{"id":251077,"date":"2025-09-27T19:27:58","date_gmt":"2025-09-27T19:27:58","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/ghosttrap\/"},"modified":"2026-02-08T16:30:37","modified_gmt":"2026-02-08T16:30:37","slug":"ghosttrap","status":"publish","type":"plugin","link":"https:\/\/mk.wordpress.org\/plugins\/ghosttrap\/","author":23119041,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.3","stable_tag":"1.0.3","tested":"6.9.4","requires":"5.0","requires_php":"7.4","requires_plugins":null,"header_name":"GhostTrap","header_author":"LaughterOnWater","header_description":"Advanced 5-layer invisible spam protection for comments using timing analysis, cryptographic signatures, year validation, JavaScript detection, and honeypot fields. Professional admin interface with real-time statistics and zero user friction.","assets_banners_color":"295e91","last_updated":"2026-02-08 16:30:37","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/wordpress.org\/plugins\/ghosttrap\/","header_author_uri":"https:\/\/profiles.wordpress.org\/laughteronwater\/#content-plugins","rating":0,"author_block_rating":0,"active_installs":20,"downloads":317,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.2":{"tag":"1.0.2","author":"laughteronwater","date":"2025-09-27 19:34:26"},"1.0.3":{"tag":"1.0.3","author":"laughteronwater","date":"2026-02-08 16:30:37"}},"upgrade_notice":{"1.0.0":"

Major release: 5-layer invisible spam protection with professional admin interface. Comprehensive enhancement of the original Anti-spam foundation with advanced detection, timing analysis, and modern WordPress compatibility.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.gif":{"filename":"icon-128x128.gif","revision":3369005,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.gif":{"filename":"icon-256x256.gif","revision":3369005,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3368984,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3368984,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.2","1.0.3"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3368984,"resolution":"1","location":"assets","locale":""},"screenshot-2.png":{"filename":"screenshot-2.png","revision":3368984,"resolution":"2","location":"assets","locale":""},"screenshot-3.png":{"filename":"screenshot-3.png","revision":3368984,"resolution":"3","location":"assets","locale":""},"screenshot-4.png":{"filename":"screenshot-4.png","revision":3368984,"resolution":"4","location":"assets","locale":""},"screenshot-5.png":{"filename":"screenshot-5.png","revision":3368984,"resolution":"5","location":"assets","locale":""}},"screenshots":{"1":"Access Ghost Trap<\/strong> - Go to settings in the admin sidebar and select GhostTrap.","2":"Real-time Protection Statistics<\/strong> - See blocked stats, set form delay timer and spam storage preferences here.","3":"Admin Bar Stats<\/strong> - Show or hide admin bar stats. They only show up in the admin area, and only if you want them.","4":"Comments Page Stats Notification<\/strong> - Show or hide comment notifications. They're also dismissable.","5":"Invisible Comment Protection<\/strong> - A plugin like this should availabe when<\/em> you need it, but disappear into the background until<\/em> you need it."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[109,107,1178,600,599],"plugin_category":[44,54],"plugin_contributors":[248480],"plugin_business_model":[],"class_list":["post-251077","plugin","type-plugin","status-publish","hentry","plugin_tags-antispam","plugin_tags-comments","plugin_tags-protection","plugin_tags-security","plugin_tags-spam","plugin_category-discussion-and-community","plugin_category-security-and-spam-protection","plugin_contributors-laughteronwater","plugin_committers-laughteronwater","plugin_support_reps-chrisnobrand4wp"],"banners":{"banner":"https:\/\/ps.w.org\/ghosttrap\/assets\/banner-772x250.png?rev=3368984","banner_2x":"https:\/\/ps.w.org\/ghosttrap\/assets\/banner-1544x500.png?rev=3368984","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/ghosttrap\/assets\/icon-128x128.gif?rev=3369005","icon_2x":"https:\/\/ps.w.org\/ghosttrap\/assets\/icon-256x256.gif?rev=3369005","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/ghosttrap\/assets\/screenshot-1.png?rev=3368984","caption":"Access Ghost Trap<\/strong> - Go to settings in the admin sidebar and select GhostTrap."},{"src":"https:\/\/ps.w.org\/ghosttrap\/assets\/screenshot-2.png?rev=3368984","caption":"Real-time Protection Statistics<\/strong> - See blocked stats, set form delay timer and spam storage preferences here."},{"src":"https:\/\/ps.w.org\/ghosttrap\/assets\/screenshot-3.png?rev=3368984","caption":"Admin Bar Stats<\/strong> - Show or hide admin bar stats. They only show up in the admin area, and only if you want them."},{"src":"https:\/\/ps.w.org\/ghosttrap\/assets\/screenshot-4.png?rev=3368984","caption":"Comments Page Stats Notification<\/strong> - Show or hide comment notifications. They're also dismissable."},{"src":"https:\/\/ps.w.org\/ghosttrap\/assets\/screenshot-5.png?rev=3368984","caption":"Invisible Comment Protection<\/strong> - A plugin like this should availabe when<\/em> you need it, but disappear into the background until<\/em> you need it."}],"raw_content":"\n

GhostTrap<\/strong> provides sophisticated invisible spam protection using a comprehensive 5-layer detection system. Legitimate users comment normally while automated spam is silently blocked through advanced timing analysis, cryptographic validation, and behavioral detection.<\/p>\n\n

5-Layer Protection System<\/h4>\n\n
    \n
  • Timing Analysis<\/strong> - Detects submissions too fast for human interaction<\/li>\n
  • Cryptographic Signatures<\/strong> - Prevents replay attacks and form manipulation<\/li>\n
  • Year Validation<\/strong> - JavaScript-enhanced field verification<\/li>\n
  • JavaScript Detection<\/strong> - Ensures legitimate browser interaction<\/li>\n
  • Honeypot Fields<\/strong> - Multiple hidden traps catch automated bots<\/li>\n<\/ul>\n\n

    Professional Features<\/h4>\n\n
      \n
    • Enhanced Admin Interface<\/strong> - Professional statistics dashboard with custom branding<\/li>\n
    • Real-time Statistics<\/strong> - Track protection effectiveness with detailed blocking metrics<\/li>\n
    • Configurable Timing<\/strong> - Adjust detection sensitivity from 5-300 seconds<\/li>\n
    • WordPress 6.4+ Compatible<\/strong> - Full support for block themes and FSE<\/li>\n
    • Admin Bar Integration<\/strong> - Quick spam statistics for administrators<\/li>\n
    • Screen Options Control<\/strong> - User-configurable interface elements<\/li>\n<\/ul>\n\n

      Zero User Friction<\/h4>\n\n

      All protection operates invisibly - no captcha, no puzzles, no delays. Users with JavaScript enabled see normal comment forms, while those with disabled JavaScript get simple year validation. Protection effectiveness remains high in both scenarios.<\/p>\n\n

      Performance Optimized<\/h4>\n\n
        \n
      • Lightweight JavaScript<\/strong> - Only 2KB, loads exclusively on comment pages<\/li>\n
      • Smart Script Loading<\/strong> - Conditional loading based on comment form presence<\/li>\n
      • Minimal Database Impact<\/strong> - Efficient storage with optional spam archiving<\/li>\n
      • Browser Compatibility<\/strong> - Works across all modern browsers with graceful degradation<\/li>\n<\/ul>\n\n

        GDPR Compliant<\/h4>\n\n

        No external services, no tracking, no personal data collection beyond standard WordPress comment processing. All spam detection happens locally on your server.<\/p>\n\n

        Attribution<\/h4>\n\n

        Built upon the original Anti-spam plugin foundation by webvitaly, with comprehensive modernization, enhanced detection layers, and professional admin interface for current WordPress compatibility.<\/p>\n\n

        Privacy Policy<\/h3>\n\n

        GhostTrap operates with privacy-first design principles:<\/p>\n\n

          \n
        • No External Services<\/strong> - All spam detection processing occurs on your server<\/li>\n
        • No Personal Data Collection<\/strong> - Uses only standard WordPress comment data for protection<\/li>\n
        • No Tracking or Analytics<\/strong> - Zero data sharing with third parties or external systems<\/li>\n
        • GDPR Fully Compliant<\/strong> - Minimal data processing with transparent, local-only operation<\/li>\n
        • Optional Spam Storage<\/strong> - Blocked comments stored locally only if explicitly enabled<\/li>\n<\/ul>\n\n

          Advanced Configuration<\/h3>\n\n

          Timing Threshold Recommendations<\/h4>\n\n
            \n
          • High Security Sites:<\/strong> 10-15 seconds (stricter protection)<\/li>\n
          • General Purpose Sites:<\/strong> 15-20 seconds (balanced protection)<\/li>\n
          • Accessibility-Focused Sites:<\/strong> 25-30 seconds (accommodates slower interaction)<\/li>\n
          • Reading-Heavy Sites:<\/strong> 30+ seconds (allows time for content review)<\/li>\n<\/ul>\n\n

            Admin Interface Customization<\/h4>\n\n
              \n
            • Admin Bar Statistics<\/strong> - Toggle spam counter visibility in admin bar<\/li>\n
            • Screen Options<\/strong> - Control information panel display on comments page<\/li>\n
            • Dashboard Integration<\/strong> - Spam statistics in \"At a Glance\" widget<\/li>\n
            • Contextual Help<\/strong> - Comprehensive protection information in WordPress help system<\/li>\n<\/ul>\n\n

              Technical Requirements<\/h4>\n\n

              Server Environment:<\/strong>\n* WordPress 5.0 or higher\n* PHP 7.4 or higher\n* Standard WordPress hosting with wp_options table access<\/p>\n\n

              Browser Support:<\/strong>\n* All modern browsers (Chrome, Firefox, Safari, Edge)\n* Internet Explorer 11+ with graceful degradation\n* Mobile browsers with full functionality\n* JavaScript-disabled browsers with fallback protection<\/p>\n\n

              Performance Specifications:<\/strong>\n* JavaScript payload: ~2KB minified and compressed\n* Database impact: Single option row with minimal queries\n* Server processing: Sub-millisecond detection analysis\n* Memory usage: Negligible footprint during comment processing<\/p>\n\n\n

              Automatic Installation<\/h4>\n\n
                \n
              1. Go to Plugins \u2192 Add New in your WordPress admin<\/li>\n
              2. Search for \"GhostTrap\"<\/li>\n
              3. Click Install Now, then Activate<\/li>\n
              4. Protection starts immediately with default settings<\/li>\n
              5. Optional: Visit Settings \u2192 GhostTrap to customize timing and display options<\/li>\n<\/ol>\n\n

                Manual Installation<\/h4>\n\n
                  \n
                1. Download the plugin zip file<\/li>\n
                2. Upload to \/wp-content\/plugins\/ghosttrap\/<\/code> directory<\/li>\n
                3. Activate through WordPress admin Plugins page<\/li>\n
                4. Configure optional settings at Settings \u2192 GhostTrap<\/li>\n<\/ol>\n\n

                  Verification Testing<\/h4>\n\n

                  After installation, test protection effectiveness:<\/p>\n\n

                    \n
                  1. Log out of WordPress admin<\/li>\n
                  2. Navigate to any post with comments enabled<\/li>\n
                  3. Submit a test comment (should work normally)<\/li>\n
                  4. Check Settings \u2192 GhostTrap for blocking statistics<\/li>\n
                  5. Optionally enable \"Save blocked spam\" to review caught submissions<\/li>\n<\/ol>\n\n\n
                    \n

                    How effective is the 5-layer system?<\/h3><\/dt>\n

                    GhostTrap blocks virtually all automated spam while maintaining zero friction for legitimate users. The multi-layer approach ensures that even if bots bypass one detection method, additional layers provide backup protection.<\/p><\/dd>\n

                    What happens if users disable JavaScript?<\/h3><\/dt>\n

                    Users with disabled JavaScript (less than 1% of visitors) see a simple year validation field. They enter the current year to submit comments. Protection effectiveness remains high through server-side validation layers.<\/p><\/dd>\n

                    Does it impact site performance?<\/h3><\/dt>\n

                    No measurable impact. JavaScript loads only on pages with comment forms, the detection process adds minimal server processing time, and database queries are optimized for efficiency.<\/p><\/dd>\n

                    Can I see what spam was blocked?<\/h3><\/dt>\n

                    Yes. Enable \"Save blocked spam\" in Settings \u2192 GhostTrap to store blocked submissions in WordPress spam folder for review. This helps fine-tune timing settings if needed.<\/p><\/dd>\n

                    Is it compatible with comment plugins?<\/h3><\/dt>\n

                    GhostTrap works with standard WordPress comment systems, AJAX comment loading, and most comment enhancement plugins. It detects comment forms dynamically and applies protection automatically.<\/p><\/dd>\n

                    What about trackbacks and pingbacks?<\/h3><\/dt>\n
                      \n
                    • Trackbacks<\/strong> are blocked (high spam potential, rarely legitimate)<\/li>\n
                    • Pingbacks<\/strong> are allowed (verified WordPress-to-WordPress communication)<\/li>\n<\/ul><\/dd>\n

                      How do I adjust detection sensitivity?<\/h3><\/dt>\n

                      Visit Settings \u2192 GhostTrap to configure timing thresholds. Default 15-second minimum works well for most sites. Increase for slower readers, decrease for higher security on high-traffic sites.<\/p><\/dd>\n

                      Does it work with block themes?<\/h3><\/dt>\n

                      Full compatibility with WordPress block themes, Full Site Editing, Gutenberg comment blocks, and classic themes. The protection system adapts to various comment form implementations.<\/p><\/dd>\n\n<\/dl>\n\n\n

                      1.0.3 - 2025-09-27<\/h4>\n\n

                      Minor Changes<\/strong> - cosmetic changes.<\/p>\n\n

                      1.0.2 - 2025-09-19<\/h4>\n\n

                      Minor Review<\/strong> - removed orphaned style queue, revised script queue.<\/p>\n\n

                      1.0.1 - 2025-09-19<\/h4>\n\n

                      Minor Review<\/strong> - Checking edits one last time for compliance.<\/p>\n\n

                      1.0.0 - 2025-09-01<\/h4>\n\n

                      Major Release - Comprehensive Enhancement<\/strong><\/p>\n\n

                      Enhanced Protection System:<\/em>\n* NEW:<\/strong> 5-layer spam detection with timing analysis and cryptographic validation\n* NEW:<\/strong> Configurable timing thresholds (5-300 seconds) for customized sensitivity\n* NEW:<\/strong> Advanced honeypot system with randomized field generation\n* NEW:<\/strong> JavaScript behavioral detection with form interaction analysis\n* NEW:<\/strong> Server-side signature validation preventing replay attacks<\/p>\n\n

                      Professional Admin Interface:<\/em>\n* NEW:<\/strong> Custom-branded hero banner with GhostTrap SVG integration\n* NEW:<\/strong> Real-time statistics dashboard with professional design system\n* NEW:<\/strong> Admin bar spam counter with user visibility controls\n* NEW:<\/strong> Screen options integration for personalized admin experience\n* NEW:<\/strong> Contextual help system with comprehensive protection information<\/p>\n\n

                      WordPress Compatibility:<\/em>\n* NEW:<\/strong> WordPress 6.4+ full compatibility with block themes and FSE\n* NEW:<\/strong> Enhanced form detection supporting AJAX and dynamic comment loading\n* NEW:<\/strong> Dashboard \"At a Glance\" widget integration for quick statistics\n* NEW:<\/strong> Modern JavaScript with MutationObserver for dynamic content support\n* NEW:<\/strong> Comprehensive internationalization with translation-ready strings<\/p>\n\n

                      Technical Improvements:<\/em>\n* NEW:<\/strong> WordPress coding standards compliance with comprehensive security hardening\n* NEW:<\/strong> Performance-optimized script loading with conditional enqueueing\n* NEW:<\/strong> Enhanced browser compatibility with graceful JavaScript degradation\n* NEW:<\/strong> Professional PHPDoc documentation throughout codebase\n* NEW:<\/strong> Comprehensive nonce verification and input sanitization<\/p>\n\n

                      Foundation:<\/strong> Built upon original Anti-spam plugin by webvitaly (GPL v3)\nArchitecture:<\/strong> Complete modernization with 5-layer detection system\nInterface:<\/strong> Professional admin experience with custom branding integration<\/p>","raw_excerpt":"Advanced 5-layer invisible spam protection for comments. No captcha, no user friction - professional spam blocking.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/251077","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=251077"}],"author":[{"embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/laughteronwater"}],"wp:attachment":[{"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=251077"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=251077"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=251077"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=251077"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=251077"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/mk.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=251077"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}