Stop Spammers


Stop Spammers is an aggressive website defence against comment spam and login attempts. It is capable of performing more than 20 different checks for spam and malicious events and can block spam from over 100 different countries.

Stop Spammers uses multiple methods for detecting spam and may be too aggressive for some websites.

In cases where spam is detected, users are offered a second chance to post their comments or login. Denied requests are presented with a CAPTCHA screen in order to prevent users from being blocked. The CAPTCHA can be configured as OpenCaptcha, Google reCAPTCHA or SolveMedia CAPTCHA. The CAPTCHA will only appear when a user is denied access as a spammer.

Created with a lot of hard work and maintained by Keith P. Graham (from 2010-2017). Thank you Keith.

Maintained (because I love this plugin and want to keep it alive) by Bryan Hadaway (since 2017).

If you also love this plugin and want to see it live on, you can help me maintain it on GitHub.

Need help? Read the FAQs page first.


Go to “Add New” from your WP admin menu, search for Stop Spammers, and install.


  1. Download the plugin.
  2. Upload the plugin to your wp-content/plugins directory.
  3. Activate the plugin.
  4. Under the settings, review options that are enabled. The plugin will operate very well straight out of the box. However, you may wish to update Web Service APIs for reporting spam and change the CAPTCHA settings from the default.


So far so good

Installed and configured, offers interesting functions to prevent or fight spammers. Some of the features offered here are “premium” in other plugins so I must say that it is a surprise….let’s see, time will tell but for the moment looks very promising.

What you do when you get 1 spam comment every 3 mins!

Recently my Site & the forum got the real taste of bots. getting spam registrations left & right, spam comments every 3 minutes. Tried recaptcha, black holes, manual user moderation and it was too much to take on. Then I came across this. installed and the only thing i was getting was the allow list requests filled by bots. I disabled even that and since last night things have gone to Zero.

Bots are even smarter now to solve invisible recaptcha & recaptcha! so this is the only way to fight them & it has taken a huge burden from my shoulders. Thanks. Donations sent! Keep this plugin updated.

Useless for Buddypress

I had high hopes after reading the reviews, but this plugin is absolutely useless for stopping spam registrations via Buddypress. The settings for blocking countries and TLDs are completely ignored.

The spam warrior!

I don’t know what I would’ve done without Stop Spammers. And, for me, the real deal breaker is that it gets every single IP. No one can hide.

Great stuff!


E’ il miglior plugin antispam che io abbia provato. Da quando ce l’ho, i bot sono diventati 0. Ed è gratis!
Ci vuole un po’ di attenzione iniziale per configurarlo bene, e risulta un po’ aggressivo; ma una volta capito come impostarlo in modo ottimale per il proprio sito, diventa indispensabile.
Grazie! Thanks!

Site had been plagued with bot registration attempts

I had a site that had 500+ attempts in the past 2 weeks to register. None went through and accessed the membership-only site (we have a moderation plugin to handle them and don’t use the standard WP registration) — but they were getting annoying to sort through to find legit registration requests.

Finally found this plugin and set it up to be rather aggressive in limiting bot traffic. Set up the additional “Stop Forum Spam” and “Project Honeypot” services and tied them to this plugin (via the convenient web services page) and I had the first night of 0 bot registration attempts this site has seen in months. None of my other sites get hit by bots like this one (so, I think a member of the site somehow attracted some bots with a compromised account or system), and it had been driving me (and the owners of the site) nuts. I’d installed 3-4 other free versions of plugins meant to block bots and none of them made a dent in the registration attempts. This one has so far blocked them all. It took a little time to set it up and go through all of the options (and set up the outside resources for it) — but so worth it. And wonderful to see all the options it has for blocking bots in multiple ways, and tying to multiple outside resources that makes it even more powerful than its default settings and options.

I’ve never contributed to a plugin before — I just sent in a token amount to say thanks to Bryan for keeping this plugin up and running.

Read all 165 reviews

Contributors & Developers

“Stop Spammers” is open source software. The following people have contributed to this plugin.


Translate “Stop Spammers” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • fixed IP blacklisting (thanks
  • added SFS reporting from the log page (thanks
  • cleaned up a few typos
  • removed automatic migration of settings from old versions prior to 7.0 (if upgrading from 6.x, start with 7.0.9 — then upgrade to the very latest version)
  • removed whitespace from textareas


  • encrypted all external links


  • formatted code according to WP PHP coding standards ( — it’s no where near perfect, but it’s a step in the right direction


  • fixed MySQL errors for threat scan (thanks
  • less memory used for wp-login.php checks (thanks


  • fixed issue with menu icon
  • added link to new FAQs (
  • removed debug submission form (not needed)


  • fixed SFS reporting


  • fixed login issue


  • fixed SFS report messages
  • continued general cleanup
  • continued design improvements
  • removed email notifications for admin logins


  • continued general cleanup
  • continued design improvements
  • reorganized menu
  • reintroduced beta features
  • removed add-ons


  • continued general cleanup
  • continued design improvements
  • a few small fixes
  • better menu icon


  • fixed XSS error
  • general cleanup
  • design improvements
  • transferred control to new developer