe offers around one hundred payment methods (besides cards) and recommends enabling these methods either manually with country linkage or conducting payment in the buyer’s local currency. In this case, Stripe automatically shows to buyers their local payment methods. In my opinion, payments in local currency brings losses on conversion to USD, but in return a merchant improves payment conversion rates.
    3. Stripe recommends using an embedded payment form on the seller’s website instead of redirecting the user to the Stripe site. This increases conversion by up to 11% due to fewer clicks for the buyer. We are going to implement such feature on our payment page as well, p.cleantalk.org. Here is a draft of the new design.

      Inline payment form. Stripe + PayPal.
    4. For clients from the US and Europe, it makes sense to offer credit/installment options at checkout. A representative from affirm.com (online credits/installments) mentioned that they work with payments starting at $50, and adding such a payment method can increase conversion by up to 60%, as well as increase the average check (typical buyer behavior when purchasing on credit).
    5. Stripe measures the reliability of its infrastructure by the number of seconds of downtime. Currently, their downtime is 26 seconds per month, which they consider a key product feature.
    6. There was an interesting session with the CEO of Nvidia, Jensen. He said,
      We are currently experiencing a new industrial revolution, comparable to the time when humans transformed the energy of fire into steam, and then steam into electrons. Now electrons are being transformed into tokens (GPU computational cycles), and the number of these tokens will change the economy and industry. He is driving the AI industry towards solving real human problems, namely building multi-stage processes and using external (to AI) ways of solving problems. For example, AI should independently write an email or call a third party to provide the correct solution to the user who requested it. We use own AI to design new chips. Nvidia employees would never have started doing what AI is currently doing in chip design.
    7. There were also several sessions on product design (Figma, Linear) and pricing systems (Adobe, Stripe). I didn’t learn anything new here; we are doing what the experts recommend.
    8. Stripe has launched Usage-Based Billing, which is similar to our Pay-as-you-go model (that we have launched in the end of 2023). Interestingly, it features a simple API for interacting with Stripe’s billing system, and it provides real-time tracking of consumed resources and costs. In CleanTalk we considered using Stripe before starting work on our universal page but decided against it because Stripe didn’t support cross-selling. Otherwise, it’s a good solution if you don’t have the desire or capability to develop your own system.
    9. At the developer session, about 80% of the audience (approximately 1000 developers) use GitHub Copilot (https://github.com/features/copilot), which is GitHub’s AI language model that assists with coding. From what I quickly gathered, this tool:
      • Writes documentation.
      • Writes unit tests.
      • Provides clear descriptions for pull requests and commits.
      • And, of course, writes code.
      • The head of development at GitHub explained that the system is designed so that the developer must oversee the AI-written code to avoid issues similar to Tesla’s self-driving problems. Overall, we should try it out.
    10. Stripe is very focused on code documentation. They have many in-house developments to keep their documentation up to date, which they consider a strong point and a reason why they are widely used (which I think is true, as their documentation was among the best during my time as a developer).
    11. To enter the corporate market, besides complying with ISO standards, it would be good to implement Bring Your Own Key (BYOK). This feature allows users to encrypt their cloud data with their own key.
    12. Stripe sees a reduction in payment processing costs by offering users the least expensive payment methods for the seller (Surcharge). However, it’s unclear whether Stripe plans to launch this feature for everyone or if they are suggesting users consider this option themselves.
    13. In the summer of 2024, Stripe is launching cryptocurrency payment acceptance. They had previously tried accepting such payments but abandoned it in 2018 because the process took up to 30 minutes (due to insufficient computing power on buyers’ devices). Now, thanks to the increased performance of client devices, they have reduced this process to 15 seconds.
    14. We should look into Linear, as they have ideas regarding project management and tracking. As well as Mindbody, which provides software (SaaS) around fitness, including financial services for their clients.

    Bonus

    In San Francisco, self-driving taxis are already fairly common. White cars with sensors are seen in the photos. Subjectively, 2 out of 10 cars are on autopilot. It’s a bit eerie to imagine that such a car will come to pick you up and take you somewhere, it immediately reminds me of Skynet.

  • Say Goodbye to Checkout Spam with CleanTalk for Opencart 4!

    Say Goodbye to Checkout Spam with CleanTalk for Opencart 4!

    Hey there, Opencart store owners! Are spammers giving you a headache? Let us put a smile on your face. CleanTalk Anti-Spam plugin for Opencart 4 is your new best friend in the fight against online nuisances!

    Imagine a world where your Opencart checkout form is protected from spam and fraudulent orders. Well, guess what? That world is here! Our clever little plugin works tirelessly behind the scenes to keep your store safe and your customers happy.

    Here’s why you’ll love CleanTalk:

    1. Spam-Be-Gone: Watch those annoying spam attempts bounce right off your checkout form. It’s like having a bouncer for your online store!
    2. Fraud Fighter: Say “not today” to those sneaky fraud orders. CleanTalk’s got your back, 24/7.
    3. Easy-Peasy Integration: No tech wizardry required! CleanTalk plays nice with Opencart 4, making setup a breeze.
    4. Happy Customers, Happy You: With a smooth, spam-free checkout, your real customers will love shopping with you even more.
    5. Time-Saver Extraordinaire: Less time cleaning up spam means more time growing your business. Who doesn’t want that?

    But don’t just take our word for it! Give CleanTalk a spin and see the difference for yourself. Your Opencart store deserves the best protection from checkout form spam and fraud orders, and that’s exactly what we deliver.

    Ready to kick spam to the curb and give your store the shield it deserves? Hop on board with CleanTalk today – because a happy checkout is a protected checkout!