Ready to get started?Download WordPress

Plugin Directory

Stop Spammers

The Stop Spammers Plugin checks comments and logins using many methods to stop spammers.


  • addd a warning that plgin will not work without cloudflare plugin when using cloudflare.
  • fixed a captcha bug.


  • fixed a captcha bug.


  • Fixed mistake in using transients.
  • added a check that GD is loaded to make sure that the captcha will work.


  • Removed all IP address reporting of when an ip addresses is found in header information. IP address is actively being spoofed by adding headers for a proxy server. This allows IPs to be pass lookup tests at SFS and Akismet. It also allows the reporting of good addresses as spam. Spammers may have been using whitelisted IP numbers to bypass checks, which is no longer possible.
  • Stopped trusting proxy server addresses - when a header from a proxy server is detected, I assume that it is an attempt to spoof IP address. This makes it difficult for Cloudflare, Proxy users and VPN users to use the site as they may be marked as spammers when they are not. I had to add a fix - see next point.
  • Added a second chance CAPTCHA on failed events. A sysop can turn it off. This will prevent blocking good users who use proxy servers.
  • Added a switch to quickly turn off all database lookups. The plugin is only about 50% effective when this is done.
  • fixed some bugs in TOR lookup and data sanitizing.
  • Made changes to data display to prevent cross browser or JavaScript attacks.
  • Akismet is still turned off for now. I have yet to figure out why Akismet does not work.
  • Deleted widget. Moved it into the main plugin for those who need it, but it is no longer a separate plugin. It will still show up on the widgets menu, but may have to be dragged to the sidebar again.


  • Fixed security issue in white list requests.


  • Change version on widget.


  • fix problem with emails not working. By default wp_mail checks for spammers, the spammer could not send spam notifications to the admin. Removed hooks when logging white list requests.
  • added a link to new user notifications so that admins could click the link to the user maintenance page directly. This looks like it should be a standard WordPress feature.
  • Added a time out to the caches. Good ips time out in 1 hour. Bad ips time out in 4 hours. This forces a second check on ips after an hour so that a new spammer can't keep spamming. It also forces rechecks on bad spammers so that the reason code might be more reasonable and not just "cached bad ip". Admins will not have to log in to clear the cache as often.
  • added a fix so there will be no conflicts with Google Authenticator plugin.
  • Added automatic whitelist for vaultpress access.
  • Removed Poison links from RSS feeds.
  • Added code to block Tor, by default turned off.
  • Disabled Akismet checks. I am getting numerous complaints that something has changed and Akismet is reporting users as spammers.


  • Fixed an the same issue in 5.4 for multisite. WordPress changed the way the add actions on the plugin line work.


  • Fixed an issue with action links on the plugins page


  • Restored Right Now and Plugins settings links. I only create the link if you have actually reached the settings or history pages so as not to be burned by things like WP 3.8 changing the way they find a page.
  • made a check spam for user registrations. I have been saving IP addresses since 5.0 version.
  • White listed Vaultpress so the plugin will not deny access.


  • removed bad links in plugin until I have time to rewrite the code.
  • fixed warning messages in $_SERVER checks.
  • fixed undefined variable in Gravity Forms checking.
  • fixed problem with login ip address recording that conflicts with some plugins.
  • Nothing new here. I am taking out stuff that doesn't work. I will not be able to work on the plugin for the next few months, except to kill bugs.


  • Fixed typo on spammer history page. Deleted links. Will add back in next version.


  • Added poison links.
  • Added email notifications on white list requests.
  • Removed bbpress loading code because of conflicts. Not all checks will work on bbpress. Plugin might not stop bbpress registrations.
  • Moved good cache tests to just before db lookups to prevent false negatives.
  • Use cookies to check session speed so as not to cause problems with sites that can't handle sessions.
  • Changed session so as not to restart the timer on subsequent checks. This prevents some redirections from appearing to be spam robots.
  • Added new header checks for finding real IP. It now works with more proxy servers.
  • Reorganized the way the plugin loads (again) to reduce overhead. Lazy loading works better now.
  • Fixed bugs in email domain checks.
  • Relaxed checks for http_referer so as not to fire when switching from https to http and back.
  • Changed the way Red Herring forms are checked, has its own action now.
  • Added IP lookup for CloudFlare.com.
  • Ran code through a formatting program. Pretty code will not last long, though, since my IDE is notepad.
  • Added a function that can be called by other plugins who wish to check for spam.
  • " if (function_exists('stop_spam_check')) stop_spam_check(); "
  • Added liker.profile checks - if request has liker.profile and poison is checked then the spammer goes to bad ip cache.
  • Might work with Gravity Forms. I made changes, but Gravity Forms is a pay plugin so I don't have access to test it.

Requires: 3.0 or higher
Compatible up to: 3.9.2
Last Updated: 2014-3-6
Downloads: 209,166


4 stars
4.6 out of 5 stars


1 of 13 support threads in the last two months have been resolved.

Got something to say? Need help?


Not enough data

2 people say it works.
0 people say it's broken.

100,1,1 100,1,1
100,3,3 100,2,2 100,1,1 100,1,1 100,1,1 100,2,2 100,1,1
100,1,1 100,1,1 100,2,2
100,1,1 100,1,1 100,2,2 100,2,2 100,1,1 100,1,1
100,1,1 100,1,1
100,2,2 100,1,1
100,1,1 100,1,1
50,2,1 40,5,2 100,2,2 100,1,1
100,2,2 100,1,1
100,1,1 100,1,1 80,5,4
100,2,2 75,4,3 100,1,1 100,1,1
67,3,2 100,1,1
87,15,13 100,6,6
100,7,7 100,1,1
100,1,1 100,1,1
100,2,2 0,1,0 100,1,1 100,1,1
50,2,1 50,2,1 100,4,4 100,1,1
100,1,1 100,1,1 100,1,1 50,2,1 100,8,8