WordPress.org

Author: Daniel Frużyński

This plugin protects registration, login and comment forms from spambots by adding two extra fields hidden by CSS. This approach gave me 100% anti-spam protection on one of my sites.

The idea behind this plugin is simple: SPAMBOTs either fill every form field they find (generic spambots) or fill WordPress-specific fields only (spambots which will recognise WP or are targeting WP only). Therefore it is sufficient to add two extra text fields to form (one empty and one with predefined value), and check theirs values after form is submitted. 1st field (empty one) will be filled by generic spambots, and 2nd one will not be filled by spambots targeting WP only. With these two simple checks probably all spambots can be easily detected, so WP can return error "403 Forbidden" for them.

These two extra fields are hidden with CSS rule, so they will not be visible for most users. Only users with text-based browsers (and very old ones which not support CSS) will see them, but don't be afraid - plugin has special message for them.

Not surprisingly, some spammers found Invisible Defender too and updated their spamming software to detect and bypass this plugin. Therefore I started adding new protection methods. First one is blacklist for heavy spammers; more will be added soon.

Invisible Defender also shows number of blocked spammers in Dashboard, so you can see that it really works.

Available translations:

• English
• Polish (pl_PL) - done by me
• Russian (ru_RU) - thanks Fat Cow
• French (fr_FR) - thanks Lise
• Italian (it_IT) - thanks Gianni
• Hungarian (hu_HU) - thanks Péter
• German (de_DE) - thanks pixeltunes

Changelog