La Sentinelle antispam

Beschrijving

Voel je veilig wetende dat je website veilig is voor spam. La Sentinelle bewaakt je WordPress website tegen spam op een simpele en effectieve manier.
Het heeft antispam filters voor reactieformulieren en registratieformulieren en kan worden uitgebreid voor plugins.
De standaard instellingen zouden bijna alle spambots moeten vangen, en er is een instellingenpagina waar je het naar wens kunt instellen.

Current features include:

  • 3 antispam functies; Honeypot, Nonce, Form Timeout.
  • These 3 spamfilters depend on JavaScript on the frontend.
  • 1 antispam feature; Stop Forum Spam.
  • Settingspage to set things up according to your wishes.
  • Transparent to the visitor, no nagging with Captcha’s or other annoying things.
  • By default no use of third-party services and no tracking of visitors.
  • Lightweight and simple code.
  • Logboek voor WordPress reacties en welk spamfilter het gemarkeerd heeft als spam.
  • Logging for Custom forms and which spamfilter marked it as spam.
  • Statistics for every form how many spam submissions were blocked.

WordPress forms that are protected:

  • WordPress Comments form.
  • WordPress Login form.
  • WordPress Register form.
  • WordPress Lost Password form.

Form Plugins that are protected:

Support

If you have a problem or a feature request, please post it on the plugin’s support forum on wordpress.org. I will do my best to respond as soon as possible.

Als je me een e-mail stuurt dan zal ik niet reageren. Graag het support forum gebruiken.

Vertalingen

Translations can be added very easily through GlotPress.
You can start translating strings there for your locale. They need to be validated though, so if there’s no validator yet, and you want to apply for being validator (PTE), please post it on the support forum.
I will make a request on make/polyglots to have you added as validator for this plugin/locale.

How to choose an antispam plugin

When you look through the WordPress Plugin Repository you will see more than a hundred antispam plugins.
Which one is the best one? Short answer, there is no “best one”. No spamfilter and no method for spamfiltering is perfect.
Slightly longer answer, you could try about twenty and choose the one that fits your needs best.

But there is also a really long answer.
There are different methods that can be used against spam, and every method has its drawbacks.
In my opinion, having a low number of false positives is more important than perfectly marking all spam, you don’t want to miss out on important people or information. Nagging the user in some way has a similar effect, the user might not even want to bother with that and just walk away.

  • Third party services: Services like Akismet, OOPSpam, Stop Forum Spam and also reCAPTCHA offer third party services to check for spam. This can be very effective, but you are giving user submitted data away to these third parties and are also giving your users up for tracking them.
  • Captcha’s, reCAPTCHA and Quizz Questions: You are annoying your users and probably sending some of them away. This especially counts for reCAPTCHA for visitors who have third party cookies disabled.
  • Blacklists: Often running behind the facts. That goes for the way of getting users off that list, and also in getting users on that list.
  • Referer check: check if the Referer header is set correctly. You can never trust it is set correctly. Modern browsers are limiting the use of Referers, though for now that is mostly for third-party domains.
  • JavaScript methods: Spammers often (always?) don’t use JavaScript, they just post the form with spammy data. Drawback for this method is that statistics say that about 1 percent of users has JavaScript disabled. Also, some websites have broken JavaScript, which might make the spamfilter break as well.
  • Activatie-e-mail voor het registreren van gebruikers. Gebruikers worden pas geactiveerd na het klikken in de e-mail op de activatielink. Je hebt nog wel alle niet-geactiveerde gebruikers in je website.

You could have a bright idea about combining several methods, but then you get the drawbacks of all the methods you use.

Another complication of choosing a good plugin is that most antispam plugins don’t tell you what methods they use. The documentation doesn’t tell you, and looking at the source code just leaves you confused at the chaos that it often is.

My main motivation for writing this plugin is to offer a plugin that does spamfiltering with JavaScript methods in a simple and effective way.
The claimed 1 percent of users that has JavaScript disabled will also be tech-savy enough to enable it again for your website.

Compatibiliteit

Deze plugin is compatibel met ClassicPress.

Contributions

This plugin is also available in Codeberg.

Schermafdrukken

  • Settings page with the spamfilters that are enabled by default.
  • Settings page with the forms for which the spamfilters are enabled.
  • Settings page with extra options.
  • Settings page with statistics about the spam that was blocked or cought together with support links.

Installatie

Installation

  • Install the plugin through the admin page “Plugins”.
  • Alternatively, unpack and upload the contents of the zipfile to your ‘/wp-content/plugins/’ directory.
  • Activate the plugin through the ‘Plugins’ menu in WordPress.
  • That’s it.

License

The plugin itself is released under the GNU General Public License. A copy of this license can be found at the license homepage or in the la-sentinelle.php file at the top.

FAQ

Why is there no “best” or “perfect” antispam solution?

Spam is a social problem, while antispam solutions are technical. There is no way that a technical solution to a social problem will have a 100% perfect match ratio on spam with a 0% perfect match ratio on real messages.

Ik krijg valse positieven

Het kan zijn dat je een JavaScript-fout hebt. Dan werken de spamfilters niet en alle berichten worden gemarkeerd als spam.
Ga naar je formulierpagina, klik met de rechter muisknop op de pagina, selecteer “Inspecteer element” > Console-tab. Herlaadt de pagina en kijk of er foutmeldingen zijn in je console.

I am being targeted by a spammer

That is unfortunate. The default spamfilters in this plugin only protect against general spambots that are targeting any form on any website.
First thing you can do is enable the ‘Stop Forum Spam’ spamfilter, that should help against most human spammers and targeted attacks, though only for default forms in WordPress Core.
If that doesn’t help, I advise to add an extra plugin in the form of OOPSpam, that should provide a good defense against human spammers and targeted attacks.

What happens if spambots start running JavaScript code?

That makes this plugin less valuable. It will be more expensive to them though, which in general makes it a good thing.

Beoordelingen

31 juli 2023
Great work, I tested it on 2 of my sites that were attracting thousands of spam comments and it worked great, there is an option to save the comments in a spam folder for you to look at later as well as delete them directly. Congratulations on a job well done.
26 april 2023 1 reactie
Hello, I found that starting from version 2.4.5, the input in the .la-sentinelle-container will be displayed because the old version contained CSS with display: none, which is no longer present in the new version. This will result in a large blank space and unnecessary fields below the comment section of all articles.
28 maart 2022
Marcel deserves our full respect. This free extension allows me to propose a 100% cookie free website and still have a great anti-spam filter for my forms. This is simply a brilliant extension. A must have for all online forms. Thank you Marcel !
20 maart 2021
Le tri est efficace aussi bien sur les commentaires qu’avec le formulaire de contact, c’est pile ce que je cherchais.
Lees alle 14 beoordelingen

Bijdragers & ontwikkelaars

“La Sentinelle antispam” is open source software. De volgende personen hebben bijgedragen aan deze plugin.

Bijdragers

“La Sentinelle antispam” is vertaald in 3 talen. Dank voor de vertalers voor hun bijdragen.

Vertaal “La Sentinelle antispam” naar jouw taal.

Interesse in ontwikkeling?

Bekijk de code, haal de SVN repository op, of abonneer je op het ontwikkellog via RSS.

Changelog

3.1.0

  • 2024-07-12
  • Add support to Forminator (thanks delanthear).
  • Add id attribute to input fields for compatibility with Forminator.
  • Remove return message about ’too fast’, not needed really.
  • Simplify code for comments.

3.0.3

  • 2024-03-15
  • Add support to Ultimate Member for registration and lost password too.

3.0.2

  • 2024-03-07
  • Add support to Ultimate Member (thanks lamachinedigitale).

3.0.1

  • 2024-01-02
  • Add option to enable register forms in WooCommerce (thanks misterpo).

3.0.0

  • 2023-12-21
  • Always add spamfilter input fields to forms.
  • Do not enable spamfilters for password reset by default.
  • Add optional spamfilter for AJAX.
  • Add experimental spamfilter for Canvas / WebGL / AJAX.
  • Fixes for function ‘la_sentinelle_array_flatten()’.
  • Simplify lots of code.

2.4.7

  • 2023-04-27
  • Fix CSS for wp-comments form (thanks Barry).

2.4.6

  • 2023-04-20
  • Fix CSS for wp-login.php (thanks Bonaldi).

2.4.5

  • 2023-04-20
  • Remove support for EDD register during checkout, it breaks unexpectedly.
  • Use ’transform:translateY(10000px)’ instead of ‘display:none’, thanks ntodo.

2.4.4

  • 2023-04-03
  • Fix warning in nonce check.
  • Let WooCommerce comments of type ‘order_note’ pass by without an issue.

2.4.3

  • 2023-03-28
  • Cleanup and have Easy Digital Downloads work okay again.
  • Remove ‘la_sentinelle_check_registration_form_edd_action’ function.

2.4.2

  • 2023-03-17
  • Disable spamfilters for Easy Digital Downloads for now, since on v3.1.1 it doesn’t work.

2.4.1

  • 2023-03-09
  • Add workaround for Contact Form 7 refill, when caching is used.

2.4.0

  • 2023-03-02
  • Also check honeypot field for missing field.
  • Switch to text input with style ‘display:none’.
  • Take more hints from phpcs.

2.3.0

  • 2023-02-07
  • Update for new widget form in Noptin.

2.2.1

  • 2022-09-14
  • Fix password reset on user profile admin page.

2.2.0

  • 2022-09-10
  • Add support for WP Job Manager plugin (submit job / register).
  • Add link to log to ‘At a Glance’ dashboard widget.

2.1.2

  • 2022-03-24
  • Dependency for jquery should be an array.

2.1.1

  • 2022-02-07
  • Fix error in date query on ‘shutdown’.

2.1.0

  • 2022-01-22
  • Add support for WPForms Lite plugin.
  • Add labels to settingspage for form plugins.
  • Use ‘date()” instead of deprecated ‘strftime()’ function.
  • Some updates from phpcs and wpcs.

2.0.3

  • 2021-10-21
  • Security fix: use sanitize_text_field() for log page.
  • Update ‘uninstall.php’ with recent changes.

2.0.2

  • 2021-09-13
  • Add link to open all spam submissions at once to log page.

2.0.1

  • 2021-09-02
  • Support widget in Noptin as well.
  • More compact content of spam submissions.

2.0.0

  • 2021-08-31
  • Save spam submissions of plugin forms.
  • Add admin page to view and delete these spam submissions.
  • Remove old spam submissions as well, if option is enabled.
  • Add support for Newsletter Optin Box plugin (noptin).
  • Fix handler for Caldera Forms.
  • Some updates from phpcs and wpcs.

1.8.1

  • 2021-05-19
  • Remove checks from EDD purchase form when user is logged in already.

1.8.0

  • 2021-05-17
  • Support Easy Digital Downloads plugin again. Login form only as non-AJAX.

1.7.5

  • 2021-05-03
  • Fix form submission when using http on a https website or viceversa.

1.7.4

  • 2021-03-10
  • Only filter on $_POST requests.
  • Better check on Nonce length.

1.7.3

  • 2021-02-25
  • Fix registering at multisite installs.
  • Fix login filter for XMLRPC.

1.7.2

  • 2020-12-24
  • Drop support for Easy Digital Downloads, they do not allow plugins to hook into them since 2.9.24.
  • Add text for Clean Login to settingspage.

1.7.1

  • 2020-12-07
  • Really have Stop Forum Spam disabled by default.

1.7.0

  • 2020-12-07
  • Add Stop Forum Spam as spamfilter (disabled by default).
  • Add options for everest and sfs to uninstall.php.

1.6.0

  • 2020-12-02
  • Support Everest Forms plugin.
  • Add container div around form fields.
  • Use ‘intval()’ for all statistics.

1.5.4

  • 2020-04-29
  • Use ‘_n()’ instead of ‘esc_html__()’ for formatting numbers.

1.5.3

  • 2020-04-14
  • Run timeout function only once.
  • Remove function ‘la_sentinelle_timout_clock’.
  • Add uninstall.php file to uninstall options from db.

1.5.2

  • 2020-02-23
  • Use classes, not ids for input fields.
  • Add support for Clean Login (only login form for now).
  • Set Nonce by default as disabled.
  • Support new wp_initialize_site action for multisite.

1.5.1

  • 2019-03-09
  • Herschrijf foutmeldingen voor Contact Form 7.
  • Gebruik esc_html functies overal.

1.5.0

  • 2019-02-07
  • Support toegevoegd voor Caldera Forms plugin.
  • Support toegevoegd voor Easy Digital Downloads plugin.
  • Support toegevoegd voor Formidable plugin.
  • Verwijder overbodige optie om Contact Form 7 in te schakelen.
  • Herschrijf functies voor statistieken.
  • Toon alleen statistieken voor actieve plugin.

1.4.1

  • 2019-01-08
  • Toegankelijkheidsverbeteringen toegevoegd.
  • Gebruik geen transients voor gehashte veldnamen, dit is sneller.
  • Beoordelingslink toevoegen aan admin-pagina.

1.4.0

  • 2018-12-20
  • Registratieformulier gerepareerd.
  • Meer statistieken toegevoegd.
  • Refactor WooCommerce hooks in WordPress hooks.

1.3.1

  • 2018-12-20
  • Statistiek toegevoegd voor geblokkeerde reacties.

1.3.0

  • 2018-12-19
  • Optie toegevoegd om wel of niet spamreacties op te slaan (standaard is opslaan).
  • Timeout gewijzigd van 3s naar 1s.
  • Alleen admin-code laden op admin-pagina’s.

1.2.1

  • 2018-11-20
  • Repareer login voor admin.

1.2.0

  • 2018-11-16
  • Instellingen toegevoegd voor ondersteunde formulieren.
  • Herschrijf JavaScript om meerdere formulieren te ondersteunen.
  • Altijd JavaScript bijvoegen.

1.1.0

  • 2018-08-29
  • Ondersteun WooCommerce formulieren(Inlogformulier, “Wachtwoord vergeten”-formulier).
  • Log toegevoegd als comment_meta voor reactieformulier.
  • Toegevoegd ‘li’ voor spamreacties op dashboard-widget ‘Op dit moment’.
  • ‘la_sentinelle_preprocess_comment’ functie verwijderd, was ongebruikt.

1.0.2

  • 2018-08-22
  • Optie toegevoegd om spamreacties ouder dan 3 maanden te verwijderen.

1.0.1

  • 2018-08-04
  • Show text when no supported plugins are installed.
  • Show correct message on login form for timeout.
  • Change timeout from 5s to 3s.

1.0.0

  • 2018-07-27
  • Eerste uitgave