Initial release.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3552902,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3552902,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3552908,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3552908,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.1"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3552902,"resolution":"1","location":"assets","locale":"","width":1750,"height":1100},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3552902,"resolution":"2","location":"assets","locale":"","width":1750,"height":1100},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3552902,"resolution":"3","location":"assets","locale":"","width":1750,"height":1100},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3552902,"resolution":"4","location":"assets","locale":"","width":1750,"height":1100}},"screenshots":{"1":"Reports page \u2014 risk distribution charts, health checklist, and submission log","2":"Settings page \u2014 General tab with API credentials and global protection settings","3":"Settings page \u2014 Integrations tab with per-integration risk action configuration","4":"Submission log \u2014 filterable table with risk level badges and contributing factor pills"}},"plugin_section":[],"plugin_tags":[22770,58672,92828,157374,2419],"plugin_category":[],"plugin_contributors":[264859],"plugin_business_model":[],"class_list":["post-311180","plugin","type-plugin","status-publish","hentry","plugin_tags-bot-detection","plugin_tags-fake-email","plugin_tags-form-security","plugin_tags-fraud-detection","plugin_tags-spam-protection","plugin_contributors-opportify","plugin_committers-opportify"],"banners":{"banner":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/banner-772x250.png?rev=3552908","banner_2x":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/banner-1544x500.png?rev=3552908","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/icon-128x128.png?rev=3552902","icon_2x":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/icon-256x256.png?rev=3552902","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/screenshot-1.png?rev=3552902","caption":"Reports page \u2014 risk distribution charts, health checklist, and submission log"},{"src":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/screenshot-2.png?rev=3552902","caption":"Settings page \u2014 General tab with API credentials and global protection settings"},{"src":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/screenshot-3.png?rev=3552902","caption":"Settings page \u2014 Integrations tab with per-integration risk action configuration"},{"src":"https:\/\/ps.w.org\/opportify-fraud-protection\/assets\/screenshot-4.png?rev=3552902","caption":"Submission log \u2014 filterable table with risk level badges and contributing factor pills"}],"raw_content":"\n
Opportify Fraud Protection<\/strong> stops fake sign-ups, form spam, bot submissions, and fraudulent leads on every WordPress form \u2014 silently, in real time, without friction for real users.<\/p>\n\n Unlike CAPTCHA, which annoys genuine visitors, Opportify works invisibly in the background. It analyzes over 100 signals per submission \u2014 behavioral patterns, device fingerprints, email risk, IP reputation, VPN and proxy detection \u2014 and scores each one so you can automatically allow, flag, or block it.<\/p>\n\n WordPress site owners and marketers<\/strong> tired of spam flooding their contact forms, fake leads cluttering their CRM, or bots registering fake accounts.<\/p>\n\n WooCommerce store owners<\/strong> who need to stop fraudulent checkouts, fake account registrations, and disposable email sign-ups before they cause damage.<\/p>\n\n Developers and agencies<\/strong> who want an API-backed, code-configurable fraud layer with per-integration control, risk metadata on entries, and support for version-controlled config files.<\/p>\n\n Security and operations teams<\/strong> who need explainable risk scores (not black-box verdicts) with per-submission breakdown of contributing factors.<\/p>\n\n CAPTCHA hurts conversion rates for real users and is routinely bypassed by modern bots. Opportify takes a different approach: it observes behavioral signals before the form is even submitted, analyzes every signal simultaneously at the moment of submission, and delivers a risk verdict your site can act on \u2014 all in under a second, with no puzzles, no friction, and no false positives for legitimate visitors.<\/p>\n\n Every submission receives a score and one of five plain-language risk levels:<\/p>\n\n For each supported form plugin, you can independently configure what happens at each risk level:<\/p>\n\n No CAPTCHA. No user friction. No separate configuration per form.<\/p>\n\n The plugin's Reports page gives you a clear view of your site's submission health:<\/p>\n\n This plugin connects to two Opportify services:<\/p>\n\n Please review Opportify's Privacy Policy<\/a> and Terms of Service<\/a> before activating the plugin. By activating, you agree to the transmission of submission data to Opportify's API for fraud analysis.<\/p>\n\n For questions, feedback, or assistance, visit https:\/\/www.opportify.ai\/contact-us<\/a>.<\/p>\n\n\n Start a free trial at app.opportify.ai<\/a> to get your Private API Key and Public Key. No credit card required. The free trial provides full, real API access for fraud analysis \u2014 it is not a sandbox or demo environment. You can protect live form submissions immediately after activating your trial account.<\/p><\/dd>\n Yes \u2014 it is designed to be a better alternative. Opportify analyzes over 100 signals per submission without presenting any challenge to the visitor. Real users see nothing. Bots and fake submissions are scored and blocked automatically based on your thresholds.<\/p><\/dd>\n No. The JS SDK loads asynchronously from a global CDN and has no impact on page rendering. The server-side API call happens during form submission processing and completes in under a second for most submissions.<\/p><\/dd>\n Yes. The plugin is compatible with WP Rocket, LiteSpeed Cache, W3 Total Cache, Autoptimize, and other major caching plugins. The JS SDK is loaded through the standard WordPress enqueue system, so it can be managed (excluded, deferred, or combined) by your caching plugin by handle ( When an action is set to Flag, the submission proceeds normally but Opportify stores the risk score, risk level, and contributing factors as metadata attached to the entry. For comments, this goes into comment meta; for users, into user meta; for WooCommerce orders, into order meta. A Risk column appears in the relevant WP Admin list tables so you can review flagged entries.<\/p><\/dd>\n Flag<\/strong> lets the submission through but records the risk data for your review. Block<\/strong> rejects the submission entirely and shows the visitor your custom block message. Use Flag for Medium risk levels when you want to review manually, and Block for High and Highest when you are confident in rejecting.<\/p><\/dd>\n Yes. Copy Yes. Elementor Pro Forms<\/a>, Ninja Forms<\/a>, Gravity Forms<\/a>, WPForms<\/a>, Fluent Forms<\/a>, Forminator<\/a>, Formidable Forms<\/a>, Contact Form 7<\/a>, and Mailchimp for WordPress<\/a> are all supported natively.<\/p><\/dd>\n Data sent to the Opportify API consists of the email address, IP address, and behavioral signals from the JS SDK \u2014 the minimum required for fraud analysis. No personal data is stored by the plugin beyond the risk score and factors in your own WordPress database. Review Opportify's Privacy Policy<\/a> for full details.<\/p><\/dd>\nWho This Is For<\/h4>\n\n
Why Not Just Use CAPTCHA?<\/h4>\n\n
What It Detects<\/h4>\n\n
\n
Risk Levels<\/h4>\n\n
\n
Per-Integration Actions<\/h4>\n\n
\n
Supported Form Integrations<\/h4>\n\n
\n
Supported Newsletter & CRM Integrations<\/h4>\n\n
\n
Key Features<\/h4>\n\n
\n
opportify-config.php<\/code>) for DevOps, Bedrock, Trellis, and staging pipelines<\/li>\nHow It Works<\/h4>\n\n
\n
Reports Dashboard<\/h4>\n\n
\n
External Services<\/h4>\n\n
\n
https:\/\/api.opportify.ai<\/code>) \u2014 analyzes each submission server-side using your private API key. Data sent: email address, IP address, and behavioral signals from the JS SDK.<\/li>\nhttps:\/\/cdn.opportify.ai<\/code>) \u2014 loads the client-side behavioral telemetry script using your public key. The client-side behavioral telemetry script is an integral component of the Opportify fraud detection service: it collects behavioral signals (typing cadence, mouse movement, device entropy, automation indicators) that are correlated server-side with the fraud analysis. Loading it from the Opportify CDN is a service integration, not a decorative asset \u2014 the plugin automatically fetches the latest script version from the CDN manifest and injects it into your site header.<\/li>\n<\/ul>\n\nSupport<\/h3>\n\n
\n
\/wp-content\/plugins\/opportify-fraud-protection\/<\/code> or install directly via Plugins \u2192 Add New<\/strong> in your WordPress admin<\/li>\n\n
Where do I get my API keys?<\/h3><\/dt>\n
Does this replace CAPTCHA?<\/h3><\/dt>\n
Will it slow down my site?<\/h3><\/dt>\n
Does it work with caching plugins?<\/h3><\/dt>\n
opportify-telemetry<\/code>). Note: if you change your Public Key, clear your page cache afterwards.<\/p><\/dd>\nWhat does \"Flag\" do?<\/h3><\/dt>\n
What is the difference between \"Flag\" and \"Block\"?<\/h3><\/dt>\n
Can I configure settings via a file instead of the UI?<\/h3><\/dt>\n
opportify-config-sample.php<\/code> to your WordPress root as opportify-config.php<\/code>. When this file is present, all settings are loaded from it and the WordPress admin UI becomes read-only. This is useful for DevOps workflows, Bedrock\/Trellis setups, and multi-environment staging pipelines where you want settings version-controlled.<\/p><\/dd>\nDoes it work with page builders and popular form plugins?<\/h3><\/dt>\n
Is it GDPR and privacy compliant?<\/h3><\/dt>\n