這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

WPBruiser {no- Captcha anti-Spam}

描述

WPBruiser (formerly GoodBye Captcha) is an anti-spam and security plugin based on algorithms that identify spam bots without any annoying and hard to read captcha images.

WPBruiser completely eliminates spam-bot signups, spam comments, even brute force attacks, the second you install it on your WordPress website. It is completely invisible to the end-user – no need to ever fill out a Captcha or other “human-detection” field ever again – and it just works!

Unlike other anti-spam plugins, which detect spam comments and signups after the fact and move them to your spam folder, which you then have to delete – using up not only your website’s resources, but your time as well, WPBruiser prevents the bots from leaving spam in the first place. The result is that your site is not only spam free, it’s faster and more secure.

In addition, WPBruiser is completely self-contained and does not need to connect to any outside service. Your logins remain yours, 100%.

WPBruiser fights Brute Force attacks and eliminates spam-bots on comments, signup pages as well as login and password reset pages. At the click of a button, you can decide which forms to protect.

Summary of WPBruiser features

  • Standard WordPress Login form integration
  • Standard WordPress Register form integration
  • Standard WordPress Forgot Password form integration
  • Standard WordPress Comments form integration
  • Ability to set the maximum number of characters for each comment field
  • Logging with the ability to enable/disable it
  • Automatically Block IP Addresses
  • Automatically purge logs older than a certain number of days
  • Manually white-list trusted IP Address (IPV4 and IPV6)
  • Manually block/unblock IP Addresses (IPV4 and IPV6)
  • Properly detects client IP Address when using CloudFlare, Incapsula, Cloudfront, RackSpace, Sucuri CloudProxy, AWS ELB
  • Provides statistics, reports, maps and charts with all blocked spam attempts
  • No requests to external APIs
  • Can be switched to “Test Mode” – for testing
  • Compatible with WordPress Multisite – network admin interface ready
  • Compatible with cache plugins (WP Super Cache, W3 Total Cache, ZenCache, WP Fastest Cache and others)
  • Invisible for end users (works in the background)
  • Does not affect page loading times

Brute Force Protection

  • Automatically detects Brute Force attacks
  • Ability to automatically block IP Addresses
  • Prevents User Enumeration
  • Ability to block most dangerous IP addresses involved in brute force attacks
  • Ability to block most dangerous Anonymous Proxy IP addresses including TOR Networks, TOR Nodes and TOR Exit Points
  • Ability to Completely Disable XML-RPC service – it seamlessly works with Jetpack plugin activated
  • Ability to Disable XML-RPC Pingbacks
  • Email notifications when a Brute Force Attack is detected

WPBruiser Available Extensions

WPBruiser is integrated with the most popular plugins

Contact Forms Extensions
Membership Extensions
eCommerce Extensions
Email Subscriptions Extensions

View all WPBruiser Extensions

WPBruiser is also integrated with the following plugins:

  • Postmatic (https://wordpress.org/plugins/postmatic)
    WPBruiser offers protection for the entire email commenting system

  • Epoch (https://wordpress.org/plugins/epoch)
    WPBruiser offers protection for the entire chat and commenting system

  • wpDiscuz (https://wordpress.org/plugins/wpdiscuz/)
    WPBruiser offers protection for the entire commenting system

  • MailChimp for WordPress (https://wordpress.org/plugins/mailchimp-for-wp)
    WPBruiser offers protection for all forms the user will create with MailChimp

  • Ultimate Member (https://wordpress.org/plugins/ultimate-member)
    WPBruiser offers protection for Login, Registration and Reset Password forms

  • Jetpack by WordPress (https://wordpress.org/plugins/jetpack)
    WPBruiser offers protection for JetPack Contact Form

  • ZM Ajax Login & Register (https://wordpress.org/plugins/zm-ajax-login-register)
    WPBruiser offers protection for Login and Registration forms

  • Login With Ajax (https://wordpress.org/plugins/login-with-ajax)
    WPBruiser offers protection for Login, Registration and Lost Password forms

  • WP User Control (https://wordpress.org/plugins/wp-user-control)
    WPBruiser offers protection for Login, Registration and Lost Password forms

  • PlanSo Forms (https://wordpress.org/plugins/planso-forms/)
    WPBruiser offers protection for all forms

  • Theme My Login (https://wordpress.org/plugins/theme-my-login)
    WPBruiser offers protection for Login, Registration and Lost Password forms

  • Seamless Donations (https://wordpress.org/plugins/seamless-donations)
    WPBruiser offers protection for the donation form

Technical support

If you notice any problems by using this plugin, please notify us and we will investigate and fix the issues. Ideally your request should contain: URL of the website (if your site is public), Php version, WordPress version and all the steps in order to replicate the issue (if you are able to reproduce it somehow)

Donate

If you find this plugin useful, please consider making a small donation. Thank you

螢幕截圖

  • WPBruiser – Settings
  • WPBruiser – Security
  • WPBruiser – Security – WhiteList IP Address
  • WPBruiser – Security – BlackList IP Address
  • WPBruiser – WordPress
  • WPBruiser – Tweaking WordPress
  • WPBruiser – Protect Jetpack Contact Form
  • WPBruiser – UltimateMember protection
  • WPBruiser – Other plugins integrations
  • WPBruiser – Report – Blocked Comment
  • WPBruiser – Report – Block IP Address
  • WPBruiser – Report – By Location – Distribution
  • WPBruiser – Detailed Report

安裝

Option 1

  1. Download the zip file from WordPress plugin directory,
  2. Unzip and upload all the files to the /wp-content/plugins/goodbye-captcha/ folder from your server,
  3. Activate the plugin from WordPress Dashboard

Option 2

  1. Download the zip file from WordPress plugin directory,
  2. Login into the administration panel,
  3. Go to Plugins –> Add New –> Upload,
  4. Click Choose File (Browse) and select the downloaded zip file,
  5. Activate WPBruiser plugin

Option 3

  1. Login into your WordPress site,
  2. Choose Plugins –> Add New,
  3. Search for WPBruiser,
  4. In the results page, click Install Now. (depending on your server, you might need to provide credentials for download),
  5. Activate WPBruiser

After installation, a WPBruiser menu item will appear in the Settings section. Click on this in order to view plugin’s administration page.

常見問題

How do I know is working?

Just switch the plugin to Test Mode and start testing it yourself. The Administrator will receive email notifications.
If something is not working as expected, a warning message will be shown.

Is WPBruiser safe?

Yes. The algorithm behind the plugin was fully tested and there is no way a spider or robot can spam your sites.

What forms can be secured by using WPBruiser WordPress plugin?

All standard WordPress forms(Login, Register, Comment and Forgot Password) can be secured by using WPBruiser plugin.

Are there any php extensions that need to be activated so this plugin could work?

No. The plugin runs 100% without activating any additional php extensions.

Does WPBruiser help me to block ip of the spammers?

Yes. Starting with WPBruiser version 1.1.0, this feature is available.

Does WPBruiser recognize IPV6 addresses and is it possible to block them?

Yes. Starting with WPBruiser version 1.1.0, IPV6 is recognized and the administrator can block it with a single click.

Why captcha is not user friendly?

Studies shown that visual CAPTCHAs take around 5-10 seconds to complete and audio CAPTCHAs take much longer (around 20-30 seconds) to hear and solve.

評價

2022年11月29日
Never use this plugin. It’s an ineffective plugin. The irony is that even if you cancel your subscription after a while, your registered credit card continues to be charged. There is no access to customer service, no subscription cancellation. In other words, it is quite difficult to ensure your security against an add-on whose job is security. Stay away.
2022年8月30日
We were getting around 10 spam comments per day and installed this to try and help, but it doesn’t seem to do much of anything after letting it run for a couple of weeks. Other reviews on the plugin mention that has been abandoned, so it looks like it might be completely non-functional these days.
2021年10月28日
We love the plugin as it saved us from SPAM registrations via Ultimate Members. We also bought extensions for mailpoet and geo-blocking. All worked great, but unfortunately the plugin got abandoned half year ago. Plugin is no longer maintained and the developer’s website is down. Soooo sad!
2021年8月8日
Looks like this was a useful plugin. However, now it is abandoned, developer never answered any questions in the support forum.
2021年7月16日
Was a great plugin a year ago or so and even purchased an addon. But then the developer stopped maintenance on it and I was getting many issues on my site and error log/ debug log complaints, critical issues. Deleted it thankfully before worse things happen like others report here. What a shame, started so promisingly, had good stats too.
2021年7月2日
Had a nightmare after installing this plugin – could not login (Login to WP Dashboard kept failing!!!). Had to reinstall WP / restore the site from a previous Backup in order to regain access to my website… This is the FIRST time I ever gave such a negative review to a plugin.
閱讀全部212個評價

貢獻者及開發者

“WPBruiser {no- Captcha anti-Spam}” 是一個開源的軟體。以下的人對這個外掛作出了貢獻。

貢獻者

WPBruiser {no- Captcha anti-Spam} 外掛目前已有 4 個本地化語言版本。 感謝所有譯者為這個外掛做出的貢獻。

將 WPBruiser {no- Captcha anti-Spam} 外掛本地化為台灣繁體中文版。

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

修改日誌

3.1.43

  • Fixed PHP 7.4 warnings
  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs
  • Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.40

Fixes
– Ajax call javascript error

3.1.39

  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs
  • Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.38

Fixes
– Compatibility with Mailchimp for WordPress
– PHP 7.4 warnings

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.37

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.36

Fixes
– Compatibility with latest JetPack Contact Form

3.1.35

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.34

Improvements
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.33

Fixes
– The plugin does not have a valid header issue

3.1.32

Improvements
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.31

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.30

  • Fixed fatal error when using PHP 5.3.x

3.1.29

Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.28

Fixes
– Fixed ajax compatibility with Ultra Community – User Profiles & Membership Plugin

Improvements
– Introducing new Extension – WPBruiser WPForms Protection

3.1.27

Improvements
– Refreshed Incapsula, Amazon and Cloudflare trusted IPs ranges

3.1.26

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs
– Compatibility with WordPress 5.1

3.1.22

3.1.21

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs

3.1.19

  • Fixed compatibility with UM 2.X

3.1.18

  • Fixed PHP 7.1.x warnings and compatibility with PHP 7.2

3.1.15

Fixes
– Fixed the incompatibility with Gravity Forms Extension

3.1.14

Improvements
– Integrated with HTML Forms Plugin

3.1.12

Fixes
– PHP7 warnings

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs

3.1.11

  • Fixed the PHP notice issue reported by @devonostendorf[https://wordpress.org/support/topic/php-notice-wpdbprepare-was-called-incorrectly-generated-in-wp-core-v4-8-3/]

3.1.9

3.1.6

Improvements
* Added integration with Ultra Community Membership plugin

Fixes
– A plugin vulnerability reported by Wordfence team

3.1.4

Fixes
– PHP7 warnings

Improvements
– Refreshed Country IPs
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs

3.1.3

Improvements
– Prevent oEmbed and WP Rest API user enumeration.

3.1.1

Fixes
– Compatibility with MailChimp for WP version 4.0.4 and up.

3.1

Fixes

  • Compatibility with MailChimp for WP version 4.0.6 and up
  • Compatibility with WordPress MU Domain Mapping plugin
  • Fixed Password reset protection for WooCommerce
  • Refreshed Country IPs

3.0.15

Improvements

  • Compatibility with Avada theme
  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs

3.0.14

Fixes

  • Fixed the issue when protection for WooCommerce registration form was conflicting with protection for Standard WordPress registration

3.0.12

  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs

Improvements

  • Improved loading speed
  • Improved detection algorithm

3.0.11

Improvements
– Improved proxy detection feature

3.0.10

  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs

Additions

  • Ability to register trusted proxy headers
  • Email Notification when a user with Admin Capabilities has signed in

New Premium Extensions

3.0.9

Fixing repository issues

3.0.7

  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs

3.0.6

Fixed corrupted files from WordPress Repository

3.0.5

3.0.4

Fixes
– W3TC refresh cache notice – reported by Todd and roxchou
– bbPress menu disappear when WPBruiser is active – reported by N3k0

Additions
– Integration with wpDiscuz
WooCommerce Extension

3.0.3

Fixes
– Compatibility with Query Monitor plugin
– Block Web Attackers IPs and Block Anonymous Proxy IPs options are getting deactivated
– Refreshed WebAttackers IPs
– Refreshed Proxy IPs

3.0.2

  • Removed jQuery dependency
  • Added protection for Ultimate Member Modal Login
  • Compatibility with WordPress 4.5 for Max Comments Fields Length
  • Refreshed Country IPs
  • Refreshed WebAttackers IPs
  • Refreshed Proxy IPs

3.0.1

Improvements

  • Ability to set up the Fields Maximum Length for each comment form field
  • Added Extensions page
  • Added languages folder to support translations
  • Added a new filter wpbruiser-scripts-in-head – to explicitly render WPBruiser’s script in head or footer

3.0

  • Added IPv4 to country lookup

Introducing premium extensions

2.2.2

  • Removed the MaxMind GeoIP Databases due to the licensing terms violation

2.2.1

  • Fixed MySql error reported by WHSajid

2.2.0

  • Fixed issue when WPBruiser blocks post requests from some Amazon proxy servers
  • Fixed blocked content extra slashes
  • Improved Brute Force attacks detection
  • Refreshed dangerous IPs lists

2.1.0

  • Now GoodByeCaptcha is WPBruiser
  • Fixed Disable Trackbacks/Pingbacks issue reported by sixer
  • Added compatibility with WP Deferred JavaScripts plugin
  • Fixed warning notice reported by Sucuri

2.0.1

Fixes
– Compatibility with Login With Ajax plugin
– Compatibility with Google Apps Login plugin
– Compatibility with WP-Rocket plugin
– Compatibility with Autoptimize plugin
– Compatibility with Theme My Login plugin

2.0

Additions
– New admin interface
– Network admin interface
– Brute-Force protection
– White-list IPs
– Black-list IPs
– WordPress tweaks