WordPress Zero Spam


Why should your users prove that they’re humans by filling out captchas? Let bots prove they’re not bots with the WordPress Zero Spam plugin.

WordPress Zero Spam blocks registration spam and spam in comments automatically without any additional config or setup. Just install, activate, and enjoy a spam-free site.

Zero Spam was initially built based on the work by David Walsh.

Major features in WordPress Zero Spam include:

  • No captcha, spam isn’t a users’ problem
  • No moderation queues, spam isn’t a administrators’ problem
  • Blocks 99.9% of spam registrations & comments
  • Supports caching plugins to help provide great performance
  • Blocks spammy IPs from ever seeing your site
  • Extend the plugin with action hooks
  • Theme & plugin integration for any form on your site
  • Optional logging, so you can see who’s trying to spam
  • Advanced settings for complete control

Supported Plugins

  • Formular de contact 7
  • Gravity Form
  • Ninja Forms
  • BuddyPress
  • WPForms

Note: This plugin does not work with Jetpack Comments. For more information, see https://wordpress.org/support/topic/incompatible-with-jetpack-comments.

Languages: English

If you have suggestions for a new add-on, feel free to email me at me@benmarshall.me. Want regular updates? Follow me on Twitter or visit my blog.




Plugin Installation

  1. Upload the zero-spam folder to the /wp-content/plugins/ directory
  2. Activează modul în meniul „Module” din WordPress

Theme Integration

You can integrate WordPress Zero Spam with any theme or plugin. Just add the class zerospam to a form element and the following at the beginning of your validation function:

if ( zerospam_is_valid() ) {
  // Valid form submission.
} else {
  // Invalid form submission.
  zerospam_log_spam( 'My Custom Form', 'http://www.myurl.com/custom-form' );

For more information and a full list of helpers you can use if your theme or plugin, see the helpers.php file.

Întrebări frecvente

Is JavaScript required for this plugin to work?

Yes, that’s what does the magic and keeps spam bots out.

I keep getting ‘There was a problem processing your comment.’

Be sure JavaScript is enabled and there are no JS errors.

Can I extend the plugin with action hooks?

Yes, see below:

  • zero_spam_found_spam_registration – Runs after a spam registration is detected
  • zero_spam_found_spam_comment – Runs after a spam comment is detected
  • zero_spam_found_spam_cf7_form_submission – Runs after a spam Contact Form 7 form submission is detected
  • zero_spam_found_spam_gf_form_submission – Runs after a spam Gravity Form submission is detected
  • zero_spam_ip_blocked – Runs after a blocked IP attempts to visit the site
  • zero_spam_found_spam_buddypress_registration – Runs when a BuddyPress spam registration is detected
  • zero_spam_found_spam_nf_form_submission – Runs when a spam Ninja Forms submission is detected
  • zero_spam_found_spam_wpf_form_submission – Runs when a spam WPForms submission is detected
Does this plugin support Contact Form 7 forms?

Yes! Thanks to @leewillis77.

Does this plugin support Gravity Forms forms?

Yes! Thanks to @shazahm1.

Does this plugin support BuddyPress?


Does this plugin support NinjaForms?


Does this plugin support WPForms?

Yes! Thanks to @jaredatch.

Does this plugin work with caching plugins like W3 Total Cache?

Yes! Thanks to @shazahm1.

Does this plugin work with multisite?

Yes! Thanks to @afragen. When using with multisite the plugin may be network activated or used individual sub sites.

Can I blacklist spammy IPs to CloudFlare?

Yes! Install Sunny and follow this guide.


30 ianuarie 2020
I have been using this plugin for contact form 7 on a few sites for several months and it works great.
9 octombrie 2019
I installed this on a client site, and I was pleased that it actually stopped the thousands of incoming spam messages. That's great. BUT then I got word from the client that people weren't able to post comments at all. Disabling the plugin allowed comments to get posted again. It doesn't do a lot of good to block spam if you're also blocking legitimate content. We are still looking for a solution that blocks spam and allows legitimate content to go through.
Citește toate cele 91 de recenzii

Contributori și dezvoltatori

„WordPress Zero Spam” este un software open-source. La acest modul au contribuit următoarele persoane.


Istoric modificări

v3.1.1 (June 6, 2019)

  • [bug] Fix for IP lookup.
  • [bug] Fix for PHP notice on admin page about count().
  • [bug] Fix for admin dashboard when loading spam.
  • [bug] Bug fix: fix parse error, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/153)
  • [enhancement] Readme: add minimum PHP version tag, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/152)
  • [enhancement] Simplify the uninstall file, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/154)
  • [enhancement] CS: use single-quoted strings, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/163)
  • [enhancement] CS: use lowercase for special PHP constants, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/162)
  • [enhancement] CS: comma after last array item in multiline arrays, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/161)
  • [enhancement] QA: don’t even risk overriding a WP global variable, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/160)
  • [enhancement] CS/QA: review of all include and require statements, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/159)
  • [enhancement] QA: remove redundant security check, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/158)
  • [enhancement] QA/performance: remove duplicate function calls, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/157)
  • [enhancement] CS: don’t use inline control structures, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/156)
  • [enhancement] QA: adjust security check, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/164)
  • [enhancement] CS: normalize inline whitespace usage, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/165)

v3.1.0 (June 4, 2019)

  • [bug] install/activation routine would never run, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/148)
  • [bug] option may not be set, thanks @jrf (https://github.com/bmarshall511/wordpress-zero-spam/pull/149)
  • [enhancement] Improve zerospam_get_ip(), thanks @ben-morin (https://github.com/bmarshall511/wordpress-zero-spam/pull/143)

v3.0.6 (December 27, 2016)

  • [bug] Gravity Forms submission fix (https://github.com/bmarshall511/wordpress-zero-spam/pull/140).

v3.0.5 (December 23, 2016)

  • [bug] Gravity Forms submission fix.

v3.0.4 (November 24, 2016)

  • [bug] Fixed IP location lookup issue.
  • [enhancement] Updated the Grunt development tasks.

v3.0.3 (November 23, 2016)

  • [bug] Fixed issue with settings not getting saved (https://wordpress.org/support/topic/can-unselect-default-options/).
  • [bug] Fixed PHP notice on Spammer Log page.
  • [bug] Removed outdated CloudFlare instructions.
  • [enhancement] Made the JS file version dynamic.


  • Fixed fatal error.


  • Added the default options when the plugin is activated.


  • Lots of updates & fixes! Improved code documentation to help promote contributions.


  • Fixed uninstall issue, thanks @thiagolcks (https://github.com/bmarshall511/wordpress-zero-spam/pull/139)


  • Fixed security issue, thanks @thiagolcks (https://github.com/bmarshall511/wordpress-zero-spam/pull/138)


  • Fixed issue with Gravity Forms not working, thanks @karpstrucking & @jaredatch (https://github.com/bmarshall511/wordpress-zero-spam/issues/132)
  • Updated the repo link on the admin page (https://github.com/bmarshall511/wordpress-zero-spam/issues/124)


  • Minor updates


  • Added support for WPForms (https://github.com/bmarshall511/wordpress-zero-spam/issues/129)


  • Added the ‘contactform’ id to fix issue with valid comments not getting through (https://wordpress.org/support/topic/false-positives-6)
  • Updated readme file


  • Updates to the readme file
  • Fixed Contact Form issue forcing users to submit twice (https://github.com/bmarshall511/wordpress-zero-spam/issues/118)


  • Added CloudFlare instructions (https://github.com/bmarshall511/wordpress-zero-spam/pull/107)
  • Added ability to integrate with any theme or plugin (https://github.com/bmarshall511/wordpress-zero-spam/issues/116)
  • Added support for Ninja Forms (https://github.com/bmarshall511/wordpress-zero-spam/issues/114)
  • Complete rewrite of plugin code & structure
  • Added plugin icon


  • Made minor modification on how spam comments are detected. Tested & verified working as expected.
  • Changed how Gravity Forms spam is detected. Needs to be tested & verified.


  • Fixed issue with CF7 validation in the latest version – 4.1 (https://wordpress.org/support/topic/contact-form-7-version-41-no-longer-prevents-spam-using-wp-zero-spam?replies=4)


  • Fixed Gravity Form issues (https://github.com/bmarshall511/wordpress-zero-spam/issues/101)


  • Added IP location service (https://github.com/bmarshall511/wordpress-zero-spam/issues/84)
  • Improved pagination (https://github.com/bmarshall511/wordpress-zero-spam/issues/91)
  • Made date/times match site’s WP time, not servers (https://github.com/bmarshall511/wordpress-zero-spam/issues/89)
  • Removed the banner image to boost performance (https://github.com/bmarshall511/wordpress-zero-spam/issues/86)
  • Enhancements to the admin JS to boost performance
  • Works with Multisite as network activated or per sub site (https://github.com/bmarshall511/wordpress-zero-spam/issues/85)
  • Added BuddyPress support (https://github.com/bmarshall511/wordpress-zero-spam/issues/61)


  • Added missing code documentation and fixed typos (https://github.com/bmarshall511/wordpress-zero-spam/issues/64)
  • Fixed issue with settings not getting initially saved when the plugin is activated. (https://github.com/bmarshall511/wordpress-zero-spam/issues/69)
  • Added ability to auto block spam IPs (https://github.com/bmarshall511/wordpress-zero-spam/issues/71)
  • Added paging to spammer log and blocked IPs (https://github.com/bmarshall511/wordpress-zero-spam/issues/60)
  • Added additional stats and graphs (https://github.com/bmarshall511/wordpress-zero-spam/issues/75)
  • Fixed issue with comment moderators not being able to reply to comments (https://github.com/bmarshall511/wordpress-zero-spam/issues/74)
  • Fix issue with DB errors when first activating plugin (https://github.com/bmarshall511/wordpress-zero-spam/issues/80)


  • Switched to using a nonce to validate form submissions that support WordPress Zero Spam
  • Added Zero Spam plugin settings page for advanced control
  • Fix for for non-logged in users (https://github.com/bmarshall511/wordpress-zero-spam/pull/27, thanks @afragen)
  • Added blank index.php files to prevent directory browsing (https://github.com/bmarshall511/wordpress-zero-spam/pull/24, thanks @TangRufus)
  • Added uninstall.php (https://github.com/bmarshall511/wordpress-zero-spam/pull/23, thanks @TangRufus)
  • Addded support for GitHub Updater plugin (https://github.com/bmarshall511/wordpress-zero-spam/pull/21, thanks @afragen)
  • Added support for Contact Form 7 form submissions (https://github.com/bmarshall511/wordpress-zero-spam/pull/26, thanks @leewillis77)
  • Added ability to log spam detections
  • Fix for warnings cause by default settings not being set before actions run (https://github.com/bmarshall511/wordpress-zero-spam/pull/31, thanks @leewillis77)
  • Installed Compass (http://compass-style.org/)
  • Added support for Gravity Forms
  • Fixed potential issue with sites that use caching plugins
  • Fixed minor typos (thnaks @macbookandrew)


  • Added zero_spam_found_spam_comment and zero_spam_found_spam_registration action hooks (thanks @tangrufus)
  • Minor updates to the readme file

1.3.1 – 1.3.3

  • Minor fixes to WP SVN repo


  • Removed Grunt creation of the trunk directory
  • Added spam detection script to registration form


  • Fixed some typos in the readme.txt file


  • Removed testing for core function testing
  • Fix for adding comments from admin (thanks @afragen)
  • Removed unneeded WP svn trunk and tags folders from the git repo (thanks @afragen)


  • Updated theme documentation.
  • WordPress generator meta tag removed to help hide WordPress sites from spambots.


  • Versiunea inițială.