Spam protection, AntiSpam, FireWall, Cleaner by CleanTalk


Supports: Contact Form 7, Ninja Forms, Gravity Forms, MailChimp, Formidable forms, WooCommerce, JetPack comments and contact form, BuddyPress, bbPress, Fast Secure Contact form, S2Member, MailPoet, any WordPress registrations & contact forms and themes. Just setup and forget the spam!

No CAPTCHA, no questions, no animal counting, no puzzles, no math and no spam bots. Universal AntiSpam plugin.

AntiSpam features

  1. Hace parar spam comentarios.
  2. Hace parar spam registros.
  3. Hace parar spam direcciones del correo electrónico.
  4. Hace parar spam órdenes.
  5. Hace parar spam reservas.
  6. Hace parar spam suscripciones.
  7. Stops spam surveys, polls.
  8. Hace parar spam aplicaciones.
  9. Stops spam in WooCommerce.
  10. Checks and removes the existing spam comments and spam users.
  11. Compatible with mobile users and devices.

Free trial then $8 per year

CleanTalk is a free anti spam plugin which work with the premium Cloud AntiSpam service This plugin as a service

Public reviews

Using CleanTalk on WPLift was a great test as we receive huge amounts of spam.
Oliver Dale,

I know you have heard of a number of anti-spam plugins. But you must know, the cloud-based ones are the best regarding detection rate. They compare all the content in forms with their own algorithm to find out the legibility.

The key selling point of CleanTalk for me is not simply its effectiveness. It’s the fact that CleanTalk works in the background. It does not make users jump through hoops in order to submit a comment or complete a form.

AntiSpam protection for comments

Protección anti-spam nativa para WordPress, comentarios de JetPack y cualquier otro plugins de comentarios. El plugin mueve los comentarios de spam a la carpeta SPAM o puede configurar la opción para prohibir los comentarios de spam silenciosamente. También puede activar la opción en la configuración del plugin para eliminar automáticamente los comentarios de la carpeta SPAM.

Filtro de spam de registros de bot

Filtros robots de spam en los formularios de registro de WordPress, BuddyPress, bbPress, S2Member, WooCommerce, constructor del perfil, inicie sesión con AJAX y cualesquiera otros plugins de registro.

Protección de spam en formularios de contacto

The plugin is tested and ready to protect from spam emails via Formidable forms, Contact form 7, JetPack Contact form, Fast Secure Contact form, Ninja forms, Landing pages, Gravity forms, Contact Form by BestWebSoft, Simple Contact Form Plugin – PirateForms, Visual Form Builder, Form, Contact Form by WebDorado, Contact Form Email, MW WP Form, Contact Form by Jeff Bulllins, Easy Contact, Contact Us Form, Grunion Contact Form, WCP Contact Form, Easy WordPress Contact Form Plugin, WPForms Lite, Custom Contact, Forms, Amo Forms, Caldera Forms, Visual Form Builder, Contact Form Clean and Simple, Divi by Elegant Themes and any other themes or custom contact forms, amoForms, Custom Contact Form, Ultimate Form Builder, Contact Bank – Contact Forms Builder, Forms easily built with Smart Forms, Quick Contact Form, Usernoise contact form, cformsII – contact form, Contact Form by Web-Settler, HubSpot Marketing Free.

Filtros para correos no deseados en WooCommerce.

Anti-spam por CleanTalk filtra registros de spam y comentarios de spam para WooCommerce. El plugin es totalmente compatible con WooCommerce 2.1 y superior.

Newsletters antispam filter

Anti-spam by CleanTalk filters spam subscriptions for MailPoet, MailChimp, PopupAlly and many other newsletter plugins.

Filtros de spam para formularios de contacto tema

The plugin blocks spam emails via any theme (built-in ones included) contact forms. The plugin filters spam emails silently (without any error notices on WordPress frontend) in AJAX forms as well.

filtro de spam bbPress

Protección contra spam para todo lo relacionado con bbPress: inicios de sesión, registros, foros, debate y respuestas.

Other spam filters

  • WordPress Landing Pages.
  • Usuario WP frontend, UserPro.
  • Any WordPress form (checkbox ‘Custom contact forms’).
  • Cualquier presentación al sitio (casilla ‘Comprobar todos los datos de POST’)

Compatible with WordPress cache plugins

  • W3 Total Cache, Quick Cache, WP Fastest Cache, Hyper Cache, WP Super cache, WP-Rocket and any other cache plugins.

Check existing comments for spam. Bulk spam comments removal. Spam comment Cleaner

With the help of anti-spam by CleanTalk you can inspect through existing comments to find and quickly delete spam comments at once. To use this function, go to WP Console -> Comments -> Find spam comments.

Check existing users for spam. Bulk spam accounts removal. Spam users cleaner

With the help of anti-spam by CleanTalk you can inspect through existing accounts to find and quickly delete spam users at once. For use this function, go to WP Console -> Users -> Check for spam. Also, you can export a list of spam users to the CSV.

El bloqueo de usuarios por país

Bloquea automáticamente los comentarios y los registros de los países que ha establecido una prohibición para. Esta opción es útil en casos de protección contra el spam manual y para la mejora de la protección. Si su sitio no está destinado para el público internacional y no esperas comentarios/usuarios de otros países.

El bloqueo de los comentarios de acuerdo a “palabras vacías”

Puede bloquear los comentarios que contengan “palabras de detención” para mejorar la protección contra correo no deseado y los mensajes con obsceno bloqueo de palabras. Puede agregar palabras o frases en particular.

Listas negras privadas para el servicio anti-spam

Bloquea automáticamente los comentarios y los registros de tu lista privada de direcciones IP / correo electrónico black. Esta opción ayuda a reforzar la protección contra el spam de un spam manual o bloquear los comentarios no deseados de los usuarios. Puede agregar no sólo ciertas direcciones IP, sino también una subred separada a su lista negra personal.

Private black list for Spam FireWall

Le permite agregar direcciones IP y subredes individuales a SpamFireWall.
bloquea los ataques de spam de las direcciones IP que aún no están incluidas en la base SFW. Esta opción puede ayudar a bloquear HTTP / HTTPS DDoS, SQL, ataques de fuerza bruta y cualquier otro que lo hizo a través del HTTP / HTTPS. Puede agregar no sólo ciertas direcciones IP, sino también una subred separada a su lista negra personal.

Low false/positive rate

This plugin uses multiple anti-spam tests to filter spam bots having as low false/positive rate as possible. Multiple anti-spam tests help to avoid false/positive blocks of the real website visitors even if one of the tests failed.

How effective is CleanTalk?

Accurately blocking spam is not an easy thing to do, but CleanTalk has a very low proven False/Positive rate. Here is actual statistics on false positives for all customers.

  • Registrations – 0.007%
  • Comments – 0.001%
  • Contact forms – 0.001%
  • Orders (WooCommerce) – 0.008%

The statistic was calculated on November 10 2017 for 1 million requests.

¿Cómo CleanTalk mejora SEO para su sitio web?

So, you already know that the speed of the site has a direct impact on SEO.

CleanTalk funciona más rápido que la mayoría de los otros plugins anti-spam. Es de conocimiento común que contra más rápido se cargue su sitio, mejor será la experiencia del cliente, mejor será su SEO, y mejor se convertirá su sitio. La velocidad es cada vez más importante en SEO, la conversión y la experiencia del usuario. Hoy en día, la velocidad del sitio es uno de los factores de clasificación más importantes de Google. Un sitio que se carga lentamente perderá los visitantes y los ingresos potenciales.

There are different ways of improving your site’s loading performance. One important parameter for site performance is to install well-developed plugins from a reputable source.

Among anti-spam plugins CleanTalk AntiSpam is one of the fastest. Despite the
large plugin functionality, the developers have optimized the performance of
the plugin so that AntiSpam by CleanTalk is faster than most analogs. This contributes to the cloud service architecture, as all calculations take place in the cloud, not on the server, the server receives the finished result for further action.

¿Cómo funciona CleanTalk?

  • A visitor writes a comment or registers
  • Anti-Spam by CleanTalk plugin sends action parameters into the CleanTalk cloud
  • Service analyzes the parameters
  • If this is a visitor, the comment will be published. If it’s a spam bot, then CleanTalk blocks this comment or registration.
  • Parameters are written to the spam log which can be viewed in the Control Panel service.

CleanTalk team has been developing a cloud antispam system for five years and has created a truly reliable anti-spam service designed for you to guarantee
your safety.

Spam attacks log

Service CleanTalk (this plugin is a client application for CleanTalk anti-spam service) records all filtered comments, registration and other spam attacks in the “Log of spam attacks” and stores the data in the log for up to 45 days. Using the log, you can ensure reliable protection of your website from spam and no false/positive filtering.

Spam FireWall

CleanTalk has an advanced option “SpamFireWall”. This option allows blocking the most active spam bots before they get access to your website. It prevents spam bots from loading website pages so your web server doesn’t have to perform all scripts on these pages. Also it prevents scanning of pages of the website by spam bots. Therefore SpamFireWall significantly reduces the load on your web server. SpamFireWall also makes CleanTalk the two-step protection from spam bots. SpamFireWall is the first step and it blocks the most active spam bots. CleanTalk Anti-Spam is the second step and checks all other requests on the website in the moment of submitting comments/registers etc.

How Spam FireWall works?

  • The visitor enters to your web site.
  • HTTP request data are being checked in the nearly 5.8 million of the identified spam bot IPs.
  • If it is an active spam bot, the bot gets a blank page, if it is a visitor then he receives a normal page. This process is completely transparent for the visitors.

Toda la actividad Spam Firewall de CleanTalk se está registrando en el proceso de filtrado.

SpamFireWall DDoS Protection

SpamFireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website, SpamFireWall blocks all requests from bad IP addresses. Your website gives the intruder a special page with the description of DDoS rejection instead of the website pages. Therefore SpamFireWall helps to reduce CPU usage of your server.

XML-RPC protección de fuerza bruta

SpamFireWall can mitigate XML-RPC brute force attacks. It blocks XML-RPC attacks from bad IP addresses. This helps to prevent bruteforce attacks by a Remote Procedure Call.

No spam comments, no spam registrations, no spam contact emails, no spam trackbacks. CAPTCHA-free anti-spam for WordPress

Spam is one of the most irritating things. Spam rates are increasing every year and conventional anti-spam can no longer handle all spam bots. CleanTalk prevents and automatically blocks spam. You’ll be surprised how effective CleanTalk is in protecting from spam.

AntiSpam plugin info

CleanTalk is an all-in-one antispam solution for WordPress that protects login, comment, contact and WooCommerce forms at once. You don’t need to install separate antispam plugins for each form. It allows your blog to work faster and save resources. After installation you will forget about spam; your CleanTalk plugin will do all the work. You won’t have to deal with spam as CleanTalk does this for you automatically.

CleanTalk is a transparent antispam tool, we provide detailed stats of all incoming comments and logins. You can always be sure that there are no errors. We have developed a mobile app for you to see antispam stats wherever you want.

Hemos desarrollado el antispam para WordPress que lo protege de los robots de spam en el nivel máximo que le permite proporcionar a sus visitantes un formulario simple y conveniente de comentarios / registros sin molestos CAPTCHAs y rompecabezas. CleanTalk detecta spam en pruebas de varios niveles, lo que nos permite bloquear hasta un 99,998% de los robots de spam.
El método anti-spam ofrecido por CleanTalk evita inconvenientes para los métodos de comunicación (CAPTCHA, pregunta-respuesta, etc.), y ofrece a los visitantes del sitio una más cómoda.

CleanTalk is a premium anti-spam service for WordPress, the plugin works with
our own CleanTalk Cloud Service. Anti Spam by CleanTalk offers a free trial, you can look at the pricing here. We provide anti-spam services at the highest level. To maintain this level we cannot afford to offer a free version of our service, as this will immediately affect the quality of the providing anti-spam protection. Paying for a year of anti-spam service, you save a lot more and receive:

  • Up to 99.998% protection from spam bots.
  • Time and resources saving.
  • More registrations/comments/visitors.
  • Protección contra el spam de los varios sitios web a la vez en diferentes CMS.
  • Facilidad de instalación y uso.
  • Traffic increase and loyalty to the users.
  • 24/7 technical support.
  • Borrar las estadísticas.
  • No captcha (reCaptcha), puzzles, etc.
  • Free mobile app to control anti-spam protection on your website.

Additional features

  • Daily and weekly detailed anti-spam reports: traffic VS spam.
  • Apps para iPhone, Android para controlar el servicio anti-spam, los comentarios, las inscripciones, los contactos, el tráfico y las estadísticas de spam de los últimos 7 días.
  • AntiSpam apps for most popular CMS on

How to protect sites from spam bots without CAPTCHA?

The most popular anti spam method is CAPTCHA – the annoying picture with curved and sloping symbols, which are presented to the visitor to decipher and fill in. In is supposed that spam bots won’t discern these CAPTCHA, but a visitor will. CAPTCHA provokes great irritation, but if the visitor wants to comment, he has to fill in these symbols time after time, making mistakes and starting once again. Sometimes CAPTCHA reminds us of the doodles of a two year old child. For users with vision problems CAPTCHA is an insurmountable obstacle. Users hate captcha. Captcha for users means “hate”. Unreadable CAPTCHA stops about 80% of site visitors. After 2 failed attempts to decipher CAPTCHA 95% of visitors reject further attempts. At the sight of CAPTCHA and after input errors, many visitors leave the resource. Thus, CAPTCHA helps to protect the resource spam both from bots and visitors. CAPTCHA is not a panacea from spam. Doubts concerning the Need for CAPTCHA?

“Ultimately, CAPTCHAs are useless for spam because they’re designed to tell you if someone is ‘human’ or not, but not whether something is spam or not.” Matt Mullenweg

You do not have to work in IT to know what spam is. Besides piles of unwanted email, there are spam bots, or special software programs designed to act as human website visitors that post unwelcome messages over the Internet to advertise dubious services. More often than not spam messages do not even make sense. Similar to bacteria and virus mutations developing antibiotic resistance, spam bots are becoming more resilient in penetrating Internet firewalls and security layers.

Características de CleanTalk

Anti-Spam by CleanTalk is one of the fastest plugins that allows you to lower the server load. One of the important parameters for each webmaster is the speed of the site, so we make sure that our plugin consumes as few server resources as possible. The Cloud Service provides the advantage: all data processing takes place in the Cloud.

CleanTalk team has developed unique anti spam algorithms to assess visitors behavior. CleanTalk analyzes user behavior and the parameters of the filled forms. Our anti-spam module, being installed in your website, sends the behavior parameters of either a visitor or a spam bot. When these parameters are estimated, the anti spam service makes a decision – to post a message or to define it as spam and reject it. Based on these checks, the service forms its own list of email addresses used by spam bots.

Los registros de visitantes se controlarán de forma similar. El servicio se suma a la lista negra no sólo direcciones de correo electrónico, sino también las direcciones IP y dominios de sitios web que promueven a sí mismos a través de correo de spam. Todo esto sucede de forma automática y no requiere ninguna acción por parte de la administración de la página web. En 2,5 millones de consultas al servicio comete un error en 40-45 casos, es decir CleanTalk detecta el spam con 99.9982% de precisión. Monitoreamos constantemente estos errores y realizamos ajustes a nuestros algoritmos. Incluso con esta precisión excepcional de nuestro equipo tiene el objetivo de mejorar las cifras a través del tiempo.

All-in-one. CleanTalk protects form spam all forms instantaneously – comments, registrations, feedback, contacts. No need to install additional plugins for each form. You save resources and increase performance of your website.

Spam attacks log. Anti-Spam by CleanTalk records all filtered comments, registrations and other spam attacks in the “Log of spam attacks” and stores the data in the log for up to 45 days. Using the log, you can ensure reliable protection of your website from spam and experience no false/positive filtering.

With the help of anti-spam by CleanTalk you can check existing comments and users, to find and quickly delete spam comments at once. This allows administrators of websites to automatically check and identify spam bots, comments and users, which were not detected by conventional anti-spam tools. The existing comments and users checking process is performed in a database of the nearly 2 million identified spam bots. Detailed spam stats allows CleanTalk customers to fully control it.

CleanTalk has an advanced option “SpamFireWall”. This option allows you to block the most active spam bots before they get access to your website. It unloads you website pages when an attempt attack was made, so your web server won’t run unnecessary scripts on these pages. Also it prevents any scanning of website pages by spam bots. Subsequently SpamFireWall significantly reduces your webserver load. SpamFireWall can mitigate HTTP/HTTPS DDoS attacks. When an intruder makes GET requests to attack your website, SpamFireWall will block requests from bad IP addresses. Your website gives the intruder a special page with a description of DDoS rejection instead of the website pages. SpamFireWall can help to reduce the CPU usage of your server because of this reason.

“CleanTalk team has been developing a cloud spam protection system for five years and has created a truly reliable anti-spam service designed for you to guarantee your safety”.


  • Danish (da_DK)
  • French (fr_FR) – thanks to Gilles Santacreu
  • German (de_DE)
  • Italian (it_IT)
  • Polish (pl_PL)
  • Portuguese (pt_PT)
  • Spanish (es_ES) – thanks to Andrew Kurtis and WebHostingHub
  • Russian (ru_RU)


WordPress 3.0 at least. PHP 5 with CURL or file_get_contents() function and enabled ‘allow_url_fopen’ setting. Sign up to get an Access key. The plugin is fully compatible with PHP 7.

Nosotros recomendamos

Max power, all-in-one, premium anti-spam WordPress plugin. No comments & registrations spam, no contact spam, protects any forms. Just install and forget spam.


  • AntiSpam settings are easy to use.
  • AntiSpam plugin rejected a spam bot at the CAPTCHA less registration form. The plugin provides explanation to visitor and websites about each rejected comment/registration o contact message.
  • Use AntiSpam analytics tool for each website in service Dashboard to have information about spam/legitimate stats.
  • Use AntiSpam log to control anti-spam plugin.
  • CleanTalk funciona más rápido que la mayoría de los otros plugins anti-spam.
  • The Dashboard with a map of most spam active countries per your account.
  • The plugin deletes/removes the existing spam comments and users accounts.


Installation instructions

  1. Download, install and activate ‘Anti-spam by CleanTalk’.

  2. Obtener clave de acceso

  3. Enter Access key in the settings: WordPress console -> Settings -> Antispam by CleanTalk

  4. Do dummy spam comment (registration or contact message) with email You should see notice: Forbidden. Sender blacklisted.

  5. ¡Hecho! El plug-in está listo para usar.

Important! To test spam protection you must post a dummy submissions as website visitor (use must logged out from WordPress console), because the plugin doesn’t filter submissions from WordPress administrators.

¿Cómo se puede configurar el plugin en la versión WPMU?

In WordPress multisite version you can switch the plugin to use Global Access key. In this way the plugin doesn’t show any options to enter Access key in plugin settings and doesn’t show Trial banner in WordPress backend. To setup global CleanTalk access key for all websites in WPMU, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Now, all subsites will have this access key.

Manage and control spam protection

Ir al Escritorioen o usar Android, iPhone anti-spam app para administrar y controlar la protección contra el spam.

Preguntas frecuentes

Installation Instructions

Installation instructions

  1. Download, install and activate ‘Anti-spam by CleanTalk’.

  2. Obtener clave de acceso

  3. Enter Access key in the settings: WordPress console -> Settings -> Antispam by CleanTalk

  4. Do dummy spam comment (registration or contact message) with email You should see notice: Forbidden. Sender blacklisted.

  5. ¡Hecho! El plug-in está listo para usar.

Important! To test spam protection you must post a dummy submissions as website visitor (use must logged out from WordPress console), because the plugin doesn’t filter submissions from WordPress administrators.

¿Cómo se puede configurar el plugin en la versión WPMU?

In WordPress multisite version you can switch the plugin to use Global Access key. In this way the plugin doesn’t show any options to enter Access key in plugin settings and doesn’t show Trial banner in WordPress backend. To setup global CleanTalk access key for all websites in WPMU, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Now, all subsites will have this access key.

Manage and control spam protection

Ir al Escritorioen o usar Android, iPhone anti-spam app para administrar y controlar la protección contra el spam.

¿Por qué me envían spam?

Spammers want to get backlinks from your site to improve their site’s PageRank or redirect your visitors to malicious sites.This level of spam can damage your reputation with readers and commentators if you fail to tackle it. It is not uncommon for some WordPress websites to receive hundreds or even thousands of comments every week. However, by using a CleanTalk plugin, spam can be easily handled by your WordPress website.

Is the anti-spam protection safe for mobile visitors?

Yes, it is. The plugin doesn’t block mobile visitors as well as desktop website visitors. It uses several independent anti-spam tests to decrease the number of false outcomes and to have as low false-positive rate as possible. Multiple anti-spam tests help to avoid false/positive blocks for real website visitors even if one of the tests failed.

What does the plugin do with spam comments?

Spam comments are being moved to SPAM folder by default or you can set the option to ban spam comments silently.

How can I test the anti-spam protection?

Please use the email for comments, contacts or signups to see how the anti-spam protection works. Also you can see the logs for the last 7 days at the Control panel or look at the folder “Spam” for banned comments.

Is the plugin effective against spam bots?

The plugin Anti-Spam by CleanTalk stops up to 99.998% of spam comments, spam signups (registrations), spam contact emails, spam subscriptions, spam bookings or spam orders.

¿Te protege el plugin de la fuerza bruta, ataques DoS y ataques de spam?

Sí, lo hace. Por favor, activar la opción ‘SpamFirewall’ en la configuración del plugin para proteger su sitio web de DoS/DDoS, ataques XMLRPC.

How does the plugin stop spam?

Please, note – administrator’s actions are NOT being checked.

The plugin uses several simple tests to stop spammers:

  1. JavaScript anti-spam test. 99% of spam bots don’t have full JavaScript functions support. So, the plugin has the code which can be run by normal visitor and can’t be run by the spam bot.
  2. Correo Electrónico, IP, comprobar la entrada de actividad de spam de dominio. El plugin utiliza la base de datos en línea en la actividad de spam, que consta de más de 20 millones de registros de actividades spam de los IPs, correo electrónicos, dominios y ASN. Si el IP o el correo electrónico del remitente está en la base de datos, el remitente recibe algunas puntuaciones de spam. Para reducir la tasa de falso/positivo el plugin no sólo utiliza la prueba de lista negra para prohibir los spammers, el remitente será prohibido cuando, y sólo cuando las pruebas múltiples de spam han fracasado.
  3. Comment submit time. Spam bots usually submit the info immediately after the page has been loaded, this happens because spam bots don’t actually fill the web form, they just send $_POST data to the blog. The normal visitor sends the data after several seconds or minutes.
¿El plugin antispam protegerá mi tema?

Yes, it will. The Anti-spam by CleanTalk is compatible with any WordPress theme.

What about pingback, trackback spam?

The plugin passes pingbacks without any checks by default. All trackbacks will be blocked if the sender had spam activity.

¿Puedo utilizar CleanTalk con Akismet?

Sure, you can use CleanTalk with Akismet. In this case you will probably have higher false/positive rate (when legitimate comments/signups are being denied), but you will have stronger anti-spam protection on your website.

¿Es CleanTalk mejor que Akismet?

Please look at this features comparison here

¿Puedo utilizar CleanTalk para eliminar la espera de comentarios de spam?

Yes, you can. The plugin has the option to test all pending comments via database of spam active IP/Email, found spam comments will be moved to Trash folder.

How does the plugin find spam in pending comments or registered accounts?

El plugin comprueba todos los comentarios que no son spam en la base de datos de lista negra y sabrá cuáles son los remitentes de correo no deseado que tienen actividad en otros sitios web.
Hay algunas diferencias entre la base de datos de lista negra y API para protegerle de registros/comentarios de spam bots en línea. Las listas negras muestran toda la historia de la actividad de spam, pero nuestra API (que se utiliza en las pruebas de spam) también se basa en otros parámetros: último día de la actividad, el número de ataques de spam durante los últimos días, etc. Estos mecanismos nos ayudan a reducir el número de resultados falsos. Por lo tanto, no hay nada extraño, si algunos emails/IPs no son encontrados por los comentarios a granel/cuentas de prueba.

Para revisar los comentarios por favor vayan aquí:

WordPress console -> Comments -> Find spam comments

Para revisar los usuarios por favor vayan aquí:

WordPress console -> Users -> Find spam users

Should I use other anti-spam tools (Captcha, reCaptcha and etc.)?

CleanTalk stops up to 99.998% of spam bots, so you can disable other anti-spam plugins (especially CAPTCHA-type anti-spam plugins). In some cases several anti-spam plugins could conflict with each other, so it would be better to use just one plugin.

Is the plugin compatible with WordPress MultiUser (WPMU or WordPress network)?

Yes, the plugin is compatible with WordPress MultiUser. Each blog in multisite environment has individual anti-spam options for the protection from spam bots.

After the installation I noticed that the number of spam attacks has been increased in the stats

There are a few reasons for this:

  • With the indexing of your web-site by the search systems, appearance of external links and better search results position, your web-site attracts more and more spambots.
  • Non-transparent protection systems like CAPTCHA or question/answer, that don’t have spam attacks stats, don’t let you see the whole picture, or the picture is incomplete.
  • Counting methods for spam attacks and spam bots are different for different systems, thus the diversity appears. We seek to provide detailed stats.
Why my dummy “spam” comment passed to the WordPress?

The plugin has several options to detect spam bots and humans. If you just post spammy text like this:

"I want to sell something", "Buy something here.." and etc

the comments will be passed, because the plugin detects sender as a human. So, use special email to test the anti-spam functionality or wait a few days to see how the plugin works.

Is it free or paid?

The plugin is free. But the plugin uses CleanTalk cloud service to filter spam bots. You have to register an account and then you will receive a free trial to test anti-spam for comments, registrations, bookings, contacts or orders. When the trial (on CleanTalk account) is finished, you can renew the subscription for 1 year or deactivate anti-spam plugin.

¿Puedo utilizar CleanTalk con plugins de caché?

Anti-spam by CleanTalk doesn’t use static HTML code in its templates, so all anti-spam functions work correctly with any WordPress cache plugins.

Does the plugin protect from spam bots if I use forms with third-party services?

Yes, it does. Plugin protects web-forms on your websites which send data to third-party servers (like MailChimp). To enable this protection set the option ‘Protect external forms’ in the plugin settings.

¿Es CleanTalk compatible con Cloudflare?

CleanTalk is fully compatible with CloudFlare. Service doesn’t filter CloudFlares IP’s (AS13335) through blacklists database, so in this case plugin/service filters spam bots using other anti-spam tests.

¿ Es CleanTalk compatible con una red de distribución de contenidos (CDN)?

Sí, lo es. CleanTalk funciona con cualquier sistema de CDN, es decir, CloudFlare, MaxCDN, Akamai.

¿Puedo utilizar la funcionalidad de CleanTalk en mis plugins?

Yes, you can. Just use following snippet:

    include_once( ABSPATH . '/wp-content/plugins/cleantalk-spam-protect/cleantalk.php' );
//for registration test:
$res=ct_test_registration("nickname", "", "");
//or for some other messages (contact forms, comments etc.)
$res=ct_test_message("nickname", "", "", "test message");

$res now contents array with two parameters:
* $res[‘allow’] – is request allowed (1) or not (0)
* $res[‘comment’] – comment for our server’s decision.

I see two loads of script cleantalk_nocache.js. Why do you use it twice?

This script is used for AJAX JavaScript checking. Different themes use different mechanisms of loading, so we use two methods for loading our script. If you absolutely know what you are doing, you can switch one of the methods off by defining constants in your wp-config.php file:

define('CLEANTALK_AJAX_USE_BUFFER', false); //false - don't use output buffering to include AJAX script, true - use it


define('CLEANTALK_AJAX_USE_FOOTER_HEADER', false); //false - don't use wp_footer() and wp_header() for including AJAX script, true - use it
¿Puedo añadir exclusiones para algunas páginas de mi sitio?

Yes, you can. Add this string in your wp-config.php file before defining database constants:

$cleantalk_url_exclusions = array('url1', 'url2', 'url3');

Now, all pages containing strings ‘url1’, ‘url2’, or ‘url3’ will be excluded from anti-spam checking. Remember, that this option will not be applied in registration and comment checking – they are always protected from spam. This is similar to regular expression /.url1./ or wildcard like url1.

For example: If you need to except these URLs:
You should type this in wp-config.php:

$cleantalk_url_exclusions = array('some');
Can I add exclusions for some IP addresses?

Yes, you can. Add this string in your wp-config.php file before defining database constants:

$cleantalk_ip_exclusions = array('', '');

Now, all requests from IP and will be excluded from anti-spam checking. Remember, that this option will not be applied in registration and comment checking – they are always protected from spam.

¿Qué No puedo enviar mis datos personales a los servidores CleanTalk?

Yes, you can exclude your data. Add this string in your wp-config.php file before defining database constants:

$cleantalk_key_exclusions = Array('key1', 'key2', 'key3'); 

Now all fields in your submissions with the keys named ‘key1’, ‘key2’ or ‘key3’ will be excluded from spam checking.

How to test SpamFireWall?

Use special IP in URL to test SpamFireWall. For example,
How can I enter access key in WPMU version?

To set up global CleanTalk access key for all websites in WPMU, define constant in your wp-config.php file before defining database constants:

define('CLEANTALK_ACCESS_KEY', 'place your key here');

Now, all subsites will have this access key.

Why is CleanTalk faster and more reliable than stand-alone solutions?

All anti-spam checks are held in the cloud and don’t overload the web server. The cloud solutions have a huge advantage since the parameters are being compared with information from more than 100,000 websites.

I see a lot of blocked messages with the reason “Forbidden. Please enable JavaScript. Spam sender name.” in my logs

A lot of spam bots can’t perform JavaScript code, so it is one of the important checks and most of the spam bots will be blocked with the reason “Forbidden. Please enable JavaScript. Spam sender name.” All browsers can perform JS code, so real visitors won’t be blocked.

If you or some of your visitors have the error “Forbidden. Enable JavaScript.” please check JavaScript support in your browser and do this JavaScript test at this page:

If you think that there is something wrong in the messages blocking, let us know about it. Please submit a support request here:

¿Funciona el plug-in con Varnish?

CleanTalk works with Varnish, it protects WordPress against spam, but by default the plugin generates a few cookies for the protection from spam bots and it also disables Varnish cache on pages where CleanTalk’s cookies have been stored. To get rid of the issue with cache turn off the option ‘Set cookies’ in the plugin settings.

WordPress console -> Settings -> CleanTalk -> Advanced settings

Now the plugin will protect WordPress comments, registrations and most of popular contact forms, but will not protect some of rarely used contact forms.

Does the anti-spam plugin work with Accelerated Mobile Pages (AMP)?

Yes, it does. But you have to turn off the option ‘Use AJAX for JavaScript check’ in Advanced settigns of the plugin to be fully compatible with Accelerated Mobile Pages.

¿Cómo cerrar la renovación o el aviso de prueba en el backend de WordPress?

Para cerrar el aviso por favor, guarde la configuración del plugin de nuevo o que se cerrará automáticamente en el plazo de 60 minutos después de la renovación.

I’m using PHP 4.2 version and i’m getting errors related with JSON. Why does it happens?

leanTalk is no longer supports PHP lower than 5.2 version because the support code have incompatibility with PHP 7 version. Please, upgrade your PHP. If you couldn’t perform that, let us know about it via support ticket here:

Should I change anything in the plugin’s settings or in my CleanTalk Control Panel when I switch my website from HTTP to HTTPS or vice versa?

No. You don’t need to change anything in the plugin’s settings or in your CleanTalk Control Panel. The plugin will work regardless of the protocol.

How to use Anti-Spam Log?

The following possibilities are available for you in the Anti-Spam Log:

  • Time period for all spam records you want to see.

  • Filter spam records by their status: Any status, Denied, Approved.

  • Filter spam records by your websites.

  • Filter spam records by country they came from.

  • Filter spam records by IP address, e-mail address or username.

  • Available options for a specific record:

    • Details – see item 4 below.
    • Spam/Not Spam – press this string if our system made wrong decision and blocked or approved a registration, a comment ot a contact form submission. More about it here:
    • Delete – delete a record permanently.
    • Personal blacklists – go to your website Black&White Lists page.
    • Record details: block reason, body of the message, additional caught data.
SpamFireWall and AntiSpam – Networks Blocking

Anti-Spam – will blocks users from selected IP or network from using contacts/messages/registrations/comments forms.
SpamFireWall – will blocks users from selected IP or network from entering the website.

Por favor, lea más aquí

Gestión de comentarios de spam

By default, all spam comments are placed in the spam folder, now you can change the way the plugin deals with spam comments:

  1. Move to the Spam folder. All spam comments will be placed to the folder “Spam” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

You can prevent the proliferation of Spam folder. It can be cleaned automatically using the option “Keep spam comments for 15 days.” Enable this option in the settings of the plugin: WordPress Admin Page -> Settings -> Antispam by CleanTalk -> Advanced settings -> enable “Keep spam comments for 15 days” -> Save Changes.

  1. Move to Trash. All spam comments will be placed to the folder “Trash” in the WordPress Comments section except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

  2. Ban comments without moving to WordPress backend. All spam comments will be deleted permanently without going to the WordPress backend except comments with Stop-Words. Stop-Word comments will be always stored in the “Pending” folder.

What comments were blocked and banned can be seen in the Anti-Spam Log here:

To manage the actions with spam comments, go to the Control Panel, select the website you want to change the actions for and go to “Settings” under the name of the website.

Por favor, lea más aquí:

¿Cómo informo un bot de spam perdido o un filtro incorrecto?

If you think the service has missed a spam bot or improperly filtered visitor to the website, you may notify us via the Anti-spam control panel. To do this,
Log in to Control panel
Click the line “Log” under the name of your website.
When you mark a record as “SPAM”, its e-mail and IP-address will be added to your personal blacklist for your website.
When you mark a record as “Not SPAM”, its e-mail and IP-address will be added to your personal white list for your website.

Por favor, lea más aquí

¿El plugin es rápido?

We develop plugin to do it as optimized as possible, CleanTalk doesn’t downgrade response time in backend or frontend. The plugin proccess only POST requests to WordPress core, it tackes less than 1 second to return results.



The website has just started to develop, but already attacking. Cleantalk copes.

Great tool!

Good tool for a reasonable price!
Started work immediately after installation, blocked about 90 spam comments during a week and allowed all good to be published.
Checked the existing users and comments for spammers and deleted those.

I Got spam after uninstall it (never had spam before)

I installed on my websites for a trial, I never had spam on my sites before I put it just in case, but I decided to uninstall it and after that I got several spam comments and contact form with spam in my websites coincidentally(?) I don’t think so…

Leer todas las 1.949 reseñas

Colaboradores y desarrolladores

“Spam protection, AntiSpam, FireWall, Cleaner by CleanTalk” es un software de código abierto. Las siguientes personas han colaborado con este plugin.


“Spam protection, AntiSpam, FireWall, Cleaner by CleanTalk” ha sido traducido a 4 idiomas. Gracias a los traductores por sus colaboraciones.

Traduce “Spam protection, AntiSpam, FireWall, Cleaner by CleanTalk” a tu idioma.

¿Interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN , o suscríbete al log de desarrollo por RSS .

Registro de cambios

5.89 February 21 2018

  • Improved spam filtration quality.
  • Improved compatibility.
  • Public widget: Styles and referral link added.
  • Dashboard widget: revised and fixed.
  • Minor fixes.

5.88 February 12 2018

  • Integration: ConvertPro.
  • Improvement: Search for visitor’s names in request.
  • Fix: Contact Form 7 message recognition.
  • Preparation for the remote plugin update.
  • Minor fixes.

5.87 February 2 2018

  • Filtration quality improved.
  • Fix: WP Foto Vote downloading images.
  • Fix: Fatal error for unsupported PHP 5.2.
  • Fix: Formidable Forms improved spam filtration.

5.86 January 25 2018

  • Fix: High CPU load with wp-ajax.php.
  • Fix: Mailpoet: Newsletter.
  • Fix: Gravity: Forms standardization for input fields.
  • Fix: ajax hook checks data for contact form.
  • Fix: UTF8 character in requests.

5.85 January 11 2018

  • Fix: Fast Secure contact form spam block message.
  • Fix: IP license status.
  • Layout: Dashboard widget description altered.

5.84 December 26 2017

  • Integration: PeepSo contact form
  • Repared: Feedback from comments page.
  • Fix: mb_* functions used only if exists.
  • Fix: Gravity forms: Multi-page form logic repared.
  • Fix: Gravity forms: AJAX form logic repared.
  • Minor fixes.

5.83.2 December 19 2017

  • Fix: Error in base class.

5.83.1 December 19 2017

  • Fix: CDN IP detection.

5.83 December 19 2017

  • Improving: Stability and compatibility.
  • Improving: Spam protection.
  • Fix: Comments logic filtration.
  • Fix: Admin bar counter.
  • Minor errors fixes.

5.82.1 December 7 2017

  • Fixed minor error with attaching JS and CSS files.

5.82 December 4 2017

  • Plugin doesn’t use PHP sessions anymore.
  • Bug fixes.
  • Improved update logic.

5.81 November 22 2017

  • Fixed error with “Show/Hide key” button.
  • Slightly improved spam protection for all forms.
  • Small errors fixes.

5.80 November 3 2017

  • Spam protection improved.
  • Improved filtration quality for WooCommerce checkout.
  • Minor fixes for SpamFireWall.

5.79 October 26 2017

  • Spam protection improved.
  • Fixed issue with existing spam comments check.
  • Added posibility to exclude IP from check.
  • Minor fixes.

5.78 October 16 2017

  • Improved compatibility with themes. Changed core functions prefix.
  • Fixed issue with WooCommerce checkout.
  • Spam protection improved.
  • Minor fixes.

5.77 October 2 2017

  • Connection report’s system.
  • Integration for CouponXXL Theme.
  • Fixed issue with mb_* functions.
  • Banners logic updated.

5.76 September 20 2017

  • Fixed issue with SpamFireWall and caching plugins.
  • Banners logic updated.

5.75 September 15 2017

  • Pause feature for users/comments spam check.
  • Improved protection from spam.
  • Small fixes.

5.74.2 September 2 2017

  • Fix for users spam check for PHP 5.3 and lower.

5.74.1 September 2 2017

  • Fix for the update system and cloud communication.
  • Added possibility to check users and comments for spam with a specific date range.

5.74 August 31 2017

  • Users and comments spam check: Two check types (fast and accurate).
  • Fix for WooCommerce checkout test.
  • Minor fixes.

5.73 August 11 2017

  • Fix for spam check for already existed users and comments.
  • SpamFireWall updated.
  • Layout fix for BT Comments.
  • Minor fixes.

5.72 July 27 2017

  • Improved spam check for existed users and comments.
  • Minor fixes.

5.71 July 20 2017

  • Improved spam protection for external forms.
  • Optimization.
  • Minor fixes.

5.70.2 July 17 2017

  • Fix for SpamFireWall for Multisite.

5.70.1 July 17 2017

  • Fix for SpamFireWall.
  • Spam detection improved.

5.70 July 13 2017

  • New updater logic.
  • Self cron system.
  • Improved AMP compatibility.
  • Optimization.
  • Fixed users and comments spam check.
  • Fixed layout for Comment’s feedback from public page.
  • Updated SpamFireWall.
  • SFW: SpamFireWall counter now work in real-time.
  • SFW: Improved compatibility with different Data Bases.

5.69 July 3 2017

  • Reviewer – integration.
  • Optimization for Users and Comments check for big databases.
  • Errors fixes.
  • Improved protection from spam.

5.68 June 22 2017

  • Contact Form for WordPress – Ultimate Form Builder Lite – integration.
  • Contact Bank – Contact Forms Builder – integration.
  • Smart Forms – integration.
  • cformsII – integration.
  • Contact Form by Web-Settler – integration.
  • Error fixes.

5.67.3 June 9 2017

  • Fixed JS attachment error.

5.67.2 June 5 2017

  • Fixed error with IP determination.

5.67.1 June 4 2017

  • Fixed JS error in 5.67 version.
  • Integrations: Enfold theme, Convertplug.
  • Links to check for Emails/IP for spam.
  • Control comments and feedback about them from public post’s page.
  • Improved connection stability with cloud service.
  • Spam protection improved.
  • Other small fixes.

5.67 June 1 2017

  • Integrations: Enfold theme, Convertplug.
  • Links to check for Emails/IP for spam.
  • Control comments and feedback about them from public post’s page.
  • Improved connection stability with cloud service.
  • Spam protection improved.
  • Other small fixes.

5.66 May 23 2017

  • Spam protection improved.
  • Major fixes for users and comments spam check.
  • Added feedback from WordPress comments list.
  • Fix for “internal forms check” option.
  • Fixed issue with caching SpamFireWall die page.
  • Other small fixes.

5.65 May 16 2017

  • Fix for PayPal redirecton.
  • Fixed issue with empty query for bulk comments test.
  • Added protection for Enfold contact form.
  • Ninja forms integration.

5.64 April 26 2017

  • Integration for Facebook registrations.
  • Small fixes for WPMS.
  • Fix for Activecampaign service.
  • Fix for check spam users.
  • Fixed rare notice Notice: Undefined index: REQUEST_URI

5.63 April 20 2017

  • Fix for the dashboard spam stat widget.
  • Added translation posibility for all text.

5.62 April 17 2017

  • Fix for the dashboard spam statistics widget.
  • Fix for users spam check.
  • Small appearance changes.

5.61 April 6 2017

  • Improved filtration.
  • Additional logic for the form recognizing.
  • Integration: Divi Theme Contact Form.
  • Fix: Gravity Forms multipages forms.
  • Stat Widget: Minor fixes.
  • Added possibility to download results of the users check in CSV format.
  • Alteration for settings page (footer).

5.60.1 March 29 2017

  • Fixed error function ‘locale_get_display_region’ no exists.

5.60 March 29 2017

  • Added main dashboard widget with spam sctivity stats.
  • Mailster – integration.
  • Base class updated.

5.59 March 24 2017

  • Users/comments check fix.
  • Plugin’s name changed to Anti-Spam by CleanTalk.
  • Trial banner is dismissable. Disapear for 24h or till logout.
  • Settings modified (Auto testing failed warning).
  • Mailing(inactive key) interval increased to 6 hours.

5.58.6 March 16 2017

  • Fix for Ninja forms (protection updated).
  • Fix for QA Theme.
  • Fix for RSVP form.
  • Setting changes (Spam FireWall).
  • Improved debug section.
  • Improved gathering data function.
  • Minor fixes.

5.58.5 March 6 2017

  • Minor backend fix.

5.58.4 March 6 2017

  • Users check fix (redirect after the check).
  • Fixed PHP Notice “HTTP_REFERER” is unset.
  • Updated Notice logic.

5.58.3 February 28 2017

  • Bitrix24 Contact form integration.
  • Users/comments check fix.
  • Spam sorting updated.
  • Banner showing logic.

5.58.2 February 17 2017

  • Cron fix for daily report.

5.58.1 February 16 2017

  • Minor fixes.

5.58 February 15 2017

  • Work without access key
  • Bitrix24 contact integration
  • Issues fixes

5.57.1 February 8 2017

  • Fix for notice logic.

5.57 February 8 2017

  • Setting page changes.
  • Bug fixes for WooCommerce.
  • SpamFireWall filters only GET requests.
  • Optimization.
  • Minor and major fixes.

5.56.1 January 25 2017

  • Arreglos menores

5.56 January 19 2017

  • Integrations: MailChimp Premium, Profile Press.
  • Changes comments flow.
  • FireWall updater fix.
  • Users check optimization.

5.55 December 23 2016

  • Integrations: Caldera Forms, Visual Form Builder.
  • Fix for different ‘cookies’ header names.
  • Fixed user deletion.

5.54 December 12 2016

  • Integrations: AmoForms, Contact Form Clean and Simple.
  • Comments check logic refreshed.
  • Registration JS error fix.
  • Users check fix.
  • Fix for translation system.
  • Minor fixes.

5.53.1 December 9 2016

  • Minor layout fixes.

5.53 November 28 2016

  • Addition warning before deleting users.
  • SpamFireWall is enabled by default.
  • Usernoise modal feedback / contact form : integration.
  • Translations.
  • Optimization.
  • Fixes.

5.52.1 November 14 2016

  • Users and comments check: Using new API method.
  • Quick Contact From: Integration via “Custom Contact Forms” setting.
  • JavaScript filtration improved.
  • Translation changes.
  • Optimized JavaScript code.

5.51 November 2 2016

  • Added protection for internal forms
  • Immediate spam check for comments and users from WP dashboard
  • Optimized code

5.50.1 October 24 2016

  • Improved filtration in contact forms.
  • SpamFireWall: Fixed issue with SFW logs
  • Skipping service fields: Fast Secure Contact Froms, QU Forms, Custom Contact Forms

5.50 October 20 2016

  • Custom contact forms: integration.
  • Pirate Forms: integration.
  • PHP 7 compatibility: Deleted third-party JSON library and dependences.
  • PHP 7 compatibility: Fixed end of lines.
  • YOAST Seo: Fixed PHP warnings.
  • SpamFireWall: Minor fix for SpamFireWall counter.
  • Only admin could access to CleanTalk dashboard (exclude Authors an Editors).
  • Improved filtration in contact forms.

5.49.2 October 5 2016

  • Second Fix for database error. Stable version.

5.49.1 October 5 2016

  • Fixed database error.

5.49 October 3 2016

  • SpamFireWall feature: Class upgraded.
  • New feature: Delete links from approved comments.
  • Settings: Grouped.
  • Settings: Altered description fixed spelling mistakes.
  • Settings: Added indicator for SpamFireWall.
  • Admin bar: Added SpamFireWall counter
  • Clean and Simple Contact Form: Direct integration.
  • WooCommerce: Don’t check password recovery form.
  • WooCommerce Wishlists: Issue with check for Google bots.
  • JetPack: contact form fix.
  • Fixed and created the defaults for all CleanTalk options.
  • Fixed spelling mistakes.

5.48 September 15 2016

  • buddyPress: Added private messages filtering. Doesn’t check user if he has 3 or more messages in the “sentbox” and “inbox” folders.
  • buddyPress: Added option in settings for private messages check.
  • WooCommerce Wishlist: Added check for wishlists.
  • Fixed issue with “check all post data” option.
  • Improved filtering for Gravity Forms
  • Mobile Assistant Connector fix
  • Minor fixes.

5.47 September 5 2016

  • WooCommerce: direct integration for checkout form.
  • WooCommerce Sensei: login form fix.
  • bbPress: Added the check for topics and comments with stop_words
  • bbPress: Skip check for admin in comments and topics
  • UserPro: fixes. Request without field “shortcode”
  • Contact Form 7: Bug fix.
  • SpamFireWall: Optimized logs rotation.
  • Updated inner functions (compatibility fix for PHP 5.4+)
  • Fixed output of counters (without spamfirewall stats)
  • Fixed spelling in settings
  • Added “Delete from the list” button in comments spam check page
  • Minor fixes.

5.46 August 17 2016

  • Fixed issue with admin bar links in WP Multi Network mode.
  • Added “All time counter” and “Daily counter” into admin bar.
  • Added settings to disable counters in admin bar.
  • New style for “Get access key manually” button.

5.45.2 August 4 2016

  • Added Anti-Spam protection for Quick Event Manager.
  • Improved bulk spam test for users. Now the plugin does not mark as Spam user, if the user IP address has spam activity more than 30 days ago.
  • Fixed bulk spam test for comments. Previous version had a conflict between spam history for IP and Email.
  • Minor fix function to get the API key.

5.45.1 July 26 2016

  • Fixed issue with missed spam messages, subscriptions.
  • Improved bulk spam test for comments. Now the plugin will not mark as Spam comments, if a comment sender (IP address) has spam activity more than 30 days ago.

5.45 July 21 2016

  • Optimized bulk spam comments deletion.
  • Turned off JavaScript anti-spam cookies if the option ‘Set cookies’ is turned off. It helps to avoid issues with Varnish.
  • Added links to bulk spam comments&users removal tool.

5.44.1 July 13 2016

  • Optimized options getting code.
  • Added the option ‘Protect Logged in users’ to do anti-spam tests for submissions by logged in users.

5.43.2 June 30 2016

  • Optimized anti-spam code for AJAX based contact forms.
  • Fixed CSS layout of counters in Admin bar (issue with layout in IE11).

5.43.1 June 23 2016

  • Added agent version in requests to test a connection between the website and servers.
  • Fixed issue with PHP notices in cleantalk-admin.php.

5.43 June 22 2016

  • Added spam protection for registrations via ‘Login with AJAX’ plug-in.
  • Added a new counter to Admin bar that allows to count spam and approved submissions since last reset.
  • Update the code that tests a connection between a website and CleanTalk’s servers. New version doesn’t generate submissions with email
  • Fixed issue with spam protection for nested forms by Formidable plug-in.

5.42 2016-06-15

  • Added anti-spam protection for UserPro.
  • Improved protection for Formidable forms + Varnish.
  • Improved bulk search for spam accounts.
  • Fixed spam protection for pages that contain multiple Formidable forms with same HTML ID.
  • Optimized PHP code to be compatible with PHP 5.4 and above. The patch has been applied to Formidable forms spam protection.
  • Minor fixes in plugin backend.

5.41 2016-05-31

  • Added HTTP response in plugin response if an network issue was happend.
  • Optimized JavaScript anti-spam test for Formidable forms.
  • Re-stored the option to auto redirect to plugn settings after plugin activation.
  • Updated Spanish, Russian translations.
  • Fixed issue with nasted fields in Formidable forms.

5.40.3 2016-05-26

  • Added option to encrypt (SSL) connection to CleanTalk anti-spam servers.
  • Added JSON encoding for AJAX forms.
  • Obfuscated private data for Custom contact forms option.
  • Optimized bulk users check for spam over blacklists database.
  • Fixed issue with lost connection to servers and JavaScript anti-spam test.
  • Fixed issue with WordFence and collect_details.

5.40.2 2016-05-11

  • Improved account status check logic.
  • Fixed issue with double anti-spam tests for FastSecure contact forms.
  • Fixed issue with nulled JavaScript variables assigned from backend. This issue might me occured on standart WordPress registration form and with failed JavaScript spam test.
  • Fixed issue with session_start() with PHP sessions stored in memcache.

5.40.1 2016-04-28

  • Fixed issue with Super Socializer.
  • Fixed issue with spam filtration for logged in users and Formidable forms.
  • Added logging of all submitted fields for FastSecure contact form.

5.40 2016-04-19

  • Added JSON encoding for posts that were protected via Custom contact forms option. It allows show anti-spam logs in the Dashboard in more comfortable view.
  • Minor fix in plugin settings.
  • Fixed pagination for bulk users spam test.
  • Fixed issue with unknown _SESSION.
  • Fixed issue with double SpamFireWall database upload.

5.39.1 2016-04-04

  • Improved AJAX based anti-spam test with HTTPS backends.
  • Added fix to avoid issue with empty ct_info_flag on JavaScript side.
  • Added logic to exclude caching for SpamFireWall.
  • Removed a condition to skip accounts with IP in spam test for registered acconts.

5.38.1 2016-03-24

  • Fixed issue with PHP sessions and ‘The session id is too long or contains illegal characters’.
  • Removed SpamFireWall protection on /feed page.
  • Disabled anti-spam tests for AJAX calls if the option ‘Custom contact forms’ is turned off.
  • Added reject notice for spam submissions on Gravity forms with AJAX calls.

5.37.3 2016-03-10

  • Fixed bug with broken MailPoet previews.
  • Fixed bug with broken Geo My WP pop-up windows.
  • Fixed issue with mb_convert_encoding() function.
  • Removed double JavaScript code in front-end.
  • Removed unused variables in anti spam logic.
  • Added option ‘Set cookies’ (turned on by default). If the option turned off, the plugin will not generate cookies, but in this case plugin will not protect some rarely used contact forms. Any way, turn this option off be compatible with Varnish in spam protection for WordPress core comments, registrations and most popular contact forms.
  • Added anti-spam protection for Gravity forms via option ‘Contact forms’ with hook gform_entry_is_spam().

5.36.1 2016-02-05

  • Corregido un fallo, cuando los usuarios reciben un error después de iniciar sesión
  • Improve anti-spam filters for contact forms.

5.36 2016-02-04

  • Improved JavaScript anti spam protection
  • Improvements for avoiding blocking requests from payment systems

5.35 2016-01-14

  • Added support for IP licensing
  • Some anti-spam protection improvements
  • Small backend interface fixes

5.34.1 2015-12-17

  • Fixed trackback antispam protection: improved checking mechanism
  • Fixed problem with blocking MailPoet: added exclusions in spam checking algorithm

5.34 2015-12-10

  • Improved spam checking mechanism
  • Added “Collect browser details” option for better antispam protection
  • Fixed custom contact forms checking for AJAX requests
  • Minor translations fixes

5.33.1 2015-12-04

  • Fixed issue with BBPress: restored old user permission checking mechanism
  • Fixed anti-spam comments checking: sometimes get_comments returned wrong comments number
  • Fixed bulk checking: made numeric indexes in users and comments arrays
  • Fixed trackback and pingback checking: removed exception for checking

5.33 2015-12-01

  • Backend interface fixes
  • Improved SpamFireWall efficiency
  • Improved performance of anti spam checking

5.32 2015-11-26

  • Added improvements for manual spam detection
  • Fixed errors in backend
  • Fixed bulk users anti spam checking
  • Added indicator for bulk spam checking
  • Added “Get access key automatically” button

5.31 2015-11-11

  • Improved backend performance
  • Fixed counter of approved/blocked spam attacks
  • Fixed SpamFireWall logging

5.30 2015-11-05

  • Improved anti-spam checking
  • Optimized performance
  • Fixed blocking email preview in MailPoet
  • Interface fixes
  • WPMU interface fixes

5.29 2015-10-27

  • Optimized performance
  • Corregido un fallo en formularios de contacto personalizado de comprobación de correo no deseado

5.28.7 2015-10-23

  • Optimized PHP sessions creation algorithm. This fix should increase plugin perfomance on hostings without retenion of PHP sessions files.
  • Removed autoredirection to plugin settings after plugin activation.

5.28 2015-10-16

  • Fixed errors in anti-spam checking
  • Restored options for spam checking registrations and cpmmon contact forms
  • Improved spam protection
  • Fixed problems with AJAX functionality in MailPoet, WooCommerce and other AJAX plugins

5.27 2015-10-13

  • Improvements in SpamFireWall feature
  • Code optimization
  • Backend interface fixes

5.26 2015-10-05

  • Added WordPress Language Pack support
  • Removed spam checking for some autorisation plugins
  • New experimental feature: SpamFireWall

5.25.2 2015-09-28

  • Corregido error de escritorio

5.25.1 2015-09-28

  • Añadido widget con estadísticas anti-spam
  • Added information about blocked spam attacks in admin dashboard and CleanTalk settings
  • Added ability not to check comments for users with 3 or above allowed comments
  • Added an option ‘Help others known CleanTalk’ to show information for site visitors, that your site is protected from spam by us
  • Some backend interface settings

5.24.1 2015-09-16

  • Fixed some errors in frontend
  • Fixed access key saving

5.24 2015-09-14

  • Backend interface fixes
  • Improvement for AJAX JavaScript spam checking

5.23 2015-09-01

  • Fixed BuddyPress profile search false positivities of anti-spam protection.
  • Some interface fixes of bulk users & comments spam checking

5.22 2015-08-26

  • Fixed possible XSS issue for anti-spam test on third-party forms.

5.21 2015-08-21

  • Corregido un fallo con saltarse las presentaciones de spam
  • Corregido el error con la recepción de user_token antiguo para ver estadísticas anti-spam
  • Small backend fixes

5.20 2015-08-15

  • Fixed anti-spam stats in admin bar – now stats updates every hour
  • Fixed issue with skipping spam submissions
  • Added some PHP-constants for advanced users – CLEANTALK_AJAX_USE_BUFFER and CLEANTALK_AJAX_USE_FOOTER_HEADER can be defined to true or false in wp-config.php to control method, which will be used for injection of AJAX script.

5.19 2015-08-11

  • New feature: anti-spam checking for registered users
  • Fixed issue with AJAX JavaScript anti-spam test.
  • Fixed issue with SEO Yoast xml sitemaps and JavaScript anti-spam test.

5.18 2015-08-04

  • Fixed issue with user_token
  • Added anti-spam API, see our FAQ

5.17 2015-07-23

  • Fixed infinite redirection after activation
  • Minor backend fixes

5.16 2015-07-22

  • Fixed external services checking
  • Fixed mass comments deletion
  • Fixed AJAX anti-spam protection

5.15 2015-07-16

  • New feature: anti-spam protection for forms, that uses external services

5.14 2015-07-03

  • Added anti-spam protection for some themes and plugins
  • Some backend fixes

5.13 2015-06-12

  • Closing notification for anti-spam renew
  • Corregido la mayoría de la comprobación del comentario anti spam.

5.12 2015-06-01

  • Added option for checking all post data for spam
  • Some JavaScript protection improvements
  • Added option for old JavaScript check (without AJAX)

5.10 2015-05-25

  • Fixed Javascript error on some forms

5.9 2015-05-21

  • Se corrigió el error de Javascript en CF7 y JetPack
  • Algunos arreglos del escritorio y frontend

5.8 2015-05-18

  • Arreglos menores

5.7 2015-05-18

  • Arreglo de la traducción Francesa
  • Fixed protection algorithm

5.6 2015-05-11

  • Fixed translation
  • Fixed bulk comments anti-spam checking
  • Added option for disabling anti spam stats in adminbar
  • Varios arreglos de seguridad

5.5 2015-04-29

  • Fixed security issue
  • Some interface fixes

5.4 2015-04-27

  • Some interface and functionality changes in plugin settings page
  • Added counter for anti-spam stats in admin bar

5.3 2015-04-13

  • Added anti-spam protection for Divi theme contact forms
  • Added anti-spam protection for MyMail contact forms
  • Added anti-spam protection for MailPoet Newsletters
  • Some interface and functionality changes in backend

5.2 2015-04-01

  • Added link for anti-spam stats
  • Added WP User Frontend Pro registration form protection

5.1 2015-03-24

  • Fixed site crash after installing 5.0 on some websites

5.0 2015-03-24

  • Added bulk comments checking for spam via CleanTalk blacklists
  • Added anti-spam form protection for ‘Ajax Login & Register’
  • Fixed JetPack form protection

4.24 2015-03-20

  • Added immediate spam protection activation.

4.22 2015-03-17

  • Added button for automatic spam protection key getting.

4.21 2015-03-11

  • Added license renew notification.

4.20 2015-03-03

  • Added German, Italian, Polish, Portuguese translations.
  • Código menor arreglado

4.19 2015-02-24

  • Increased keys lifetime for JS spam test.

4.18 2015-02-17

  • Fixed bug with comments approvement – moved ct_unmark_red() to cleantalk-admin.php
  • Added PayPal ‘payment_status’ in skip list.
  • Added Akismet ‘spam’ status processing.

4.17 2015-02-12

  • New base class.
  • Divided code to 3 separate files – common, public and admin.

4.16 2015-02-05

  • New base class.
  • Fixed JetPack spam filters logics.
  • Optimized Formidable, bbPress, BuddyPress spam filters.

4.15 2015-01-29

  • Support spam test for Contact Form 7 versions before 3.0.0.
  • Fixed global JS-vars for JS spam test.
  • Fixed online notice cookie logics.
  • Optimized spam filters for FSCF, WooCommerce, JetPack.
  • Optimized option getting.

4.14 2015-01-19

  • Removed deprecated option from comment approvement code.
  • New API key URL.
  • Trimmed API key in admin panel.
  • Added current options to array sended to CleanTalk servers.

4.13 2014-12-29

  • Solución del problema con mejora automáticamente no spam de los comentarios. Ahora bien, esta opción desactivada y no anula la póliza local de WordPress.

4.12 2014-12-29

  • Fixed bug with ‘Wrong Access key…’ notice in WordPress dashboard.
  • Fixed filtration bug in WordPress dashboard login form.

4.11 2014-12-22

  • Improved anti-spam protection for custom contact/registration/subscribe forms.
  • Improved anti-spam protection for comments.
  • Accelerated plugin speed for comments, regirstrations and contacts.
  • Se ha agregado la traducción al Francés.

4.10 2014-12-10

  • Improved anti-spam protection for custom contact/registration/subscribe forms.
  • Option ‘Custom contact forms’ enabled by default for new setups.
  • Removed settings “Publish relevant comments”, “Use encrypted (SSL) connection”.
  • Se ha agregado la traducción al Danes (gracias a Mikkel de

4.9 2014-11-24

  • Fixed spam test for Contact Form 7.

4.8 2014-11-19

  • Improved anti-spam protection for BuddyPress registrations and custom contact forms.

4.7 2014-11-16

  • Fixed JavaScript spam test for FastSecure contact form.

4.6 2014-11-11

  • Improved anti-spam protection on BuddyPress registrations.
  • Improved anti-spam protection on contact forms.
  • Removed plugin sign from pending, spam comments. To get details about a comment please use Dashboard at
  • Improved Access key validation function.
  • Added protection for bbPress comments via stop list. Stop list function is a list to reject comments by prefiled words. To fill the list please use Dashboard at

4.5 2014-11-04

  • Fixed CF7 JavaScript bug.
  • Fixed rejects in bbPress guests comments.

4.4 2014-10-29

  • Improved anti-spam JS test for CF7.
  • Fixed ‘noscript’ text in FaceBook Like preview in Valenti theme.

4.2 2014-10-20

  • Fixed double checks issue for BuddyPress registrations.
  • Increased timeout limits to find the work server.

4.1 2014-10-13

  • Optimized code for manual moderation feedback sending.
  • Optimized anti-spam algorithms for comments, contacts and signups.

4.0 2014-10-06

  • Improved anti-spam protection for custom contact forms.
  • Improved anti-spam protection for registration forms.

3.9 2014-10-01

  • Did exception to do not break to create new user in WordPress backend.

3.8 2014-09-19

  • Fixed json_encode() + malformed characters.
  • Fixed JavaScript issue with wpautop().

3.6 2014-09-15

  • Fixed preg_match() issue for Formidable forms and Custom contact forms.
  • Improved anti-spam protection for Custom contact forms.

3.4 2014-09-04

  • Hemos añadido anti-spam para formularios de contacto de temas y formularios de plugins no probados. Para utilizar esta prueba activa la opción de “Formulario de contacto personalizados” en la configuración del plugin.
  • Hemos añadido la rotación automática de comentarios de spam. Ahora el plugin quita los comentarios en la carpeta de spam con más de 15 días después. Esta opción está activada de forma predeterminada.

3.2 2014-08-27

  • Fixed submit_time() logic for failed submits (comments/registrations). Now form fill time resets after every failed submit.

3.1 2014-08-19

  • Added anti-spam test over senders Cookies.
  • Improved form fill anti-spam test.
  • Improved speed selection of the nearest server to website.
  • Improved anti-spam speed for comments.
  • Relevance anti-spam test disabled by default. To enable test should be used option ‘relevance_test’.

2.58 2014-08-06

  • Added anti-spam protection for signups posted via WooCommerce order form.
  • Improved anti-spam protection for Contact Form 7.
  • Se ha mejorado la protección antispam para los registros. Ahora el plugin busca los resultados de prueba anti-spam de JavaScript no sólo en POST array, sino también en COOKIES array. Esta mejora permite proteger los formularios de registro para cualquier plugins y temas no probado.
  • Updated PHP API. Now the plugin can resolve sender IP for websites behind proxy servers. If the proxy servers uses private IP address.

2.57 2014-07-29

  • Improved anti-spam protection for comments. The plugin now proccessing website url in the comments form.
  • Fixed sign remove logic for approved comments. Previous version doesn’t cut sign for comments approved via AJAX call in WordPress backend.
  • Fixed switching to SSL for comments. Previous version doesn’t use secured connection for comments.

2.56 2014-07-21

  • Corregida la lógica de la cuenta verificación de estado. Versión anterior hace llamadas a la API de pruebas innecesarias cuando el plugin pide comprobación del estado de cuenta.

2.55 2014-07-11

  • Fixed bug with account status function. In backend the plugin showed notice ‘Please don’t forget to disable CAPTCHA if you have it!’ on every page.

2.54 2014-07-11

  • Fixed signup anti-spam protection logic for BuddyPress registrations.
  • Fixed anti-spam protection for JetPack contact form.
  • Cambiar la cuenta lógica de comprobación de estado.

2.53 2014-06-27

  • Fixed anit-spam protection bug for signups.
  • Changed anti-spam functions (comments and signups) priority.

2.52 2014-06-25

  • Fixed ‘Fatal error: Call to a member function get_error_code()’ issue with signups via BuddyPress.

2.51 2014-06-23

  • Added spam protection for registrations via plugin New User Approve by Josh Harrison. If the CleanTalk matched signup as spam this signup will be denied to placing in pending queue.
  • Se agregó la opción “Usar (SSL) conexión segura a CleanTalk nube”. Si la opción activada del plugin se comunicará con los servidores CleanTalk a través de un cifrado de 128bits de canal de datos. Por lo tanto, si usted tiene formularios web protegidos SSL en el sitio web puede utilizar esta opción para asegurarse que los datos personales de los visitantes se transmite de forma segura a los servidores CleanTalk.
  • Fixed minor bug with loading backend functions.

2.49 2014-06-10

  • Added spam protection for S2Member forms.
  • Added spam protection for multisite signup form.
  • La función de cuenta de comprobación de estado optimizado.

2.46 2014-05-19

  • Added: HTML notice about the need to enable JavaScript.
  • Fixed: Fixed pingbacks anti-spam test.

2.44 2014-05-12

  • Added: Anti-spam protection for S2Member framework.
  • Improved: JavaScript anti-spam test.
  • Improved: Plugin load time for backend and frontend.
  • Se ha corregido: Advertencia de PHP mb_convert_encoding ()

2.42 2014-04-29

  • Fixed: JavaScript anti-spam test for comments.

2.40 2014-04-25

  • New: Fast Secure Contact form support.
  • New: WordPress Landing Pages support

2.38 2014-03-27

  • Fixed: Registraion form submit time spam test.

2.36 2014-03-12

  • Reversed to patches from old revisions.

2.35 2014-03-12

  • New: Notifications about disabled account
  • New: Improved JavaScript spam test.
  • Arreglado: Optimización del código
  • Fixed: JavaScript test for signups.

2.33 2014-02-12

  • Fixed: CURLOPT_FOLLOWLOCATION bug at admin notice

2.32 2014-02-04

  • New: Added notice about automatically approved comment. The notice shows only for first approved comment and only for new commentators (without approved comments) of the blog.
  • New: At WordPress console added banner for notices.
  • Changed: Screenshots updated.

2.31 2014-01-24

  • New: Added spam protection for JetPack comments
  • Fixed: cURL connection issue “Expect: 100-continue”

2.30 2014-01-13

  • Cambiado: Se ha mejorado la conexión lógica de servidores.
  • Fixed: Antispam test for Fomidable forms.

2.28 2013-12-19

  • New: Added protection against spam bots for WooCommerce review form.
  • Fixed: JavaScript anti-spam logic for WooCommerce review form.

2.27 2013-12-06

  • New: Added protection against spam bots for JetPack Contact form.
  • Fixed: JavaScript anti-spam logic for registrations and Contact form 7.

2.25 2013-11-27

  • New: Added protection against spam bots for BuddyPress registrations.
  • New: Added protection against spam bots for Contact form 7.
  • Nuevo: Se agrego la traducción Española (es_ES).

2.23 2013-11-20

  • New: Added automatic training blacklists on spam bot account deletion.
  • New: Added URL to project homepage at plugin options.
  • Cambiado: Se ha mejorado la lógica anti-spam.

2.21 2013-11-13

  • Changed: WordPress blacklists settings get priority over plugin’s anti-spam settings
  • Changed: Disabled management approval comments for regular commentators of the blog. Automatically approved for publication only the comments of the new blog authors.
  • Changed: Removed form submit time test. Imporved JavaScript spam test.
  • Cambiado: Optimización del código PHP

2.19 2013-11-08

  • New: Antispam protection from spam bots at the registration form
  • Changed: Russian localization for admin panel
  • Cambiado: Optimización del código PHP

2.5.18 2013-11-01

  • Se arreglo: El problema con la selección de los últimos comentarios para la entrada
  • New: Antispam protection for Formidable feedback forms
  • Nuevo: La eliminación automática de los comentarios de spam obsoletos
  • Nuevo: opción On/Off para el filtrado los comentarios de spam
  • Se comprobó hasta WordPress 3.7.1

2.4.15 2013-09-26

  • Se arreglo: El problema con los comentarios de eliminación masiva
  • Changed: Russian localization for admin panel
  • Probado con la configuración de multisitio (red de WordPress o WPMU)

2.4.14 2013-08-29

  • Changed: Removed feedback requests to the servers for banned (spam) comments.

2.4.13 2013-08-19

  • Changed: Switched HTTP requests from file_get_contents() to CURL. Added file_get_contens() as backup connection to the servers.
  • Changed: Removed feedback requests for comments moved to trash.
  • Fixed: “Fail connect to servers…” error on hostings with disabled ‘allow_url_fopen’ PHP option.

2.4.12 2013-08-12

  • Removed RPC::XML library from plugin.
  • Switched plugin to HTTP+JSON connection with servers.
  • Fixed bug with comments anti-spam tests with non UTF8 codepage.

2.4.11 2013-08-02

  • Removed spam tests for self-made pingbacks
  • Se comprobó hasta WP 3.6

2.4.10 2013-07-24

  • Se arreglo la advertencia en PHP 5.4
  • Fixed bug with disabling comments test for Administrators, Authors and Editors
  • “Stop words” settings moved to Control panel of the service
  • “Response language” settings moved Control panel of the service


  • Fixed extra debugging in base class


  • Se ha habilitado la conversión a UTF8 para comentarios y el ejemplo de texto
  • Se Optimizo el código PHP


  • Enabled selection the fastest server in the pool
  • Fixed work server in plugin’s config


  • Secured md5 string for JavaScript test
  • Se ha agregado las solicitudes de marca de tiempo para calcular el tiempo de solicitud de trabajo
  • Update base CleanTalk’s PHP class


  • Improved perfomance for processing large comments (over 32kb size)
  • Improved perfomance for bulk operations with comments in Comments panel
  • Se ha agregado la solicitud de alimentación con el URL para aprobar comentario


  • Corregido un fallo con la prueba de JavaScript y plugins de WordPress caché


  • Added option “Publicate relevant comments” to plugin’s options.
  • Added descriptions to plugin options


  • Fixed HTTP_REFERER transmission to the servers
  • Improved JavaScript spam test
  • Se Optimizo el código PHP


  • Pingback, comentarios trackback se ha trasladado a la moderación manual
  • Added transmission to the serves comment type and URL
  • Título de la entrada, el cuerpo y los comentarios separados en elementos de datos individuales
  • Added priority for matched words in the comment with post title
  • Enabled stop words filtration as default option


  • Removed PHP debugging.


  • Added notice at admin panel about empty Access key in plugin settings
  • Removed HTTP link to the site project from post page
  • Removed unused options from settings page
  • Ah sido comprobado hasta WordPress 3.5


  • Corregido un fallo con session_start.


  • Plugin rename to CleanTalk. Spam prevent plugin
  • Integration Base Class version 0.7
  • Added fast submit check
  • Added check website in form
  • Added feedbacks for change comment status (Not spam, unapprove)
  • Added function move comment in spam folder if CleanTalk say is spam
  • Disable checking for user groups Administrator, Author, Editor
  • Marked red color bad words


  • Adición: Título del mensaje adjunto al texto del ejemplo en la herramienta de publicación automática.
  • Comprobado con WordPress 3.4.1.


  • HTTP_REFERER error arreglado


  • Se ha agregado soporte regional del usuario, probado hasta WP 3.4


  • Primera versión