{"id":283627,"date":"2026-03-18T11:42:48","date_gmt":"2026-03-18T11:42:48","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/anti-spam-comment-shield\/"},"modified":"2026-05-24T05:31:39","modified_gmt":"2026-05-24T05:31:39","slug":"rabbitbuilds-anti-spam-comment-shield","status":"publish","type":"plugin","link":"https:\/\/cn.wordpress.org\/plugins\/rabbitbuilds-anti-spam-comment-shield\/","author":23455683,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"2.0.6","stable_tag":"2.0.6","tested":"7.0","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"Rabbit Builds Anti-Spam Comment Shield","header_author":"Rabbit Builds","header_description":"Advanced, lightweight, and GDPR-compliant anti-spam protection for WordPress comments. Zero configuration needed \u2014 just activate and forget spam forever.","assets_banners_color":"","last_updated":"2026-05-24 05:31:39","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/rabbitbuilds.com\/","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/rabbitbuilds-anti-spam-comment-shield\/","header_author_uri":"https:\/\/rabbitbuilds.com\/","rating":5,"author_block_rating":0,"active_installs":0,"downloads":341,"num_ratings":1,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"2.0.5":{"tag":"2.0.5","author":"rabbitbuilds","date":"2026-03-25 10:53:53"},"2.0.6":{"tag":"2.0.6","author":"rabbitbuilds","date":"2026-05-24 05:31:39"}},"upgrade_notice":{"2.0.6":"<p>WordPress 7.0 compatibility. Important fix for sites running long-lived page caches: honeypot and time-based checks no longer silently fail open. Recommended upgrade.<\/p>","2.0.5":"<p>Refreshed dashboard UI with trust-themed emerald green color scheme. Code audit and cleanup.<\/p>","2.0.4":"<p>Fixed WordPress.org plugin review issues including function prefix conflicts, text domain, enqueuing scripts\/styles, and escaping.<\/p>","2.0.3":"<p>Updated branding and slug to &quot;Rabbit Builds Anti-Spam Comment Shield&quot; (<code>rabbit-builds-anti-spam-comment-shield<\/code>).<\/p>"},"ratings":{"1":0,"2":0,"3":0,"4":0,"5":1},"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3485698,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3485698,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["2.0.5","2.0.6"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3485613,"resolution":"1","location":"assets","locale":"","width":1952,"height":1340},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3485613,"resolution":"2","location":"assets","locale":"","width":1956,"height":998}},"screenshots":[]},"plugin_section":[],"plugin_tags":[2656,4867,131785,600,12929],"plugin_category":[54],"plugin_contributors":[258035],"plugin_business_model":[],"class_list":["post-283627","plugin","type-plugin","status-publish","hentry","plugin_tags-anti-spam","plugin_tags-comment-spam","plugin_tags-gdpr","plugin_tags-security","plugin_tags-stop-spam","plugin_category-security-and-spam-protection","plugin_contributors-rabbitbuilds","plugin_committers-rabbitbuilds"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/rabbitbuilds-anti-spam-comment-shield\/assets\/icon-128x128.png?rev=3485698","icon_2x":"https:\/\/ps.w.org\/rabbitbuilds-anti-spam-comment-shield\/assets\/icon-256x256.png?rev=3485698","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/rabbitbuilds-anti-spam-comment-shield\/assets\/screenshot-1.png?rev=3485613","caption":""},{"src":"https:\/\/ps.w.org\/rabbitbuilds-anti-spam-comment-shield\/assets\/screenshot-2.png?rev=3485613","caption":""}],"raw_content":"<!--section=description-->\n<p>Rabbit Builds Anti-Spam Comment Shield is a fast, reliable anti-spam plugin for the <strong>default WordPress commenting system<\/strong>. It blocks automated bot submissions using layered validation, while keeping the experience clean for real visitors.<\/p>\n\n<p>Developed and maintained by <a href=\"https:\/\/rabbitbuilds.com\/\">Rabbit Builds<\/a> \u2014 visit our website to explore more WordPress tools and solutions.<\/p>\n\n<h3>Important<\/h3>\n\n<ul>\n<li>Clear your page cache after activation or after changing plugin settings.<\/li>\n<li>Works with the default WordPress comment form only (not AMP comment forms).<\/li>\n<\/ul>\n\n<h4>Features<\/h4>\n\n<ul>\n<li>\ud83d\udee1\ufe0f <strong>Hash-Based Verification<\/strong> \u2014 Blocks bots by hiding the comment form action URL<\/li>\n<li>\ud83c\udf6f <strong>Honeypot Trap<\/strong> \u2014 Hidden field that catches bots filling every input<\/li>\n<li>\u23f1\ufe0f <strong>Time-Based Check<\/strong> \u2014 Rejects comments submitted too quickly<\/li>\n<li>\ud83d\udd12 <strong>REST API Protection<\/strong> \u2014 Blocks unauthenticated REST API comments (disable for headless setups)<\/li>\n<li>\ud83d\udcca <strong>Spam Statistics Dashboard<\/strong> \u2014 Real-time total &amp; daily blocked spam counter<\/li>\n<li>\u2699\ufe0f <strong>Modern Settings Page<\/strong> \u2014 Beautiful card-based UI with toggle switches<\/li>\n<li>\ud83d\udd14 <strong>Admin Bar Counter<\/strong> \u2014 See blocked spam count in the admin bar<\/li>\n<li>\u270f\ufe0f <strong>Custom Block Message<\/strong> \u2014 Personalize the blocked spam response<\/li>\n<li>100% GDPR Compliant \u2014 No external requests, no cookies, no tracking<\/li>\n<li>Captcha-Free \u2014 Completely invisible to your visitors<\/li>\n<li>~200 bytes inline JavaScript \u2014 Zero performance impact<\/li>\n<li>Compatible with all page caching and performance optimization plugins<\/li>\n<\/ul>\n\n<h4>How does it work?<\/h4>\n\n<ol>\n<li>The plugin removes the comment form action URL from raw HTML output.<\/li>\n<li>When real user interaction is detected (scroll, mouse move, touch, or focus), JavaScript restores the action URL with a unique hash token.<\/li>\n<li>On submit, the server validates the hash token, checks the honeypot field, and verifies submission timing.<\/li>\n<li>If any check fails, the request is blocked with a 403 response before spam can reach your database.<\/li>\n<\/ol>\n\n<h3>License<\/h3>\n\n<p>This plugin is licensed under <strong>GPL-2.0-or-later<\/strong>.\nYou may use, modify, and redistribute it under the terms of the GNU General Public License.<\/p>\n\n<!--section=installation-->\n<p>To install from the WordPress Dashboard:<\/p>\n\n<ol>\n<li>Go to Plugins menu &gt; Add New<\/li>\n<li>Search for Rabbit Builds Anti-Spam Comment Shield<\/li>\n<li>Activate the plugin<\/li>\n<li>If using a page cache, clear\/purge the cache<\/li>\n<\/ol>\n\n<p>To install manually:<\/p>\n\n<ol>\n<li>Download the Rabbit Builds Anti-Spam Comment Shield plugin<\/li>\n<li>Upload to the <code>\/wp-content\/plugins\/<\/code> directory<\/li>\n<li>Activate through the 'Plugins' menu<\/li>\n<li>If using a page cache, clear\/purge the cache<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"how%20to%20configure%20the%20plugin%3F\"><h3>How to configure the plugin?<\/h3><\/dt>\n<dd><p>Go to Settings &gt; WP Anti-Spam to enable or disable protection modules, adjust timing thresholds, customize the blocked message, and review spam statistics.<\/p><\/dd>\n<dt id=\"how%20to%20test%20whether%20the%20plugin%20is%20working%3F\"><h3>How to test whether the plugin is working?<\/h3><\/dt>\n<dd><p>Open any post with comments enabled and submit a normal comment. If the comment is accepted, the plugin is working. If you see a 403 error, clear your page cache and try again. If it still fails, your theme may use a custom comment form ID\u2014please open a support topic.<\/p><\/dd>\n<dt id=\"which%20commenting%20system%20is%20supported%3F\"><h3>Which commenting system is supported?<\/h3><\/dt>\n<dd><p>Only the default WordPress commenting system is supported. Third-party systems such as Disqus, JetPack Comments, wpDiscuz, and AMP comments are not supported.<\/p><\/dd>\n<dt id=\"how%20to%20get%20technical%20assistance%3F\"><h3>How to get technical assistance?<\/h3><\/dt>\n<dd><p>Please open a support topic on WordPress.org or reach out to us directly at <a href=\"mailto:support@rabbitbuilds.com\">support@rabbitbuilds.com<\/a>. We typically respond within 24 hours.<\/p><\/dd>\n<dt id=\"have%20a%20feature%20request%20or%20custom%20requirement%3F\"><h3>Have a feature request or custom requirement?<\/h3><\/dt>\n<dd><p>We love hearing ideas from our users! Send your feature requests or custom development enquiries to <a href=\"mailto:studio@rabbitbuilds.com\">studio@rabbitbuilds.com<\/a> and we'll get back to you.<\/p><\/dd>\n<dt id=\"who%20develops%20this%20plugin%3F\"><h3>Who develops this plugin?<\/h3><\/dt>\n<dd><p>This plugin is developed and maintained by <a href=\"https:\/\/rabbitbuilds.com\/\">Rabbit Builds<\/a> \u2014 a web development studio focused on building fast, reliable, and privacy-friendly WordPress tools.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>2.0.6<\/h4>\n\n<ul>\n<li>Tested with WordPress 7.0 \"Armstrong\"<\/li>\n<li>Fixed: honeypot and time-based checks no longer fail-open on sites with long-lived page caches (the 24-hour nonce gate has been dropped \u2014 the honeypot field's presence is itself the spam signal)<\/li>\n<li>Fixed: hash-based verification now tolerates extra query-string parameters (e.g. CDN\/tracking params appended to wp-comments-post.php)<\/li>\n<li>Fixed: replaced deprecated <code>current_time('timestamp')<\/code> usage; \"last blocked\" time is now stored as a Unix timestamp and computed timezone-correctly on the settings page<\/li>\n<li>Improved: protection hooks now register on <code>init<\/code> instead of at file load \u2014 removes work from admin\/AJAX\/REST\/CLI requests that don't involve commenting<\/li>\n<li>Improved: <code>rbascs_stats<\/code> option is now non-autoloaded (one-time migration runs automatically on upgrade)<\/li>\n<li>Improved: REST API Protection setting now explicitly warns headless\/decoupled sites that it will block their REST comment flow<\/li>\n<li>Improved: deferred default-message translation to display time to avoid the WP 6.7+ \"translations loaded too early\" notice<\/li>\n<\/ul>\n\n<h4>2.0.5<\/h4>\n\n<ul>\n<li>Updated dashboard UI color scheme to emerald green for a trust-focused design<\/li>\n<li>Removed redundant CSS rules and cleaned up codebase<\/li>\n<li>General code audit and optimization<\/li>\n<\/ul>\n\n<h4>2.0.4<\/h4>\n\n<ul>\n<li>Fixed WordPress.org plugin review issues<\/li>\n<li>Updated function\/constant prefixes to avoid conflicts (rbascs_ and RBASCS_)<\/li>\n<li>Fixed text domain to match plugin slug (rabbitbuilds-anti-spam-comment-shield)<\/li>\n<li>Converted inline JavaScript to use wp_enqueue_scripts and wp_add_inline_script()<\/li>\n<li>Converted block response to use wp_die() instead of raw HTML<\/li>\n<li>Fixed file path detection to use plugin_dir_path() instead of ABSPATH<\/li>\n<li>Improved escaping on all translatable strings<\/li>\n<li>Added contributors to README<\/li>\n<\/ul>\n\n<h4>2.0.3<\/h4>\n\n<ul>\n<li>Rebranded plugin display name to \"Rabbit Builds Anti-Spam Comment Shield\"<\/li>\n<li>Updated plugin slug to \"rabbit-builds-anti-spam-comment-shield\"<\/li>\n<\/ul>\n\n<h4>2.0.2<\/h4>\n\n<ul>\n<li><strong>Major Rebrand<\/strong> \u2014 Renamed from \"Forget Spam Comment\" to \"Anti-Spam Comment Shield\"<\/li>\n<li><strong>New:<\/strong> Honeypot trap field for catching bots<\/li>\n<li><strong>New:<\/strong> Time-based submission check (configurable threshold)<\/li>\n<li><strong>New:<\/strong> REST API comment protection<\/li>\n<li><strong>New:<\/strong> Modern settings page with card-based UI and toggle switches<\/li>\n<li><strong>New:<\/strong> Real-time spam statistics (total, today, last blocked)<\/li>\n<li><strong>New:<\/strong> Admin bar spam counter<\/li>\n<li><strong>New:<\/strong> Custom blocked message setting<\/li>\n<li><strong>New:<\/strong> Reset to defaults button<\/li>\n<li><strong>New:<\/strong> Expanded event triggers (scroll + mousemove + touchstart + focus)<\/li>\n<li><strong>New:<\/strong> Expanded comment form ID selector for more theme compatibility<\/li>\n<li><strong>Improved:<\/strong> Block response page with modern, branded design<\/li>\n<li><strong>Improved:<\/strong> Activation notice with modern styling<\/li>\n<li><strong>Updated:<\/strong> Requires WordPress 5.0+ and PHP 7.4+<\/li>\n<\/ul>\n\n<h4>1.1.8<\/h4>\n\n<ul>\n<li>Tested with 6.6.1 Updated on 09-Aug-2024.<\/li>\n<\/ul>\n\n<h4>1.1.7<\/h4>\n\n<ul>\n<li>Tested with 6.5.5 Updated on 09-July-2024.<\/li>\n<\/ul>\n\n<h4>1.1.6<\/h4>\n\n<ul>\n<li>Hotfix for Bedrock Compatibility. Updated on 30-Jan-2024.<\/li>\n<\/ul>\n\n<h4>1.1.5<\/h4>\n\n<ul>\n<li>Enhanced Bedrock Compatibility. Updated on 24-Jan-2024.<\/li>\n<\/ul>\n\n<h4>1.1.4<\/h4>\n\n<ul>\n<li>Added a fallback to cover unexpected cases. Updated on 20-Nov-2023.<\/li>\n<\/ul>\n\n<h4>1.1.3<\/h4>\n\n<ul>\n<li>Enhanced uniqueness in query string parameters. Updated on 19-Nov-2023.<\/li>\n<li>Kindly clear your page cache after updating to version 1.1.3.<\/li>\n<\/ul>\n\n<h4>1.1.2<\/h4>\n\n<ul>\n<li>Tested with WordPress 6.4.1 and PHP 8.2.12<\/li>\n<li>Addressed referral handling for increased precision<\/li>\n<li>Improved code readability and consistency following WordPress coding standards<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Tested with WordPress 6.2 and PHP 8.2.4<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li>Tested with WordPress 6.1.1 and PHP 8.2.3<\/li>\n<li>Updated links<\/li>\n<\/ul>\n\n<h4>1.0.9<\/h4>\n\n<ul>\n<li>Tested with WordPress 6.0<\/li>\n<\/ul>\n\n<h4>1.0.8<\/h4>\n\n<ul>\n<li>Tested with WordPress 5.9.1 and PHP 8.1.3<\/li>\n<\/ul>\n\n<h4>1.0.7<\/h4>\n\n<ul>\n<li>Tested with WordPress 5.8<\/li>\n<li>Enhanced compatibility<\/li>\n<\/ul>\n\n<h4>1.0.6<\/h4>\n\n<ul>\n<li>Tested plugin up to 5.7<\/li>\n<\/ul>\n\n<h4>1.0.5<\/h4>\n\n<ul>\n<li>Added hint for purging cache in the generated error page to assist first time plugin user.<\/li>\n<\/ul>\n\n<h4>1.0.4<\/h4>\n\n<ul>\n<li>Minor tweaks<\/li>\n<\/ul>\n\n<h4>1.0.3<\/h4>\n\n<ul>\n<li>Minified inline JS for better performance<\/li>\n<li>Translation made available for Hindi, Bengali, English (United States), English (UK).<\/li>\n<li>Minor tweaks<\/li>\n<\/ul>\n\n<h4>1.0.2<\/h4>\n\n<ul>\n<li>Added hint for purging cache upon plugin activation<\/li>\n<li>Added support links<\/li>\n<\/ul>\n\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Performance optimization<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release<\/li>\n<\/ul>","raw_excerpt":"Advanced, lightweight, GDPR-compliant anti-spam protection for WordPress comments. No setup required.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/283627","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=283627"}],"author":[{"embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/rabbitbuilds"}],"wp:attachment":[{"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=283627"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=283627"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=283627"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=283627"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=283627"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/cn.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=283627"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}