Preventing email spam with the built-in WordPress email obfuscator
If you want to give people the option to contact you by email, you need to display your email address on your site. But by doing so, you are putting yourself at the mercy of the low-lives out there harvesting email addresses so they can spam you with products that will enlarge certain parts of your body.
There are solutions out there that use javascript and other stuff to “obfuscate” your email address, but why use something external when you can use the handy, shiny, built-in WordPress email obfuscating template tag?
To use this template tag, you need to do the following:
- Make sure your email address is in your user profile.
- Put the following template tag wherever you want the address to appear:
<?php echo antispambot(get_the_author_email()); ?>
The WordPress codex says that this tag works as follows:
The function antispambot() above parses the e-mail address passed by get_the_author_email() (this is the same as the_author_email(), except it returns rather than displays the author’s e-mail address). Use of the echo command displays the output of antispambot(). An interesting feature is it encodes only portions of an address, and does so randomly so the letters encoded are different each time the page loads, adding a little more firepower to the spam protection arsenal.
My questions are:
- Since this pulls an author related parameter, will the email address change according to the author? (Probably.)
- Can this even be displayed in the sidebar?
It seems that if it is author related, it is not a good solution for displaying a website email address that does not belong to a specific person, like . But if you do have a multi-author site and you want to display the authors’ email addresses, this seems like a great way to do that without feeding the spam wolves.
Category: Good Blogging Practice
[...] didn’t know this until WordPress Garage pointed it out, but it seems that WordPress has a built-in obfuscation function. It’s called antispambot(). [...]
[...] Dave’s slightly helpful pick: WordPress’s built-in email obfuscator [...]
Mac OS X users can also manually use a Dashboard widget called obfuscatr. It provides JS or just plain encoding of your email. See the details article at flash tekkie. obfuscatr was also featured in MacWorld Italy of March 2008.
[...] Dave’s slightly helpful pick: WordPress’s built-in email obfuscator [...]
unfortunately the tag doesn’t show anything in wp 2.8.1. Use an obfuscator to hide, but a contact form is a better idea.
@csleh: WP 2.8.4 seems to work just fine with the `antispambot` tag. I was using `get_the_author_meta(‘user_email’)` for grabbing the address. You might try that…
Contact forms are nice, but a lot of people want to be able to click on a link to email (in part for their own concerns about privacy), and this is pretty much the best solution for that situation.
To grab an author’s email outside of the loop, you need to specify which author, like so:
`get_the_author_meta(‘user_email’,2)`
…where ’2′ is the author’s ID.
I used to have Private daddy on my web site. Now there’s also a WordPress plug-in for the rest of us. It does this automatically: http://www.privatedaddy.com/wordpress
@ND thanks for telling us about Private Daddy! I’m going to check that out. Seems like an interesting service.
Hi Miriam,
Thanks for the info, just what I was looking for. You mention that you cannot use this method to obfuscate a generic, non-specific user related email address. But you can: if you enter
<?php echo antispambot(<emailaddress>); ?>
(such as <?php echo antispambot(“info@whatever.com”); ?>, it will just take that specific email address and obfuscate it.
Cheers,
Hans.