Does CleanTalk protect against donor email leaks?

Yes. Anti-Spam by CleanTalk helps protect against donor email leaks by obfuscating email addresses by default, including cases where emails may be exposed in HTML even if invisible on the page.

We received hundreds of spam donations immediately after installing GiveWP. How to fix it?

Install an anti-spam solution. As an additional mitigation, increase the minimum donation amount (for example to $10+) because bots often test donation forms with small amounts like $1–$5.

A donor is trying to submit recurring donations but the transaction isn’t being processed because the donor’s email is considered spam.

False positives can happen. Submit a support ticket or add the donor to the Allow list so their donations can go through.

Tag: wordpress

GiveWP Spam Protection guide in 2026. Stop spam donations!
CleanTalk has added spam protection for GiveWP using direct form integration. This makes it a good opportunity to explore how to protect GiveWP against spam submissions using both built-in anti-spam tools integrated into the plugin core and third-party solutions. We will start with CleanTalk and then move on to Akismet, Google reCAPTCHA, Cloudflare Turnstile, honeypot techniques, and universal anti-spam plugins available on WordPress.org.

GiveWP banner at https://wordpress.org/plugins/give/

GiveWP – Donation & Fundraising Plugin for WordPress

In case of any misunderstanding or misinterpretation about which plugin we are referring to, allow me to provide a brief overview of GiveWP

GiveWP is a powerful WordPress donation plugin that helps nonprofits, charities, and organizations accept online donations directly on their websites. It allows you to create fully customizable donation forms and securely collect one-time or recurring donations without relying on third-party fundraising platforms. To maintain secure fundraising, GiveWP can be combined with spam protection solutions that help prevent fake donations, bot submissions, and fraudulent registrations. The plugin supports popular payment gateways such as PayPal and Stripe, making it easy for donors to contribute using their preferred payment method. Built-in reporting, donor management tools, and fundraising goal tracking help organizations monitor performance and grow contributions. With a wide range of add-ons and integrations, GiveWP scales from small campaigns to large nonprofit organizations while following WordPress best practices for reliability and security.

According to WordPress.org, over 100,000 websites use this plugin.

Install GiveWP – Donation Plugin and Fundraising Platform

Show Instructions

To have the plugin installed follow this steps,

1. Search for the plugin in WordPress console -> Plugins -> Add plugin -> Search -> givewp

2. Install and Activate the plugin.

3. Add a campaign and forms in WordPress console -> GiveWP -> Campaigns -> Forms.

That’s all! GiveWP is installed.

Anti-Spam plugin by CleanTalk for WordPress

The next plugin we are going to use is the Anti-Spam plugin by CleanTalk. Here is a short description of it,

CleanTalk Anti-Spam plugin for WordPress protects your site from spam comments, contact forms, registrations, and fake donations without CAPTCHA. It uses cloud-based spam detection and real-time databases to block bots automatically while keeping the experience smooth for real users. CleanTalk works in the background and requires minimal setup, making it a reliable hands-off anti-spam solution.

CleanTalk has additional features like Block and Allow lists to manage specific Emails, IPs, Countries, custom frontend message to blocked donations and Emails obfuscation which might be helpful during fundraising events.

According to WordPress.org, over 200,000 websites use this plugin. All features of Anti-Spam plugin for WordPress.

How to install CleanTalk Anti-Spam plugin

Show Instructions

To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.

Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

After installing the plugin, click the «Activate»‎ button.

After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

That’s it! GiveWP is completely protected, let’s see how to test the protection.

How to check spam protection for GiveWP Forms

You can test the work of Anti-Spam protection for GiveWP by using a test email,

stop_email@example.com
1. First, open the form in an Incognito browser tab.
2. Choose amount to donate.
3. In the next step fill out the account name data and the stop_email@example.com.
4. You must see a message as below and in the screenshot.
*** Forbidden. Fraud prevention. Sender blacklisted. Anti-Spam by CleanTalk. ***

In addition, in the Cloud Dashboard you can find extra details regarding all submissions for the donation form,
- IP, Email of the donator. As well as history of activity a sender among other sites connected to CleanTalk’s cloud.
- Geolocation of the sender.
- Date and time of submission.
- Page (URL) of the submission.
- Cloud decision – Approved, Denied.
- Cloud explanation for the decision.
- Tools to move the sender to Block or Allow lists.
What additional anti-spam tools are available for GiveWP?

Here are a few more tools on the market,
1. Akismet is a cloud-based anti-spam service that works in the background and has excellent compatibility with WordPress. Most importantly, the GiveWP team has included Akismet integration directly in the core of the plugin, providing a seamless user experience for those who choose Akismet as their anti-spam solution. Akismet settings are located under WordPress console -> GiveWP -> Settings -> Advanced -> Akismet SPAM Protection. Here is full guide how to setup protection.
2. Honeypot anti-spam techniques protect websites by adding invisible form fields that real users never see but spambots automatically fill in. When these hidden fields are completed, the submission is flagged and blocked, stopping spam without CAPTCHAs or user interaction. GiveWP has built-in honeypot which is located under settings WordPress console -> GiveWP -> Settings -> Security -> Enable Honeypot Field. This option is On in default setting, so should filter some primitive spam bots out of the box.
3. reCAPTCHA is a spam protection technology by Google that helps protect WordPress websites by distinguishing real users from bots using challenges or behavioral analysis. It reduces automated spam submissions but may require user interaction, such as clicking a checkbox or solving a challenge. GiveWP supports reCaptcha in the core and settings are located by path WordPress console -> GiveWP -> Settings -> General -> Access Control -> reCaptcha. The first step to activate this protection is getting Site and Secret keys, which are available on website.
4. Turnstile by Cloudflare is another great anti-spam tool which is available for GiveWP. Protects WordPress websites by verifying visitors automatically without CAPTCHAs or puzzles. It blocks bots using browser and behavioral signals while keeping the experience seamless for real users. One drawback is to use Turnstile user must install extra plugin – ‘Give – Cloudflare Turnstile’. The full guide is here.
5. And we have bunch of standalone, universal, all-in-one plugins like Zero Spam, OOPSpam, hCaptcha for WP which provide anti-spam protection for GiveWP as well. Here is a link to download one of them.
Here are screenshots for tools above.

I have questions… (FAQ)

Does CleanTalk protect against donors emails leak?

In July 2025, a vulnerability in GiveWP led to an email data leak of Pihole donators. Yes, Anti-Spam by CleanTalk helps protect against such issues. In this case, email addresses were exposed in the HTML code, even though they were invisible on public pages. The plugin prevents this by obfuscating email addresses by default.

We received hundreds of spam donations immediately after installing GiveWP plugin. How to fix it?

If you do not have specific anti-spam tool installed. Increasing the minimum donation amount can help stop spam, as bots usually test forms with small payments like $1–$5. Setting a $10+ minimum helps filter out these low-effort automated attacks.

A donor is trying to submit recurring donations but the transaction isn’t being processed because the donor’s email is considered spam.

False/positives sometimes happen. In this case just post a support ticket or put this donor in Allow list.

Final thoughts

I hope this guide helped resolve all spam issues on your donation form. If not, Sign Up for an account and our CleanTalk team will be happy to help.

Stop spam without frustrating your visitors

Create your CleanTalk account and start blocking spam donations — no CAPTCHA challenges and no impact on visitors.

API Plugins

CleanTalk Account

No credit card required • Setup takes less than a minute • Your temporary password will be sent by email.
March 9, 2026
Why do contact form 7 users prefer Anti-spam by CleanTalk against reCAPTCHA?
As a WordPress user let me share my experience of using CAPTCHA less and CAPTCHA style Anti-Spam tools on the example of Contact form 7.

Is reCAPTCHA good or bad for Contact form 7?

Contact Form 7 users may prefer Anti-Spam plugin by CleanTalk over reCAPTCHA for several reasons, as each solution has its own advantages and disadvantages. Here are some potential reasons why some users prefer Anti-spam by CleanTalk:
1. Simplicity: Anti-spam by CleanTalk offers a simpler and more user-friendly solution compared to reCAPTCHA. It doesn’t require users to solve puzzles or click checkboxes, which can be seen as an added step that may deter some visitors from submitting forms.
2. Reduced User Friction: reCAPTCHA can sometimes lead to a less than ideal user experience, especially for those who find it challenging to complete the visual or interactive challenges. Anti-spam by CleanTalk doesn’t require any user interaction, so it doesn’t add any friction to the form submission process. More drawbacks of CAPTCHA/reCAPTCHA.
3. Invisible to Users: Anti-spam by CleanTalk works invisibly in the background, so users are not aware of its presence. In contrast, reCAPTCHA typically requires users to complete a task to prove they are not a bot.
4. Accessibility: Some users have accessibility concerns with reCAPTCHA, as it relies on visual verification. Anti-spam by CleanTalk does not present accessibility challenges in the same way, making it a more inclusive solution.
5. Accuracy: Anti-spam by CleanTalk uses a combination of methods, including machine learning and a vast database of known spam sources, to identify and block spam submissions. This approach can be effective in detecting and preventing spam without relying on user interaction.
6. Reduced False Positives: reCAPTCHA, while effective at blocking bots, may occasionally generate false positives, blocking legitimate users. Anti-spam by CleanTalk aims to minimize false positives, ensuring that genuine inquiries are not inadvertently marked as spam.
7. Customization: Users have the ability to customize Anti-spam by CleanTalk settings to meet their specific needs and preferences, tailoring the spam protection to their site’s requirements.
8. Integration: Anti-spam by CleanTalk is designed to seamlessly integrate with Contact Form 7 and other popular form plugins, making it easy for users to implement spam protection without significant configuration.
Anti-Spam by CleanTalk

It’s important to note that the choice between Anti-spam by CleanTalk and reCAPTCHA may depend on the specific needs and preferences of individual website owners. Some users may prioritize ease of use and a seamless user experience, while others may prioritize the high level of bot detection offered by reCAPTCHA. Ultimately, the choice between these solutions should align with your website’s goals and the user experience you want to provide. Additionally, some users may opt to use both solutions in combination to enhance spam protection further.

How to install Anti-Spam by CleanTalk?

To install and configure the “Anti-Spam by CleanTalk” WordPress plugin for your website, follow these steps:

1. Log in to Your WordPress Dashboard:

Navigate to your WordPress admin dashboard by entering your site’s URL followed by “/wp-admin” (e.g., “https://yourwebsite.com/wp-admin“).

2. Access the Plugins Section:

In the WordPress dashboard, locate and click on the “Plugins” option in the left-hand menu.

3. Click “Add New”:

On the Plugins page, click the “Add New” button at the top of the screen. This will take you to the Add Plugins page.

4. Search for “Anti-Spam by CleanTalk”:

In the search bar on the Add Plugins page, type “Anti-Spam by CleanTalk” and press Enter. The search results will appear.

5. Install the Plugin:

Locate the “Anti-Spam by CleanTalk” plugin in the search results. Click the “Install Now” button next to the plugin’s name.

6. Activate the Plugin:

After installation, a new button will appear that says “Activate.” Click this button to activate the Anti-Spam by CleanTalk plugin.

7. Enter Your Access Key:

Once the plugin is activated, you’ll need to enter your access key to enable the anti-spam features. You can obtain the access key by signing up for CleanTalk on their website (https://cleantalk.org/) and subscribing to their service. After subscribing, you’ll receive an access key via email.

a. In the WordPress dashboard, go to “Settings” in the left-hand menu.

b. Click on “Anti-Spam by CleanTalk” from the submenu.

c. Enter your access key in the provided field.

d. Click the “Check Access Key” button to validate your access key.

8. Configure Settings:

Once your access key is validated, you can configure the plugin settings according to your preferences. The settings allow you to customize the anti-spam protection for your site, including options for comments, registrations, contact forms, and more.

9. Save Changes:

After configuring your settings, don’t forget to click the “Save Changes” button to apply your chosen anti-spam settings.

10. Verify That It’s Working:

To ensure that the plugin is effectively blocking spam, just use email stop_email@example.com in a contact form 7. You have to see a special response from Anti-Spam by CleanTalk that describes a reason for blocking.
```
*** Forbidden. Sender blacklisted. ***
```
Anti-Spam by CleanTalk shows the reason of blocking form submission.

11. Periodic Review:

Periodically review the plugin’s dashboard to check its performance and verify that it’s actively blocking spam submissions. CleanTalk provides statistics on the number of spam attempts blocked.

That’s it! You’ve successfully installed and configured the “Anti-Spam by CleanTalk” plugin on your WordPress website. This plugin will help protect your site from unwanted spam submissions and improve the overall security and user experience of your WordPress site.
February 25, 2026
wpForo Forum – Spam Protection
CleanTalk added spam protection for wpForo Forum multi-layout bulletin board using direct form integration. So in case, you prefer using wpForo be sure to use the most effective Anti-Spam plugin. Read the guide below and learn 4 steps to protect your wpForo Forms from spam.

Once the CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be wpForo forms but also many others.

Download CleanTalk Anti-Spam plugin | Download wpForo Forum

How to install CleanTalk Anti-Spam plugin

To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.

Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

After installing the plugin, click the «Activate»‎ button.

After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

That’s it! From now you know how to completely protect your wpForo Forum plugin from spam.

How to check spam protection for wpForo Forms

You can test the work of Anti-Spam protection for your СonvertKit Forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.

If you have any questions, add a comment and we will be happy to help you.

Create your CleanTalk account – Register now and protect your СonvertKit Forms from spam in 5 minutes

Update

The protection works only for website visitors, not for website admins. Be sure to test the form protection using Incognito mode.

Additional features
- CleanTalk protects all forms at once: comments, registrations, feedbacks, contacts, reviews.
- Installation takes about 1-2 minutes.
- Smart 99% protection against spambots.
- Always online – 24/7 technical support.
- Logs, SpamFireWall, personal lists, country filters, stop-words, and many others.
Discover CleanTalk Anti-Spam plugin features.
February 19, 2026
How to Check wp-content for Malware with Security by CleanTalk?
WordPress powers a significant portion of the internet, making it an attractive target for cyberattacks. Ensuring the security of your WordPress website is paramount. One essential aspect of WordPress security is regularly checking your wp-content directory for vulnerabilities. In this article, we’ll guide you through the process of safeguarding your wp-content folder using the powerful Security by CleanTalk plugin.

Why Checking wp-content for Malware is Crucial?

Your website’s wp-content directory is a critical part of your WordPress installation. It contains themes, plugins, and uploaded media files, making it an attractive target for hackers. Malicious actors often seek vulnerabilities in this directory to compromise your website’s security.

Checking wp-content is vital because it allows you to:
1. Detect Unauthorized Access: Regular checks help you identify any unauthorized changes or suspicious files within your wp-content folder.
2. Prevent Malware Infections: Detecting malware early can prevent it from spreading throughout your site, damaging your reputation and potentially harming your visitors.
3. Maintain Website Performance: A compromised wp-content directory can slow down your site and disrupt its functionality. Regular checks help maintain optimal performance.
4. Protect Sensitive Data: Your wp-content directory may contain sensitive information. Ensuring its security safeguards your data and user information.
Introducing Security by CleanTalk

To streamline the process of checking your wp-content directory and enhancing your WordPress security, we recommend installing the “Security by CleanTalk” plugin. This comprehensive security plugin offers a wide range of features to protect your website, including:
1. Real-time Firewall: Defends your site against malicious traffic and hacking attempts in real-time.
2. Spam Protection: Blocks spam comments and registrations to keep your site’s content clean.
3. Malware Scanner: Regularly scans your website for malware, vulnerabilities, and unsafe permissions.
4. Login Page Security: Protects your login page from brute force attacks.
5. Two-Factor Authentication (2FA): Adds an extra layer of login security for administrators.
6. IP and Country Blocking: Allows you to block specific IP addresses or entire countries to prevent malicious access.
7. Security Audit Trails: Keeps a record of all security-related events on your site for monitoring and analysis.
How to Install Security by CleanTalk

Follow these simple steps to install and activate Security by CleanTalk on your WordPress website:
1. Login to Your WordPress Admin Dashboard: Navigate to your WordPress dashboard by entering your site’s URL followed by “/wp-admin” (e.g., “https://yourwebsite.com/wp-admin“).
2. Go to Plugins: In the left sidebar, click on “Plugins.”
3. Add New Plugin: Click the “Add New” button at the top of the Plugins page.
4. Search for “Security by CleanTalk”: In the search bar, type “Security by CleanTalk” and press Enter.
5. Install and Activate: When you see the plugin in the search results, click “Install Now,” and then click “Activate” once it’s installed.
6. Configure Settings: Visit the “Security by CleanTalk” settings page in your WordPress dashboard to configure the plugin’s settings to your liking. Be sure to set up the malware scanner to check your wp-content directory regularly.
7. Enjoy Enhanced Security: With Security by CleanTalk in place, your WordPress website is now fortified against threats, and your wp-content directory will be regularly monitored for vulnerabilities.
Security by CleanTalk at WordPress.

The Malware scanner checked and found an issue with wp-content.

The Malware scanner cured files at wp-content.

Conclusion

Regularly checking your wp-content directory is an essential part of maintaining a secure WordPress website. To simplify this process and ensure comprehensive protection for your site, we recommend installing the “Security by CleanTalk” plugin. With its wide range of security features, this plugin will help you safeguard your website, keeping it safe from threats and ensuring the integrity of your wp-content directory.

Anyway, if you are unsure how to identify, remove, or clean malware using the plugin, you can book a WordPress malware removal with our Security & Pentest team.

Don’t leave the security of your WordPress site to chance—take proactive steps today by installing Security by CleanTalk and regularly checking your wp-content folder for peace of mind and a secure online presence.
February 18, 2026
User Registration & Membership – Spam Protection Guide in 2026
CleanTalk has added spam protection for the User Registration & Membership WordPress plugin by WPEverest through direct form integration. If you use this plugin, be sure to enable the highly effective CleanTalk Anti-Spam solution. In this post, we also review all anti-spam options available for User Registration & Membership.

User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder

First of all let’s see what this plugin is,

User Registration & Membership by WPEverest is a powerful WordPress plugin for creating custom user registration forms, login pages, and membership websites without coding. It features a drag-and-drop form builder, user profile management, content restriction, and payment integrations for subscription-based sites. Ideal for communities, online courses, and client portals, the plugin helps website owners manage users and memberships efficiently while improving user experience.

According wordpress.org, this plugin is installed on 60,000+ sites. All features of Anti-Spam plugin by CleanTalk for WordPress.

Installing User Registration & Membership

There are few steps to be this plugin installed,
1. Go to WordPress console -> Plugins -> Add plugin, type ‘user’.
2. Install ‘User Registration & Membership’ by WPEverest and activate the plugin.
3. Next you see a setup screen, that can be skipped on this moment.
4. That’s all the plugin is installed!
On the next steps we work with page YOUR-SITE.COM/registration/.

By the if you want place the registration form on another page,
1. Follow to WordPress console -> User Registration & Membership -> Registration form.
2. Copy shortcode like this [user_registration_form id=”8″] from the right/top corner of screen and place on any other page you want to.
Anti-Spam plugin by CleanTalk for WordPress

In beginning a few words about the plugin that we are going to use against spam,

CleanTalk Anti-Spam plugin for WordPress automatically protects your website from spam comments, registrations, contact forms, and fake orders without using CAPTCHA. It uses cloud-based spam detection and real-time databases to block bots in the background while keeping the experience smooth for legitimate visitors.

According wordpress.org, this plugin is installed on 200,000+ web sites. To install the plugin please follow this guide.

The next step is testing the anti-spam protection.

How to check spam protection for User Registration & Membership

We are going to test protection and the most important step in this process to do it as a regular visitor, not as as authorized user/administrator in WordPress console!

Follow this,
1. Jump to YOUR-SITE.COM/registration/ in incognito mode in your browser.
2. Fill up the form using test email address s@cleantalk.org. This is a service email, using which do not cause block listing your IP in CleanTalk’s cloud.
3. You see response from the cloud like this,
*** Forbidden. Sender blacklisted. Anti-Spam by CleanTalk. ***

That’s all! The protection is active and ready to go. If you have any questions, add a comment and we will be happy to help you. In addition, in the Cloud Dashboard you can find extra details regarding all submissions for registration form.

What additional anti-spam tools are available for User Registration & Membership?

On this day on the market there are a few more tools to protect User Registration & Membership against spam bots. As well as this plugin has some built-in tools. Let’s see what we have,
1. This plugin has built-in integration with Google reCaptcha version 2 and 3. reCAPTCHA by Google helps protect WordPress registration forms from spam by verifying that users are real people using behavioral analysis or interactive challenges. It blocks automated bot sign-ups and reduces fake registrations while allowing legitimate users to register securely.
  The settings located are here WordPress console -> User Registration & Membership -> Registration & Login -> Captcha. The Site and Secret keys are available on website.
2. The next tool is hCaptcha. hCaptcha is a privacy-focused CAPTCHA solution that protects WordPress registration forms from spam by requiring users to complete human verification challenges, helping block automated bot sign-ups. Unlike reCAPTCHA by Google, hCaptcha places stronger emphasis on user privacy and data control, making it a popular alternative for websites that want effective spam protection with less tracking.
  The settings located are here WordPress console -> User Registration & Membership -> Registration & Login -> Captcha. The Site Key and Secret key are available on website.
3. Next is Turnstile by Cloudflare. It protects WordPress registration forms from spam by automatically verifying visitors using browser and behavioral signals without showing CAPTCHA challenges. Unlike reCAPTCHA, Turnstile is designed to be privacy-friendly and frictionless, reducing spam registrations while keeping the signup process seamless for real users.
  The settings located are unde same path as tools before WordPress console -> User Registration & Membership -> Registration & Login -> Captcha. The Site Key and Secret key are available on website.
4. There are also bunch of universal anti-spam plugins like Simple CAPTCHA Alternative by Elliot Sowersby, WP Armour and etc. All of them can be found on wordpress.org.
As my research shows there is no plugins or direct integration with Akismet.

I have questions…

What if I don’t use User Registration & Membership plugin, but still have spam registrations (users)?

In this case, Anti-Spam by CleanTalk is the best way to get rid of standard wordpress registration forms spam.

Does this guide work for WPforo plugin?

No, it does not. Read this guide instead to protect WPforo Forum against spam registrations.

How about spam protection for s2Member plugin?

Please use another guide in order of s2member spam protection.

Final thoughts

I hope this guide helped resolve all spam issues on your registration form. If not, Sign Up for an account and our CleanTalk team will be happy to help.
February 15, 2026
Our Client’s Review: BRNDTIME

We’re happy to share feedback from one of our valued clients — Christophe Thielens, founder of BRNDTIME.

At CleanTalk, we truly appreciate hearing how our anti-spam solution helps agencies and businesses keep their websites clean, fast, and user-friendly. Reviews like this motivate our team to continue improving our technology and delivering invisible, reliable protection against spam.

About BRNDTIME

BRNDTIME is a digital marketing agency based in Belgium, focused on helping SMEs and independent professionals grow their online presence.
The agency specializes in building high-performance WordPress websites, SEO, online advertising, branding, content creation, and email marketing — always with a strong emphasis on usability, performance, and measurable results.

Client feedback

Christophe shared his experience with CleanTalk both on WordPress.org and on the BRNDTIME website:

“Very good plugin — works very well for my agency.
No captchas, no false positives, no slowdowns.
A solid and trustworthy plugin.”

BRNDTIME – Digital marketing bureau 01 29 2026 03 19 PM

Using CleanTalk Anti-Spam, BRNDTIME protects WordPress websites from spam submissions without affecting visitor experience. The absence of CAPTCHAs, combined with accurate filtering and no performance impact, allows the agency to focus on building and marketing websites — not cleaning up spam.

We’d like to thank Christophe Thielens and the BRNDTIME team for trusting CleanTalk to protect their projects and for sharing their honest feedback with the WordPress community.

🔗 Client website: https://brndtime.be/

🔗 WordPress.org review: https://wordpress.org/support/topic/very-good-plugin-works-very-wel-for-my-agencie/

🔗 BRNDTIME article about CleanTalk:
https://brndtime.be/2026/01/27/cleantalk-anti-spam-plugins-spamvrije-wordpress-website/

January 29, 2026
How Spam Activity Changes Over Time — and Why It’s Not Related to License Expiration

From time to time, website owners report a sudden increase in spam activity and try to link it to plugin settings, hosting, or license status.
However, these assumptions often overlook how dynamic spam behavior truly is.
To illustrate this, I conducted a small study analyzing spam distribution over time using data from several of our WordPress sites.

First, I’ll look at data for three of our WordPress sites, which host our themed blogs. The statistics are for the year.

1. Our blog, ClanTalk Anti-Spam and Security https://blog.cleantalk.org/

The screenshot shows the statistics for the year.
As you can see from the graph, the number of spam attacks isn’t linear, but fluctuates from month to month. Only since August has there been any stability, and the number of spam attacks has been more or less consistent.

All time 10 979 spam blocked 10 21 2025 11 17 AM

2. Our blog, research.cleantalk.org

The graph shows an increase in spam attacks at the beginning of the year, followed by a decline to almost zero. However, in May, there is a peak in spam attacks, followed by a sharp decline. Subsequently, there is a slight increase in spam attacks.

All time 6 567 spam blocked 10 21 2025 11 30 AM

3. Our blog, blog.doboard.com

The blog was launched recently, and from the very beginning, it was clear that the number of spam attacks was high, but after some time, there was a decrease.

All time 195 spam blocked 10 21 2025 11 29 AM

4. Personal WordPress Test Site

The following graph shows statistics for my personal WordPress site, which I use for testing.
The graph shows a steady increase, peaking in May and then declining.

All time 19 510 spam blocked 10 21 2025 11 19 AM

What Does This Tell Us?

Based on this data, I can draw the following conclusions:
the number of spam attacks does not show any trend, other than a possible seasonal factor.

The number of spam attacks may not be linear from month to month or even from day to day. At some points, there may be more, at others, fewer. A low-traffic site like my test site can receive a much higher number of spam attacks than a site with more traffic, a larger number of articles, and a higher search engine ranking.

What I did next?

Now let’s talk about how a user can evaluate the difference between the amount of spam a client sees while using an anti-spam service and when the license expires.

First, as you can see on our new site, the number of spam attacks increases as it gets added to spam lists.

Second, when a client installs the CleanTalk Anti-Spam plugin, we have the SpamFireWall option. This option blocks spammers before they reach the site.

CleanTalk Anti Spam Dashboard 10 21 2025 11 20 AM

As you can see from this table, we currently receive 12-14 spam attacks per day. These requests can be found, for example, in the spam folder on their site. On average, there were 57 spam attacks per week, and SpamFireWall (SFW) blocked another 350.

Then, I disabled SFW, and the number of spam attacks reaching the website form immediately increased to 120 on average. So, we see that when using SFW, 50% of spam attacks reach the website and forms, and the remaining spam attacks were stopped by SFW and simply didn’t reach the website.

Therefore, when assessing the amount of spam, we must also take into account the portion of SFW traffic that simply didn’t reach the website forms. You can track statistics for your sites in the Trends section of the ClanTalk Dashboard.

To summarize

The number of spam attacks is not constant and can be higher or lower. Also, when using SFW, you only see a portion of the spam reaching the forms on your website. Having or not having a CleanTalk license doesn’t affect the number of spam attacks.

October 22, 2025
Client Review: Climate Change Dispatch

We are happy to share feedback from one of our clients — Thomas, the owner of climatechangedispatch.com

Great support, even better spam killer

I was using Akismet for WordPress for years until I found Cleantalk. I got an email from Automaticc, which owns Akismet and Jetpack, stating that because I had some ads on my site, I had to pay a ridiculous amount of money. They gave me 30 days. I switched to Cleantalk as it was cheaper, and the difference was amazing.
Not only did it catch spam, but the personal blacklists are a timesaver. No more hits or misses from imprecise wording in the Discussion settings. And the support is absolutely superb. The few times I’ve needed them, they were prompt and fantastic. The firewall and bot-crawler features are also a timesaver. Did you know that auto-bots crawl your site and slow it down? I’m talking spammy bots looking for email addies. This plugin stops them. And also prevents spam after spam from getting through via rate limiting. Try it out, and I swear you will rarely, if ever, have to get rid of spam manually. It’s that good!

We thank Thomas for his detailed feedback and trust in CleanTalk.
It’s always a pleasure to hear that our service helps clients protect their websites and save time.

September 11, 2025
QuickCal Spam Protection for WordPress

quickcal screenshot 03

QuickCal forms is a good choice when you need to use a powerful booking calendar. Always be sure to use the most effective Anti-Spam plugin. For example CleanTalk Anti-Spam will guarantee your QuickCal booking form spam protection in about 5 minutes.

Once CleanTalk Anti-Spam plugin is installed it starts to protect all of the existing forms on your WordPress website. It may not only be QuickCal forms but many others.

Download CleanTalk Anti-Spam plugin | Download QuickCal plugin

How to install CleanTalk Anti-Spam plugin

To install the Anti-Spam plugin, go to your WordPress admin panel → Plugins → Add New.

Then enter «СleanTalk» in the search box and click the Install button for «Spam protection, Anti-Spam, FireWall by CleanTalk».

After installing the plugin, click the «Activate»‎ button.

After it is done go to the plugin settings and click the «Get Access Key Automatically» button. Then just click the «Save Settings»‎ button.

That’s it! From now your WordPress website and QuickCal forms are protected from spam.

You can always use our detailed installation instructions.

How to check your QuickCal forms spam protection in about 5 minutes

You can test the work of Anti-Spam protection for your QuickCal forms by using a test email s @ cleantalk.org (without spaces). First, open the form in an Incognito browser tab. Fill in all the required form fields and send a form. After submitting the form, you will see a block message about the block on the form submission.

If you have any questions, add a comment and we will be happy to help you.

Create your Cleantalk account – Register now and enjoy your spam-free QuickCal forms.

You may view a complete list of CleanTalk Anti-Spam plugin features here. https://cleantalk.org/help/introduction

WordPress spam protection

July 31, 2025
Prevent for User Enumeration on WordPress
I’m happy to announce option Prevent collecting of authors logins which you can find under settings,
```
WordPress console -> Settings -> Security by CleanTalk -> General Settings
```
This option disables users IDs enumeration in your WordPress. So, it stands against brute force for authors names. Here is example how the enumeration works in the plain WordPress,
```
https://blog.cleantalk.org/?author=1
```
By executing such links, an attacker brute forces users list on a site to get valid IDs and use it in further attacks.

If you turn option Prevent collecting of authors logins on, the plugin disable enumeration by showing a blank page instead of valid page of author. URL for the blank page like this,
```
https://blog.cleantalk.org/author/honeypot_login_1753432662.9124
```
That’s it! Drop questions in the comment form down below.
July 25, 2025