This plugin effectively and automatically makes it very difficult for spambots to harvest email addresses from your WordPress-powered blog. Email addresses may be placed in posts, comments, and pages, plain, as html links, or in a special “easy email” form, and emobA automatically protects them. All email addresses appearing on your blog will appear on the screen as active links to normal, valid, and correct email addresses (the actual email is seen in the status bar when hovering), but to spambots they will have no recognizable features.
It recognizes, and produces obfuscated active (click-to-send) email links for,
- standard email links
<a href=”you
example
com
”>YourName</a>
written as html (not in visual editor). Other attributes, both before and after href, are allowed and ignored. - the special “easy to write” form
yourname you©example,com
This can be written with the visual editor.
(The old version [YourName] A@B.C remains available, if desired.) - a bare email address youexamplecom
(with or without “mailto:” in front of it) — written in visual editor or html
Each of these will appear as a standard email link. Those with a “YourName” will look like YourName you©example,com
. A bare email such as youexamplecom
, without an associated “YourName”, will appear as a link yourexamplecom
, the email serving as the missing name, with characters or graphics in place of “@” and “.”
This is accomplished with a combination of WordPress filter hooks and JavaScript. If the browser is JavaScript-enabled, visitors to the site will see active email address links. If JavaScript is not enabled, hovering over the “link” will bring up a popup showing the email in human-readable form, eg you [@] example [.] com. The [@] and [.] are graphic images, not text, so the parts of the address are separated by lengthy runs of html (<img … />).
The email addresses occur in the HTML source only in a well-hidden encoding. The email address is converted to hexadecimal and appears only as the value of a JavaScript variable. That encoded email is separated in the JavaScript from the telltale “mailto:” to further confuse spambots. The no-JavaScript popup address is encoded in the JavaScript with graphics representing “@” and “.”, so even a fairly smart spambot will not be led easily to the address.
You can download emObA and leave bug reports and requests for help at
emObA at WordPress.org
DEMO: You can test emOba — it is activated for the comments. Note the comment preview, which makes demonstrating/testing quite simple. These comments are not closely monitored — use the WordPress site for communication.