WordPress Zero Spam

Zero Spam makes blocking spam comments a cinch. Install, activate and enjoy a spam-free site. Even supports third-party plugins!

Why should your users prove that they’re humans by filling out captchas? Let bots prove they’re not bots with the WordPress Zero Spam plugin.

WordPress Zero Spam blocks registration spam and spam in comments automatically without any additional config or setup. Just install, activate, and enjoy a spam-free site.

Zero Spam was initially built based on the work by David Walsh.

Major features in WordPress Zero Spam include:

No captcha, spam isn’t a users’ problem
No moderation queues, spam isn’t a administrators’ problem
Blocks 99.9% of spam registrations & comments
Supports caching plugins to help provide great performance
Blocks spammy IPs from ever seeing your site
Extend the plugin with action hooks
Theme & plugin integration for any form on your site
Optional logging, so you can see who’s trying to spam
Advanced settings for complete control

Supported Plugins

Contact Form 7
Gravity Form
Ninja Forms
BuddyPress
WPForms

Note: This plugin does not work with Jetpack Comments. For more information, see https://wordpress.org/support/topic/incompatible-with-jetpack-comments.

Languages: English

If you have suggestions for a new add-on, feel free to email me at [email protected] Want regular updates? Follow me on Twitter or visit my blog.

Credits

Thanks to David Walsh @davidwalshblog for the inspiration behind this plugin.

Contributors

Plugin Installation

Upload the zero-spam folder to the /wp-content/plugins/ directory
Activate the plugin through the ‘Plugins’ menu in WordPress

Theme Integration

You can integrate WordPress Zero Spam with any theme or plugin. Just add the class zerospam to a form element and the following at the beginning of your validation function:

<?php
if ( zerospam_is_valid() ) {
  // Valid form submission.
} else {
  // Invalid form submission.
  zerospam_log_spam( 'My Custom Form', 'http://www.myurl.com/custom-form' );
}

For more information and a full list of helpers you can use if your theme or plugin, see the helpers.php file.

Is JavaScript required for this plugin to work?

Yes, that’s what does the magic and keeps spam bots out.

I keep getting ‘There was a problem processing your comment.’

Be sure JavaScript is enabled and there are no JS errors.

Can I extend the plugin with action hooks?

Yes, see below:

zero_spam_found_spam_registration – Runs after a spam registration is detected
zero_spam_found_spam_comment – Runs after a spam comment is detected
zero_spam_found_spam_cf7_form_submission – Runs after a spam Contact Form 7 form submission is detected
zero_spam_found_spam_gf_form_submission – Runs after a spam Gravity Form submission is detected
zero_spam_ip_blocked – Runs after a blocked IP attempts to visit the site
zero_spam_found_spam_buddypress_registration – Runs when a BuddyPress spam registration is detected
zero_spam_found_spam_nf_form_submission – Runs when a spam Ninja Forms submission is detected
zero_spam_found_spam_wpf_form_submission – Runs when a spam WPForms submission is detected

Does this plugin support Contact Form 7 forms?

Yes! Thanks to @leewillis77.

Does this plugin support Gravity Forms forms?

Yes! Thanks to @shazahm1.

Does this plugin support BuddyPress?

Yes!

Does this plugin support NinjaForms?

Yes!

Does this plugin support WPForms?

Yes! Thanks to @jaredatch.

Does this plugin work with caching plugins like W3 Total Cache?

Yes! Thanks to @shazahm1.

Does this plugin work with multisite?

Yes! Thanks to @afragen. When using with multisite the plugin may be network activated or used individual sub sites.

Can I blacklist spammy IPs to CloudFlare?

Yes! Install Sunny and follow this guide.

v3.1.1 (June 6, 2019)

[bug] Fix for IP lookup.
[bug] Fix for PHP notice on admin page about count().
[bug] Fix for admin dashboard when loading spam.
[bug] Bug fix: fix parse error, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/153)
[enhancement] Readme: add minimum PHP version tag, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/152)
[enhancement] Simplify the uninstall file, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/154)
[enhancement] CS: use single-quoted strings, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/163)
[enhancement] CS: use lowercase for special PHP constants, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/162)
[enhancement] CS: comma after last array item in multiline arrays, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/161)
[enhancement] QA: don’t even risk overriding a WP global variable, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/160)
[enhancement] CS/QA: review of all include and require statements, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/159)
[enhancement] QA: remove redundant security check, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/158)
[enhancement] QA/performance: remove duplicate function calls, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/157)
[enhancement] CS: don’t use inline control structures, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/156)
[enhancement] QA: adjust security check, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/164)
[enhancement] CS: normalize inline whitespace usage, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/165)

v3.1.0 (June 4, 2019)

[bug] install/activation routine would never run, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/148)
[bug] option may not be set, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/149)
[enhancement] Improve zerospam_get_ip(), thanks @ben-morin (https://github.com/bmarshall511/wordpress-zero-spam/pull/143)

v3.0.6 (December 27, 2016)

[bug] Gravity Forms submission fix (https://github.com/bmarshall511/wordpress-zero-spam/pull/140).

v3.0.5 (December 23, 2016)

[bug] Gravity Forms submission fix.

v3.0.4 (November 24, 2016)

[bug] Fixed IP location lookup issue.
[enhancement] Updated the Grunt development tasks.

v3.0.3 (November 23, 2016)

[bug] Fixed issue with settings not getting saved (https://wordpress.org/support/topic/can-unselect-default-options/).
[bug] Fixed PHP notice on Spammer Log page.
[bug] Removed outdated CloudFlare instructions.
[enhancement] Made the JS file version dynamic.

3.0.2

Fixed fatal error.

3.0.1

Added the default options when the plugin is activated.

3.0.0

Lots of updates & fixes! Improved code documentation to help promote contributions.

2.2.1

Fixed uninstall issue, thanks @thiagolcks (https://github.com/bmarshall511/wordpress-zero-spam/pull/139)

2.2.0

Fixed security issue, thanks @thiagolcks (https://github.com/bmarshall511/wordpress-zero-spam/pull/138)

2.1.2

Fixed issue with Gravity Forms not working, thanks @karpstrucking & @jaredatch (https://github.com/bmarshall511/wordpress-zero-spam/issues/132)
Updated the repo link on the admin page (https://github.com/bmarshall511/wordpress-zero-spam/issues/124)

2.1.1

Minor updates

2.1.0

Added support for WPForms (https://github.com/bmarshall511/wordpress-zero-spam/issues/129)

2.0.2

Added the ‘contactform’ id to fix issue with valid comments not getting through (https://wordpress.org/support/topic/false-positives-6)
Updated readme file

2.0.1

Updates to the readme file
Fixed Contact Form issue forcing users to submit twice (https://github.com/bmarshall511/wordpress-zero-spam/issues/118)

2.0.0

Added CloudFlare instructions (https://github.com/bmarshall511/wordpress-zero-spam/pull/107)
Added ability to integrate with any theme or plugin (https://github.com/bmarshall511/wordpress-zero-spam/issues/116)
Added support for Ninja Forms (https://github.com/bmarshall511/wordpress-zero-spam/issues/114)
Complete rewrite of plugin code & structure
Added plugin icon

1.6.0

Made minor modification on how spam comments are detected. Tested & verified working as expected.
Changed how Gravity Forms spam is detected. Needs to be tested & verified.

1.5.4

Fixed issue with CF7 validation in the latest version – 4.1 (https://wordpress.org/support/topic/contact-form-7-version-41-no-longer-prevents-spam-using-wp-zero-spam?replies=4)

1.5.3

Fixed Gravity Form issues (https://github.com/bmarshall511/wordpress-zero-spam/issues/101)

1.5.2

Added IP location service (https://github.com/bmarshall511/wordpress-zero-spam/issues/84)
Improved pagination (https://github.com/bmarshall511/wordpress-zero-spam/issues/91)
Made date/times match site’s WP time, not servers (https://github.com/bmarshall511/wordpress-zero-spam/issues/89)
Removed the banner image to boost performance (https://github.com/bmarshall511/wordpress-zero-spam/issues/86)
Enhancements to the admin JS to boost performance
Works with Multisite as network activated or per sub site (https://github.com/bmarshall511/wordpress-zero-spam/issues/85)
Added BuddyPress support (https://github.com/bmarshall511/wordpress-zero-spam/issues/61)

1.5.1

Added missing code documentation and fixed typos (https://github.com/bmarshall511/wordpress-zero-spam/issues/64)
Fixed issue with settings not getting initially saved when the plugin is activated. (https://github.com/bmarshall511/wordpress-zero-spam/issues/69)
Added ability to auto block spam IPs (https://github.com/bmarshall511/wordpress-zero-spam/issues/71)
Added paging to spammer log and blocked IPs (https://github.com/bmarshall511/wordpress-zero-spam/issues/60)
Added additional stats and graphs (https://github.com/bmarshall511/wordpress-zero-spam/issues/75)
Fixed issue with comment moderators not being able to reply to comments (https://github.com/bmarshall511/wordpress-zero-spam/issues/74)
Fix issue with DB errors when first activating plugin (https://github.com/bmarshall511/wordpress-zero-spam/issues/80)

1.5.0

Switched to using a nonce to validate form submissions that support WordPress Zero Spam
Added Zero Spam plugin settings page for advanced control
Fix for for non-logged in users (https://github.com/bmarshall511/wordpress-zero-spam/pull/27, thanks @afragen)
Added blank index.php files to prevent directory browsing (https://github.com/bmarshall511/wordpress-zero-spam/pull/24, thanks @TangRufus)
Added uninstall.php (https://github.com/bmarshall511/wordpress-zero-spam/pull/23, thanks @TangRufus)
Addded support for GitHub Updater plugin (https://github.com/bmarshall511/wordpress-zero-spam/pull/21, thanks @afragen)
Added support for Contact Form 7 form submissions (https://github.com/bmarshall511/wordpress-zero-spam/pull/26, thanks @leewillis77)
Added ability to log spam detections
Fix for warnings cause by default settings not being set before actions run (https://github.com/bmarshall511/wordpress-zero-spam/pull/31, thanks @leewillis77)
Installed Compass (http://compass-style.org/)
Added support for Gravity Forms
Fixed potential issue with sites that use caching plugins
Fixed minor typos (thnaks @macbookandrew)

1.4.0

Added zero_spam_found_spam_comment and zero_spam_found_spam_registration action hooks (thanks @tangrufus)
Minor updates to the readme file

1.3.1 – 1.3.3

Minor fixes to WP SVN repo

1.3.0

Removed Grunt creation of the trunk directory
Added spam detection script to registration form

1.2.1

Fixed some typos in the readme.txt file

1.2.0

Removed testing for core function testing
Fix for adding comments from admin (thanks @afragen)
Removed unneeded WP svn trunk and tags folders from the git repo (thanks @afragen)

1.1.0

Updated theme documentation.
WordPress generator meta tag removed to help hide WordPress sites from spambots.

1.0.0

Initial release.