A common practice for many spammers is to use harvesting bots to collect email addresses. These bots scour the Internet looking for addresses to include into master lists, which are then either sold or used for spamming and advertising.
Because email is still one of the top forms of marketing and online communication, it’s important to take steps to protect yourself from unsolicited messages. This is one of the major reasons why I advise not to place email addresses in WordPress.
Today, I’m going to show you how to hide emails from spammers using an encoder. This essentially encrypts any email address on your site preventing harvesters from collecting them. It’s a great way to restrict how much spam you get throughout the day.
Why Should You Use an Email Address Encoder?
The comment section is only one area of WordPress that is often affected by spam. Keeping your inbox clear of this debris is also vital to remaining efficient and safe.
One of the biggest reasons to encode your addresses is to prevent spammers from adding it to message lists. These lists are often sold off to companies who practice mass spamming. Even some legitimate businesses will use these lists for mass advertising.
Perhaps a hacker wants to spread malware or phishing emails to as many addresses as possible. He or she will send out harvesters to build a massive list and send out corrupted messages in bulk.
Because spam is still such a profound problem on the Internet, I suggest using contact forms when setting up communications from your website. This limits what spammers can find, especially if you use an email address encoder.
Using Email Address Encoder
In this tutorial, I’m going to demonstrate the Email Address Encoder plugin for WordPress. At the time of this article, it’s been several months since it was last updated. However, I verified that it does work with WordPress 4.8.
Access the Plugins area of WordPress and click, “Add New.”
Search, install and activate “Email Address Encoder.”
Once the plugin is activated, it automatically begins encrypting all email addresses detected in WordPress. This includes any that are on posts, pages, in widgets and other places around your site.
Although bots are not able to harvest the email address, humans are still capable of writing down what they see on the page. This doesn’t stop people from spamming you 100 percent of the time, but it will greatly reduce how often your address is harvested.
Most people today would rather have the simplicity of a bot harvest the addresses than to spend time and energy to create an email list by hand.
Because people are still capable of accessing the address, I would suggest using an account that you’re not too worried about when it comes to spam. For instance, you can use “firstname.lastname@example.org” instead of a personal address for a sales department.
How Does the Encoder Hide Emails from Spammers
For this tutorial, I added a fake email address to my contact page. As you can see, the address is still visible as is the “mailto:” link provided.
However, the underlying coding is where the encoding lies. This is because bots scan a page via code. Bots are currently incapable of using visuals to find information like humans. The need to sift through the actual HTML of a site to gather information.
So when an email harvester visits your website, it sees this:
As you can see from the snippet of code, the email address encoder also hides HTML coded commands as well as text. This means you can show a contact email address in a mailto: link and have less to worry about bots scraping it.
Keep Your Information Safe
You have a lot of options available for security when you use WordPress web hosting. Hiding emails from spammers is only one small part of how you can keep your data safe. Don’t assume that because your website is small you won’t be a victim from spammers and hackers. Do what you can to keep your site a proverbial Fort Knox of security.
What kinds of communication do you provide on your website? How often do people use your contact form, and do you think it’s worth the effort to keep?
Author: Josh Dargie
My name is Josh Dargie and I’m the Operations Manager at GreenGeeks. I’ve been with the company since 2009. I have over 16 years of experience working with and for various web hosting providers specifically in development, day-to-day operations and customer service.