Title: GhostTrap Author: LaughterOnWater Published: септември 27, 2025 Last modified: февруари 8, 2026 --- Search plugins ![](https://ps.w.org/ghosttrap/assets/banner-772x250.png?rev=3368984) ![](https://ps.w.org/ghosttrap/assets/icon-256x256.gif?rev=3369005) # GhostTrap By [LaughterOnWater](https://profiles.wordpress.org/laughteronwater/) [Download](https://downloads.wordpress.org/plugin/ghosttrap.1.0.3.zip) * [Details](https://mk.wordpress.org/plugins/ghosttrap/#description) * [Reviews](https://mk.wordpress.org/plugins/ghosttrap/#reviews) * [Installation](https://mk.wordpress.org/plugins/ghosttrap/#installation) * [Development](https://mk.wordpress.org/plugins/ghosttrap/#developers) [Support](https://wordpress.org/support/plugin/ghosttrap/) ## Description **GhostTrap** provides sophisticated invisible spam protection using a comprehensive 5-layer detection system. Legitimate users comment normally while automated spam is silently blocked through advanced timing analysis, cryptographic validation, and behavioral detection. #### 5-Layer Protection System * **Timing Analysis** – Detects submissions too fast for human interaction * **Cryptographic Signatures** – Prevents replay attacks and form manipulation * **Year Validation** – JavaScript-enhanced field verification * **JavaScript Detection** – Ensures legitimate browser interaction * **Honeypot Fields** – Multiple hidden traps catch automated bots #### Professional Features * **Enhanced Admin Interface** – Professional statistics dashboard with custom branding * **Real-time Statistics** – Track protection effectiveness with detailed blocking metrics * **Configurable Timing** – Adjust detection sensitivity from 5-300 seconds * **WordPress 6.4+ Compatible** – Full support for block themes and FSE * **Admin Bar Integration** – Quick spam statistics for administrators * **Screen Options Control** – User-configurable interface elements #### Zero User Friction All protection operates invisibly – no captcha, no puzzles, no delays. Users with JavaScript enabled see normal comment forms, while those with disabled JavaScript get simple year validation. Protection effectiveness remains high in both scenarios. #### Performance Optimized * **Lightweight JavaScript** – Only 2KB, loads exclusively on comment pages * **Smart Script Loading** – Conditional loading based on comment form presence * **Minimal Database Impact** – Efficient storage with optional spam archiving * **Browser Compatibility** – Works across all modern browsers with graceful degradation #### GDPR Compliant No external services, no tracking, no personal data collection beyond standard WordPress comment processing. All spam detection happens locally on your server. #### Attribution Built upon the original Anti-spam plugin foundation by webvitaly, with comprehensive modernization, enhanced detection layers, and professional admin interface for current WordPress compatibility. ### Privacy Policy GhostTrap operates with privacy-first design principles: * **No External Services** – All spam detection processing occurs on your server * **No Personal Data Collection** – Uses only standard WordPress comment data for protection * **No Tracking or Analytics** – Zero data sharing with third parties or external systems * **GDPR Fully Compliant** – Minimal data processing with transparent, local-only operation * **Optional Spam Storage** – Blocked comments stored locally only if explicitly enabled ### Advanced Configuration #### Timing Threshold Recommendations * **High Security Sites:** 10-15 seconds (stricter protection) * **General Purpose Sites:** 15-20 seconds (balanced protection) * **Accessibility-Focused Sites:** 25-30 seconds (accommodates slower interaction) * **Reading-Heavy Sites:** 30+ seconds (allows time for content review) #### Admin Interface Customization * **Admin Bar Statistics** – Toggle spam counter visibility in admin bar * **Screen Options** – Control information panel display on comments page * **Dashboard Integration** – Spam statistics in “At a Glance” widget * **Contextual Help** – Comprehensive protection information in WordPress help system #### Technical Requirements **Server Environment:** * WordPress 5.0 or higher * PHP 7.4 or higher * Standard WordPress hosting with wp_options table access **Browser Support:** * All modern browsers (Chrome, Firefox, Safari, Edge) * Internet Explorer 11+ with graceful degradation * Mobile browsers with full functionality* JavaScript-disabled browsers with fallback protection **Performance Specifications:** * JavaScript payload: ~2KB minified and compressed* Database impact: Single option row with minimal queries * Server processing: Sub- millisecond detection analysis * Memory usage: Negligible footprint during comment processing ## Screenshots * [[ * **Access Ghost Trap** – Go to settings in the admin sidebar and select GhostTrap. * [[ * **Real-time Protection Statistics** – See blocked stats, set form delay timer and spam storage preferences here. * [[ * **Admin Bar Stats** – Show or hide admin bar stats. They only show up in the admin area, and only if you want them. * [[ * **Comments Page Stats Notification** – Show or hide comment notifications. They’re also dismissable. * [[ * **Invisible Comment Protection** – A plugin like this should availabe _when_ you need it, but disappear into the background _until_ you need it. ## Installation #### Automatic Installation 1. Go to Plugins Add New in your WordPress admin 2. Search for “GhostTrap” 3. Click Install Now, then Activate 4. Protection starts immediately with default settings 5. Optional: Visit Settings GhostTrap to customize timing and display options #### Manual Installation 1. Download the plugin zip file 2. Upload to `/wp-content/plugins/ghosttrap/` directory 3. Activate through WordPress admin Plugins page 4. Configure optional settings at Settings GhostTrap #### Verification Testing After installation, test protection effectiveness: 1. Log out of WordPress admin 2. Navigate to any post with comments enabled 3. Submit a test comment (should work normally) 4. Check Settings GhostTrap for blocking statistics 5. Optionally enable “Save blocked spam” to review caught submissions ## FAQ ### How effective is the 5-layer system? GhostTrap blocks virtually all automated spam while maintaining zero friction for legitimate users. The multi-layer approach ensures that even if bots bypass one detection method, additional layers provide backup protection. ### What happens if users disable JavaScript? Users with disabled JavaScript (less than 1% of visitors) see a simple year validation field. They enter the current year to submit comments. Protection effectiveness remains high through server-side validation layers. ### Does it impact site performance? No measurable impact. JavaScript loads only on pages with comment forms, the detection process adds minimal server processing time, and database queries are optimized for efficiency. ### Can I see what spam was blocked? Yes. Enable “Save blocked spam” in Settings GhostTrap to store blocked submissions in WordPress spam folder for review. This helps fine-tune timing settings if needed. ### Is it compatible with comment plugins? GhostTrap works with standard WordPress comment systems, AJAX comment loading, and most comment enhancement plugins. It detects comment forms dynamically and applies protection automatically. ### What about trackbacks and pingbacks? * **Trackbacks** are blocked (high spam potential, rarely legitimate) * **Pingbacks** are allowed (verified WordPress-to-WordPress communication) ### How do I adjust detection sensitivity? Visit Settings GhostTrap to configure timing thresholds. Default 15-second minimum works well for most sites. Increase for slower readers, decrease for higher security on high-traffic sites. ### Does it work with block themes? Full compatibility with WordPress block themes, Full Site Editing, Gutenberg comment blocks, and classic themes. The protection system adapts to various comment form implementations. ## Reviews There are no reviews for this plugin. ## Contributors & Developers “GhostTrap” is open source software. The following people have contributed to this plugin. Contributors * [ LaughterOnWater ](https://profiles.wordpress.org/laughteronwater/) [Translate “GhostTrap” into your language.](https://translate.wordpress.org/projects/wp-plugins/ghosttrap) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/ghosttrap/), check out the [SVN repository](https://plugins.svn.wordpress.org/ghosttrap/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/ghosttrap/) by [RSS](https://plugins.trac.wordpress.org/log/ghosttrap/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.0.3 – 2025-09-27 **Minor Changes** – cosmetic changes. #### 1.0.2 – 2025-09-19 **Minor Review** – removed orphaned style queue, revised script queue. #### 1.0.1 – 2025-09-19 **Minor Review** – Checking edits one last time for compliance. #### 1.0.0 – 2025-09-01 **Major Release – Comprehensive Enhancement** _Enhanced Protection System:_ * **NEW:** 5-layer spam detection with timing analysis and cryptographic validation * **NEW:** Configurable timing thresholds (5-300 seconds) for customized sensitivity * **NEW:** Advanced honeypot system with randomized field generation * **NEW:** JavaScript behavioral detection with form interaction analysis*** NEW:** Server-side signature validation preventing replay attacks _Professional Admin Interface:_ * **NEW:** Custom-branded hero banner with GhostTrap SVG integration * **NEW:** Real-time statistics dashboard with professional design system * **NEW:** Admin bar spam counter with user visibility controls * **NEW:** Screen options integration for personalized admin experience * **NEW:** Contextual help system with comprehensive protection information _WordPress Compatibility:_ * **NEW:** WordPress 6.4+ full compatibility with block themes and FSE * **NEW:** Enhanced form detection supporting AJAX and dynamic comment loading * **NEW:** Dashboard “At a Glance” widget integration for quick statistics*** NEW:** Modern JavaScript with MutationObserver for dynamic content support * **NEW:** Comprehensive internationalization with translation-ready strings _Technical Improvements:_ * **NEW:** WordPress coding standards compliance with comprehensive security hardening * **NEW:** Performance-optimized script loading with conditional enqueueing * **NEW:** Enhanced browser compatibility with graceful JavaScript degradation * **NEW:** Professional PHPDoc documentation throughout codebase*** NEW:** Comprehensive nonce verification and input sanitization **Foundation:** Built upon original Anti-spam plugin by webvitaly (GPL v3) **Architecture:** Complete modernization with 5-layer detection system **Interface:** Professional admin experience with custom branding integration ## Meta * Version **1.0.3** * Last updated **2 месеци ago** * Active installations **20+** * WordPress version ** 5.0 or higher ** * Tested up to **6.9.4** * PHP version ** 7.4 or higher ** * Language * [English (US)](https://wordpress.org/plugins/ghosttrap/) * Tags * [antispam](https://mk.wordpress.org/plugins/tags/antispam/)[comments](https://mk.wordpress.org/plugins/tags/comments/) [protection](https://mk.wordpress.org/plugins/tags/protection/)[security](https://mk.wordpress.org/plugins/tags/security/) [spam](https://mk.wordpress.org/plugins/tags/spam/) * [Advanced View](https://mk.wordpress.org/plugins/ghosttrap/advanced/) ## Ratings No reviews have been submitted yet. [Add my review](https://wordpress.org/support/plugin/ghosttrap/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/ghosttrap/reviews/) ## Contributors * [ LaughterOnWater ](https://profiles.wordpress.org/laughteronwater/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/ghosttrap/)