Spam Free WordPress works well to block spam from most blogs, but some blogs that are targeted by spammers, need a much more powerful solution like Simple Comments.
Special Offer for WordPress.org Members Only
Upgrade to Simple Comments. 10% Off with Coupon Code WPSFW.
Get Much More Powerful Form Protection from Simple Comments
Spam Free WordPress is a weak free spam protection plugin. Upgrade to Simple Comments for extremely powerful spambot and hackbot protection.
Simple Comments Provides 99.9% – 100% Spambot and Hackbot Protection for the Following Forms
Please note: Simple Comments is a different plugin from Spam Free WordPress. The description below is for Simple Comments.
- WordPress Comment form (Spambot protection)
- Gravity Forms (Spambot protection)
- Contact Form 7 (Spambot protection)
- WordPress login form (Hackbot protection)
- WordPress user registration form (Hackbot protection)
- WooCommerce Product Review form (Spambot protection)
- WooCommerce Product Enquiry Form (Spambot protection)
- WooCommerce 2.1 Login Form (Hackbot protection is only available from Simple Comments)
- WooCommerce 2.1 Registration Form (Spambot protection is only available from Simple Comments)
- AffiliateWP (Spambot and Hackbot protection)
Simple Comments Security Features
- SEO Hacking Protection
- Redirection Hacking Protection
- DDOS Protection
- XSS Protection
- CSRF Protection
- Brute Force Attack Protection
- XML RPC Service Attack Protection
Learn More About Simple Comments, and read the customer reviews.
About the Author
Todd Lahman is a WordPress and WooCommerce Developer.
- German – (de_DE)
- Italian (it_IT)
- French – fr_FR)
- Hebrew – (he_IL)
- Japanese – (ja)
- Chinese – (zh_CN)
- Hong Kong – (zh_HK)
- Taiwan – (zh_TW)
- Swedish – Svenska (sv_SE)
- Norwegian – (norsk)
There is no support for this free plugin, but there is support for Simple Comments.
Upgrade to Simple Comments. 10% Off with Coupon Code WPSFW.
Do not install this plugin: it's unsupported since 2016 and does not work any longer.
- Added esc_attr() to checkboxes for good measure.
- Readme update.
- CSS changes.
- Cleaned up some code.
- Added Simple Comments coupon.
- Added back image files for proper comment form styling.
- Refreshed database settings. Old settings were causing some upgrades to stop working properly.
- Cleaned up some code.
- Changed offer hook.
- Removed obsolete checkbox.
- Removed free license offer from the plugin.
- Fix: Thesis now uses the WP comment_form function, which caused security checks to duplicate and fail.
- Fix: Main options were not saved properly the first time, requiring a second save changes.
- Fix: Made comment list and comment form CSS appear more universal on different themes. Still not perfect.
- Fix: Corrected CSS conflict with Suffusion theme, which prevented text input on comment form fields in Firefox.
- Enhancement: Expanded tech support information.
- Missing argument 2 for wpdb::prepare() message fixed.
- Swedish translation added.
- Norwegian translation added.
- Built-in WordPress Nonce security made optional since it breaks on some blog installations.
- Updated error messages to match Nonce changes.
- Built a default comment list and comment form theme for the automatically generated comment form option.
- Added WordPress AJAX nonce security check.
- Disabled WordPress nonce referer check since it was broken on many blogs causing the plugin to fail.
- Fixed jQuery incompatibility that would cause the plugin to fail on some blogs that loaded two different versions of jQuery.
- Made Old Password Fields invisible for those with broken themes that can’t utilize the more secure AJAX authentication.
- Made error messages more specific, and informative.
- Italian translation added.
- jQuery AJAX call now fires only once, instead of several times.
- Added option to use old legacy dual password fields, that were used in version 1.5.1, for edge cases with themes or plugins that prevent AJAX from working as expected.
- Rewrote jQuery AJAX call to see if it helps edge cases with theme and plugin conflict issues.
- Automatic jQuery detection to load proper version did not work with improperly written themes that load versions of jQuery older than 1.7.
- Implemented new jQuery compatibility logic to try to work around improperly written themes that load versions of jQuery older than 1.7.
- Fixed question mark icon position.
- Added option to automatically delete comments marked as spam via cron job.
- Added option to automatically delete comments marked as unapproved via cron job.
- Added option to automatically delete comments marked as trackbacks or pingbacks via cron job.
- Updated theme check to use WordPress 3.4 function if it exists
- Fixed: Fatal error line 73.
- Free License Key required for plugin support, and to activate advanced plugin features.
- Removed ping closed notice.
- Removed remote blocklist option.
- Removed share link option that was used to promote plugin.
- Removed password form options since they are no longer needed.
- Upgraded all database options.
- Settings page rewritten completely to use the Settings API.
- Simplified the settings page.
- All spam security now works in the background.
- CSS + jQuery Tooltips added to free the settings page from clutter.
- Settings page is now CSS responsive.
- Option to display message, or an ad, above comment text area now displays even if Automatically Generate Comment Form is set to Off.
- Check for, and enforce, a minimum version of jQuery
- Removed option to use old jQuery scripts from plugin and database
- HTML5 “required” form field web browser validation check for name and email only active if “Comment author must fill out name and e-mail” is selected on the Discussion screen.
- Fixed very old versions of JetPack causing a fatal error when Spam Free WordPress activated, or vice versa.
- Added HTML5 “required” form field web browser validation check for name, email, and comment textarea.
- HTML5 removed from automatically generated comment form. Some current web browsers like Chrome 21.0.1180.75 m mangled the form. Will add later.
- Fixed comment form not being generated automatically for every theme.
- Added HTML5 types for email and url form fields to allow modern web browsers to do RFC-compliant form field validation in the browser when the form is submitted. These new form field types will also cause the iPhone to alter the on-screen keyboard to match the form field.
- Added HTML5 required form field web browser check for email and comment textarea.
- Set Use Old jQuery Scripts as the default setting to assist poorly written themes that load old versions of jQuery
- Fix – Created legacy reference to old function that was removed with no reference in 1.7.7
- wp_enqueue_script URL for jQuery scripts with SFW version number rather than filetime, since W3 Total Cache will otherwise break the URL – Thanks Steve
- Automatically loads jQuery scripts compatible with WordPress 3.3 or less that loads a version of jQuery before 1.7.
- Added option to load older jQuery scripts when WordPress is 3.3 or greater, but poorly written theme loads a version of jQuery older than 1.7.
- Added the option to secure the comment form with an invisible password, a clickable password field, or a click password button.
- Fixed automatic comment form generation not turning off due to code error
- Added full Thematic comment form support
- Added full Genesis comment form support
- Added full PageLines comment form support
- Added full Graphene comment form support
- Added full Atahualpa comment form support
- Added full Suffusion comment form support
- Added full Picture Perfect comment form support
- Thesis only allows password and no tags message on comment form
- Replaced German translation – Thanks Marco
- Turn mouse cursor into a pointer when over password field – Thanks Joe
- Removed password button
- Password field automatically generates password when clicked
- Added readonly attribute to password field – Thanks Thomas
- Automatically disable JetPack Comments module since it takes over the comment form, and won’t play nice with other plugins
- Automatically cleanup Post Meta Custom Fields since transients are now used
- German translation updated – Thanks Thomas
- Earlier versions have been removed
- Corrected jQuery file loading twice
- Automatic cache flush of W3TC and WP Super Cache when settings updated and on install
- Password fields replaced with a one-click AJAX button and password field
- Comment form is now automatically generated
- Same hooks available to other plugins and themes as are in the comment_form function
- Added autocomplete comment form for Chrome 15 and above
- Passwords are now stored as transients to scale to extremely high traffic blogs
- AJAX now used to obtain client IP address to bypass cached pages
- Added backlink to rejected comment error page
- Made rejected comment error message more friendly
- Added option to display message, or an ad, above comment text area
- Nonce field added to comment form
- Language translations added
- Added German translation
- Added French translation
- Added Hebrew translation
- Added Japanese translation
- Added Chinese translation
- Added Hong Kong translation
- Added Taiwan translation
- Added option to open or close pingbacks
- Pingbacks are closed automatically when plugin installed
- Updated install routine to preserve existing settings
- Pingbacks now closed automatically by default
- Translation support coming soon …
- More secure SQL query
- Minor admin page change
- WordPress version 3.1 or above now required
- add_option function caused activation error
- had to use update_option to fix
- Arrrg. Forgot to bump the version.
- Upgrade procedure didn’t work as expected first time
- Added disable pingback/trackback
- Added disable user registration
- Added settings link to plugin row menu
- Added remove url form field
- Added remove comment author clickable link
- Admin page has a new look
- Fixed donation link
- Added uninstall to cleanup database on deletion
- Made invalid or empty password error more clear
- Added automatic theme support for popular themes
- Minor code changes
- Fix for number_format error
- Ability to turn blocklists on or off
- Easier Admin page
- Backend improvements
- Number localization fix.
- Added global remote blocklist after code rewrite
- Added more plugin security features
- Added plugin to close pingbacks and trackbacks
- Cleaned up code and admin page a bit
- Initial release. In development since September 2007.
- Global remote blocklist left out pending code rewrite.