Titan Anti-spam & Security

Описание

Titan includes anti-spam, firewall, malware scanner, site accessibility checking, security and threats audits for WordPress websites. Our security functions provide Titan with the latest firewall rules, malware signatures, and database of malicious IP addresses — all you need to ensure the security of your website.

Titan — это комплексное решение безопасности WordPress, дополненное набором дополнительных функций в виде надстроек, которые были помещены в простой и интуитивно понятный интерфейс.

Why did we update Anti-Spam and what is Titan?

Let me tell you before we start: your favorite Anti-Spam had not disappeared! Instead of that it revived and became stronger to stand guard over the secure of your site!
The latest update of Anti-Spam is called Titan Anti-spam & Security and represents the brand new version of a plugin.

Why TITAN?

Мы стремимся создать такой же надежный плагин, как этот металл, и в то же время простой в использовании. Новое название нашего плагина задает темп с новейшими и высочайшими стандартами качества.

What has been changed except the name?
Whilst the process of modernization we had to take some complicated decisions. One of them was:
What should we do: keep Anti-Spam like a simple plugin with the only one function or complicate it with a huge complex of tools made for the security of your site?
Constant feedback from users and versatile development experience lets us claim that the situation when there is too many tools couldn’t exist!
We considered all possibilities thoroughly to secure the best future for the plugin.
Let me introduce new secure functionality that was developed with spending a lot of time, effort and consideration:

Features

ANTI-SPAM

ANTI-SPAM CHECKS YOUR COMMENTS THROUGH OUR GLOBAL SPAM DATABASE, THEN A SELF-LEARNING NEURAL NETWORK RE-CHECKS UNFILTERED COMMENTS, TO PREVENT YOUR SITE FROM PUBLISHING MALICIOUS CONTENT.

  • Без капчи.
  • We have created algorithms to ensure reliability and accuracy against spam bots. It will save your time and resources, allowing you to focus on developing and improving your website and business. Antispam provides logs of all the processed requests that allows you to check the spam filters results. Regular analysis of parameters allows you to find new spam behavior patterns.
  • A comment posted by a user appears on the site right away. The background check marks spam comments as spam and hides them on a site. This helps to improve user experience and increase engagement.
  • [PRO] Checking the already existing comments and users for spam.
  • [PRO] We provide 24/7 technical support.
  • [PRO] To identify and block spam bots AntiSpamPro uses a series of tests running in the background, totally transparent to the website User. It allows 100% protection from spam bots No extra protection needed.
  • [PRO] Anti-spam is a comprehensive and transparent anti-spam protection. We provide detailed statistics of all logged comments and logins. You can always be sure that there are no errors.
  • [PRO] Protect Register Form.
  • [PRO] Advanced protection of comment forms.
  • We regularly release updates to the anti-spam module. Our modules always meet new versions of CMS and we are constantly expanding supported CMS.

WORDPRESS FIREWALL

The web application firewall detects and blocks malicious traffic. It protects your website at the endpoint by providing deep integration with WordPress. In contrast to cloud alternatives, it does not violate encryption, cannot be bypassed and does not contribute to data leakage.

  • Protection brute force attacks by restricting login attempts.
  • [PRO] Update real-time firewall rules and malware signatures through the threat protection channel.
  • [PRO] Real-time IP Block List blocks all requests from malicious IP addresses, protecting your site and reducing load.
  • [PRO] An integrated malware scanner blocks requests containing malicious code or content.
  • [PRO] Using the Attack Log you can track visits and hacking attempts that are not shown in other analytic packages in real time; including origin, IP address, current time, and time spent on your site.
  • [PRO] Block intruders by IP address or create advanced rules based on a range of IP addresses, hostname, user agent, and referrer.

WORDPRESS SECURITY SCANNER

  • The malware scanner checks the system files, themes and plugins for malware, invalid URLs, backdoors, SEO spam, malicious redirects and code injections.
  • Basic scanning using more than 1000 signatures.
  • [PRO] Advanced scanning with more than 6000 signatures.
  • [PRO] Configure three scan speeds to make sure the performance is not affected.
  • [PRO] Set scan schedules — daily, monthly, and manually.
  • [PRO] Update malware signatures in real time through a threat protection channel.
  • Compares your system, themes and plugins with those which are in the WordPress.org repository, checking their integrity and informing you of all changes.
  • Recover modified files by overwriting them with the original version.
  • Delete unknown and unwanted files easily via the Titan interface.
  • Checks your site for vulnerabilities and notifies in case of any problems or discrepancies. It also provides a notification of potential security issues when the plugin has been closed or inactivated.
  • Checks the content security by scanning the contents of files, messages and comments for dangerous URLs and suspicious content.

SITE CHECKER [PRO]

  • Check the availability of any URL
  • Push notifications in the browser to show URLs access issues in real time.
    Your browser will receive push notifications if one of the URLS is unavailable.

TWEAKS

  • Strong Password Requirement
  • Hide author login
  • Hide WordPress versions. WordPress itself and many plugins show their version at the visible areas of your site. An attacker who received this information may be aware of the vulnerabilities found in the version of the WordPress core or plugins.

Переводы

  • English (default), always included
  • Korean — big thanks to @cansmile
  • Spanish (Venezuela) — big thanks to @yordansoares, @nobnob, @bragnieljimenez
  • Spanish (Spain) — big thanks to @garridinsi, @nobnob, @nobnob, @nilovelez, @fernandot
  • Italian — big thanks to @deadpool76
  • Persian — big thanks to @1farakav
  • Arabic — big thanks to @alzintani
  • Swedish — big thanks to @elbogen
  • Tibetan — big thanks to @bumpagyal
  • Albanian — big thanks to @besnik
  • Dutch — big thanks to @robelia

We are very need for your help with translating the
Titan Anti-spam & Security plugin
into your native language. We want to make it international and understandable for everyone. Please contact us via email inside the plugin, or create a topic on our support forum if you can help with the translations. In exchange for your help, we will give you better support and our premium plugins absolutely free!

Скриншоты

  • Dashboard
  • General Settings
  • Anti-spam Settings
  • Web Application Firewall (WAF)

Установка

  1. Установите и активируйте плагин на странице плагинов
  2. Наслаждайся жизнью без спама в комментариях

For more info visit titansitescanner.com

Часто задаваемые вопросы

Как проверить, какие спам-комментарии были заблокированы?

You can visit Anti-spam settings page and enable saving blocked comments as spam in the spam section.
To enabled that you need to go to: WordPress admin dashboard => Settings section => Anti-spam
Saving blocked comments into spam section is disabled by default.
Saving spam comments can help you to keep all the comments saved and review them in future if needed. You can easily mark comment as «not spam» if some of the comments were blocked by mistake.

Какой процент заблокированного спама?

Anti-spam plugin blocks 100% of automatic spam messages (sent by spam-bots via post requests).
Plugin does not block manual spam (submitted by spammers manually via browser).

Несовместимо с:

  • Disqus
  • Jetpack Comments
  • AJAX Comment Form
  • bbPress

Как работает плагин Anti-spam?

Алгоритм блокировки основан на 2 методах: «невидимая js-капча» и «невидимая входная ловушка» (она же техника медового горшка).

Как работает метод «невидимой js-captcha» (он же приманка)?

Метод «невидимой js-captcha» основан на том факте, что у ботов нет javascript на своих пользовательских агентах.
В форму комментариев добавлено дополнительное скрытое поле.
Речь идет о текущем году.
Если пользователь посещает сайт, это поле автоматически получает ответ с помощью javascript, скрывается с помощью javascript и css и невидимо для пользователя.
Если спамер неверно заполнит поле-год — комментарий будет заблокирован, так как он является спамом.

Как работает метод «невидимая входная ловушка» (он же техника медового горшка)?

Метод «невидимой ловушки ввода» основан на том факте, что почти все боты будут заполнять поля ввода именем «электронная почта» или «URL-адрес».
В форму комментариев добавлено дополнительное скрытое поле.
Это поле скрыто для пользователя, и пользователь не будет его заполнять.
Но это поле видно спамеру.
Если спамер чем-нибудь заполнит это поле-ловушку — комментарий будет заблокирован, потому что это спам.

Как узнать(посмотреть) счетчик заблокированных спам-комментариев?

Информационный блок с общим счетчиком заблокированного спама вы можете найти в разделе комментариев администратора.
Вы можете скрыть или показать этот информационный блок в разделе «Параметры экрана».
Параметр видимости для этого информационного блока сохраняется для каждого пользователя.

Блокирует ли плагин спам из Контактов или других форм?

Плагин блокирует спам только в разделе формы комментариев и не блокирует спам из любых других форм на сайте.
Если вы установили и активировали плагин и все еще получаете спам — вероятно, это может быть из-за каких-то других форм на вашем сайте (например, форма обратной связи).

What about trackback spam?

Users rarely use trackbacks because it is manual and requires extra input. Spammers uses trackbacks because it is easy to cheat here.
Users use pingbacks very often because they work automatically. Spammers does not use pingbacks because backlinks are checked.
So trackbacks are blocked but pingbacks are enabled.

Какие браузеры поддерживаются?

Поддерживаются все современные браузеры и IE8 +.

Unobtrusive JavaScript

Anti-spam plugin works with disabled JavaScript. JavaScript is disabled on less than 1% of devices.
Users with disabled JavaScript should manually fill catcha-like input before submitting the comment.

И еще одно дополнительное замечание …

Если на сайте включен плагин кэширования и кэш не очищен, или если тема не использует действие «comment_form»
и нет входных данных плагина в форме комментариев — плагин пытается автоматически добавить скрытые поля с помощью JavaScript.

Недостаточно информации о плагине?

two
You may check out the source code of the plugin.
The plugin is pretty small and easy to read.

Отзывы

10.08.2021
I was annoyed when the little Anti-spam plugin became a giant security behemoth. But on an uncomplicated site, the anti-spam function still works invisibly, and I don’t notice change in the way it works or the speed of the site. For my purpose, which is purely filtering spam, the free version continues to work flawlessly; I ignore the rest of the functions. If it does what I want and causes no trouble, it deserves five stars—even though I grumbled at the apparent bloat.
24.02.2021
Titan scanned every line of code of every file which to my knwoledge isn't something that Wordfence or Sucuri does. And Titan did it for free. How entitled do you have to be to complain about a plugin adding useful features better than its competitors'? No, I'm not affiliated with Titan in any way. But I do run a business that has done just that: add new products. Unbelievable how closed-minded and resistant to change people can be. @Titan: Ignore the haters and keep up the good work. Please manually remove known false positives from your scans e.g. eVal from Wordfence files which I also have installed.
15.12.2020
I only wanted a lightweight anti-spam plugin, it was my go to plugin and did a great job. What I have now, and not my informed choice as the plugin was updated, is a bloated mess. I host many WordPress sites and will be uninstalling from them all.
16.06.2020
So, this used to be my goto anti spam plugin. IT IS NO LONGER THE SAME PLUGIN latest update has replaced what was a good plugin with something very different. This actually represents a huge problem that WordPress will need to address. What if you use a small plugin that does one very useful task. Something very simple even. Someone can "buy" that plugin from the original creator and replace it with whatever they like during an update. In this case a lightweight well behaved anti spam plugin is now a huge bloated security suite that shouts at you in admin. I would never have considered installing this, but it crept in the back door. This new untested plugin, will then show larger numbers of users (which previously was one of the metrics I used for judging a plugins usefulness, but will be very cautious of going forward) and ride on the back of it's predecessor. This is what has happened here.
Посмотреть все 362 отзыва

Участники и разработчики

«Titan Anti-spam & Security» — проект с открытым исходным кодом. В развитие плагина внесли свой вклад следующие участники:

Участники

«Titan Anti-spam & Security» переведён на 8 языков. Благодарим переводчиков за их работу.

Перевести «Titan Anti-spam & Security» на ваш язык.

Заинтересованы в разработке?

Посмотрите код, проверьте SVN репозиторий, или подпишитесь на журнал разработки по RSS.

Журнал изменений

7.2.8
* Compatibility WP 5.8
* Update components

7.2.7 – 12.03.2021
* Added: Backup system (PRO)

7.2.6 – 12.03.2021
* Fixed: Minor bugs

7.2.5 – 13.01.2021
* Fixed: Minor bugs

7.2.4 – 12.01.2021
* Fixed: Fatal error after activate/update

7.2.3 – 12.01.2021
* Added: Support php 8
* Fixed: Minor bugs

7.2.1

  • Added: Subscribe form
  • Improved: Compatibility with WordPress 5.6
  • Fixed: Minor bugs

7.1.6

  • Added: Setup wizard
  • Improved: Compatibility with WordPress 5.5

7.1.6

  • Fixed: jQuery.fn.load() and other bugs after update to WordPress 5.5

7.1.5

  • Added: Two-Factor authentication [PRO]

7.1.4 — 22.06.2020

  • Updated: translations

7.1.3 — 19.06.2020

  • Added notice in the plugin interface
  • Fixed: Minor bugs

7.1.2 — 16.06.2020

  • Added: options search in the plugin interface. You can enter the option name, the plugin will automatically redirect you to the desired page where the option is located.
  • Removed: trial for the premium plugin
  • Updated: main navigation menu.
  • Added: compatibiliy with a new premium addons.
  • Fixed: Minor bugs

7.0.3 — 20.05.2020

  • Added an option to send a weekly security digest to admin email.
  • Fixed: Minor bugs

7.0.2 — 30.04.2020

  • Add COMPONENTS tab
  • Fixed: Minor bugs

7.0.1 — 17.04.2020

  • The Htts warning notice has been hidden

7.0.0 — 17.04.2020

  • Add wordpress firewall [PRO]
  • Add malware scanner
  • Add security audit
  • Add security tweaks
  • Add site checker [PRO]

6.5.4 — 24.01.2020

  • Fixed: Minor bugs.
  • Fixed: Compatibility Anti-spam Pro.

6.5.3 — 08.01.2020

  • Removed: Admin redirect to the premium page.
  • Updated: Premium page.
  • Added: Activate trial suggestion.
  • Fixed: Minor bugs.

6.5.1 — 16.12.2019

  • Added: Multisite support.
  • Fixed: Bug with redirection loop in multisite mode.
  • Fixed: Readme. GDPR compatibility is ready. Plugin doesn’t send any data to the remote server.
  • Removed: Dashboard widget with annoy ads.

6.5 — 12.12.2019

  • Updated: Plugin interface.
  • Added: Compatibility with WordPress 5.3
  • Added: Compatibility Anti-spam Pro.

5.5

  • Code cleanup
  • Removed dismissible notice

5.4

  • Updated dismissible notice

5.3

  • Fixed the typo in the readme
  • Readme cleanup
  • Code cleanup
  • Added dismissible notice

5.2

  • Отключить трекбэки

5.1

  • Отключить проверку комментариев от вошедших в систему пользователей

5.0

  • Rewriting/refactoring a lot of the code
  • Страница добавления настроек
  • Сохранение заблокированных комментариев в разделе «Спам»
  • Работа над соблюдением требований GDPR

4.4 — 2017-08-30

  • Fixed issue with showing comments on every page. Thanks to johnh10

4.3 — 2016-11-22

  • фиксированные уведомления

4.2 — 2016-01-30

  • removed XSS vulnerability — thanks to Kenan from tbmnull.com

4.1 — 2015-10-25

  • added log spam to file feature — huge thanks to Guti
  • предотвратить раскрытие полного пути
  • добавлен пустой файл index.php
  • опубликовать плагин на GitHub
  • добавлен текстовый домен для translation.wordpress.org

4.0 — 2015-10-11

  • dropped jQuery dependency (huge thanks to Guti for rewriting javascript code from scratch. Força Barça! )
  • исправлена проблема с пустым счетчиком заблокированного спама (показывает ноль вместо ничего)

3.5 — 2015-01-17

  • убрана проверка function_exists, потому что каждая функция имеет уникальный префикс
  • removed add_option()
  • added autocomplete=»off» for inputs (thanks to Feriman)

3.4 — 2014-12-20

  • added the ability to hide or show info block in the «Screen Options» section

3.3 — 2014-12-15

  • refactor code structure
  • added blocked spam counter in the comments section
  • очистить документы

3.2 — 2014-12-05

  • added ANTISPAM_VERSION constant (thanks to jumbo)
  • удален новый алгоритм блокировки спама, потому что он не нужен

3.1 — 2014-12-04

  • удалить уведомления журнала

3.0 — 2014-12-02

  • добавлен новый алгоритм блокировки спама
  • исправление ошибок
  • скрипт enqueue только для страниц с формой комментариев и в нижнем колонтитуле (спасибо dougvdotcom)
  • refactor code structure

2.6 — 2014-11-30

  • reverting to ver.2.2 state (enqueue script using ‘init’ hook and into the header) because users start receiving spam messages

2.5 — 2014-11-26

  • update input names

2.4 — 2014-11-25

  • update input names

2.3 — 2014-11-23

  • скрипт enqueue только для страниц с формой комментариев и в нижнем колонтитуле (спасибо dougvdotcom)
  • очистить код

2.2 — 2014-08-03

  • clear value of the empty input because some themes are adding some value for all inputs
  • обновлен раздел FAQ

2.1 — 2014-02-15

  • add support for comments forms loaded via ajax

2.0 — 2014-01-04

  • исправление ошибок
  • обновление информации

1.9 — 2013-10-23

  • изменение структуры html

1.8 — 2013-07-19

  • removed labels from plugin markup because some themes try to get text from labels and insert it into inputs like placeholders (what cause an error)
  • added info to FAQ section that Anti-spam plugin does not work with Jetpack Comments

1.7 — 2013-05-31

  • if site has caching plugin enabled and cache is not cleared or if theme does not use ‘comment_form’ action — Anti-spam plugin does not worked; so now whole input added via javascript if it does not exist in html

1.6 — 2013-05-05

  • добавить дополнительную информацию об отладке в текст ошибки

1.5 — 2013-04-15

  • disable trackbacks because of spam (pingbacks are enabled)

1.4 — 2013-04-13

  • code refactor
  • renaming empty field to «*-email-url» to trap more spam

1.3 — 2013-04-10

  • changing the input names and add some more traps because some spammers are passing the plugin

1.2 — 2012-10-28

  • незначительные изменения

1.1 — 2012-10-14

  • отправка ответа с сервера клиенту в скрытое поле (поскольку год клиента и год сервера могут не совпадать)

1.0 — 2012-09-06

  • Первый выпуск