In this post, we will learn about blocking email harvesters.
Email spammers often use programs, known as email harvesters that scan pages on the Internet for email addresses to collect and send unsolicited email. If your email address is publicly available through your WordPress installation, it may be vulnerable to these kinds of programs. Below are a few simple ways you can use to protect yourself from spam while still providing an email address to your readers.
A popular solution to email harvesting is to create a “throwaway” email address at free services such as Gmail or Yahoo Mail. Set this as your email address in your profile. WordPress makes it easy to display the address on your blog by providing the template tag the_author_email(). Within The Loop portion of your templates, just add the tag:
1 |
<?php the_author_email(); ?> |
You will be able to check email that is specifically sent from your readers. If spam becomes too much of a problem, simply delete this account, create a new one, and change the email address in your profile to the new address. Your site will be immediately updated without having to change any template files.
To “fool” email harvesters, a simple method is to convert the symbols in an email address to words (typically parenthesized). For example, steve@mac.com becomes steve (at) mac (dot) com. Since this is not recognized as a valid email format, harvesters tend to ignore it.
A slightly more complicated approach is to transform or encode characters in an address to their HTML character entity, , or numeric character reference, equivalent. This means the letter a in an address becomes a, the @ symbol @, and so on. These should appear as gobbledygook to harvesters, while your browser renders them correctly.
You can use a free online encoder to encode your email address or use the antispambot() function built into WordPress:
1 |
<?php echo antispambot(get_the_author_email()); ?> |
The function antispambot() above parses the email address passed by get_the_author_email().Use of the echo command displays the output of antispambot(). An interesting feature is it encodes only portions of an address, and does so randomly so the letters encoded are different each time the page loads, adding a little more firepower to the spam protection arsenal.
Another easy trick for disguising your email is to create an image of your email address using some screen capture software, cropping it to size with an image editor, and inserting it where ever you like. With these simple tricks, you can get rid of the annoying problem of email harvesters.
There many more tricks and tips available on Wikipedia website about blocking email harvesters.