[WordPress] 外掛分享: SpamAnvil

首頁外掛目錄 › SpamAnvil
WordPress 外掛 SpamAnvil 的封面圖片
30+
安裝啟用
★★★★★
5/5 分(1 則評價)
2 天前
最後更新
問題解決
WordPress 5.8+ PHP 7.4+ v1.9.0 上架:2026-02-13

內容簡介

SpamAnvil 是一款免費、開源的 WordPress 反垃圾郵件外掛,利用人工智慧技術有效阻擋評論垃圾郵件。它是 Akismet 的真正替代方案,能夠理解評論內容,檢測出即使是最複雜的垃圾郵件,並提供多層防護機制。

【主要功能】
• 100% 免費,無需訂閱或隱藏費用
• 利用 AI 理解上下文,避免誤判
• 多層防護機制,免費阻擋明顯機器人
• 支援多種免費與付費 AI 模型
• 隱私優先,數據安全無憂
• 無雲端鎖定,隨時更換 AI 供應商

外掛標籤

開發者團隊

⬇ 下載最新版 (v1.9.0) 或搜尋安裝

① 下載 ZIP → 後台「外掛 › 安裝外掛 › 上傳外掛」
② 後台搜尋「SpamAnvil」→ 直接安裝(推薦)
📦 歷史版本下載

原文外掛簡介

SpamAnvil is a free, open-source WordPress anti-spam plugin — and a genuine Akismet alternative — that uses artificial intelligence to block comment spam. Unlike Akismet (which requires a paid plan for commercial sites) or simple keyword-based filters, SpamAnvil leverages large language models (LLMs) to actually understand your comments and detect even the most sophisticated spam. It layers a honeypot, a time trap and per-IP rate limiting in front of the AI, so obvious bots are blocked for free.
Traditional spam filters rely on static word lists and link counting. Spammers have evolved. SpamAnvil fights back with AI that understands context, intent, and language patterns – catching spam that looks legitimate and approving real comments that others would flag.
Why SpamAnvil?

100% Free – No premium tier, no subscription, no hidden costs. Bring your own API key (free options available).
Smarter Than Rules – AI understands context. A comment about “buying a new home” won’t be flagged just because it contains “buy”.
Defense in Depth – Honeypot, time trap, per-IP rate limit and heuristics block obvious bots for free, so the AI is only spent on the subtle cases.
Open Mode – Because the filtering is invisible and automatic, you can drop the usual barriers (name/email, login, moderation) and get more real comments – even anonymous ones – without opening the door to spam.
Works With Free AI Models – Use OpenRouter’s free models for $0 cost, or connect premium models for maximum accuracy.
Privacy-First – Your data stays between you and your chosen AI provider. IP addresses are stored as irreversible SHA-256 hashes. GDPR/LGPD compliant by design.
No Cloud Lock-in – Choose from 6+ AI providers. Switch anytime. Your anti-spam, your rules.

Supported AI Providers

OpenAI (GPT-4o-mini, GPT-4o, etc.)
Anthropic Claude (Claude Sonnet, Haiku, etc.)
Google Gemini (Gemini 2.0 Flash, Pro, etc.)
OpenRouter (100+ models, including FREE ones)
Featherless.ai (Open-source models)
Any OpenAI-compatible API (LM Studio, Ollama via proxy, vLLM, etc.)

A Swiss-Army-Knife of Defenses
SpamAnvil layers several spam defenses so cheap, invisible filters catch obvious bots for free and the AI only handles the subtle cases. Every layer is optional and runs before any paid API call:

Honeypot – A hidden field bots fill but humans never see. Instant, free block.
Time trap – Comments submitted faster than a human could type are flagged. Tamper-proof (signed) and fails open, so it never blocks a real visitor.
Per-IP rate limit – Throttles comment floods from a single IP before they even reach the database.
Heuristics engine – Regex/statistical pre-analysis (URLs, spam words, gambling/SEO author names, language mismatch, prompt-injection patterns) that auto-spams the obvious cases with no API call.
AI verdict – An LLM scores the rest 0-100 in context.

Key Features

AI-Powered Spam Detection – Each comment is analyzed by an LLM that scores it 0-100 for spam probability. Works with reasoning models (their thinking is parsed correctly).
Layered Bot Defense – Honeypot, time trap and per-IP rate limiting block obvious bots for free, before any AI call.
Model Picker – Browse and search each provider’s live model list right from the settings page (OpenAI, OpenRouter, Featherless). OpenRouter shows a “free” badge and context size.
“Open Mode” – One toggle removes WordPress comment friction (no required name/email, no login, no moderation hold) so leaving a real, even anonymous, comment is effortless. Comments appear instantly and spam is removed in the background.
Verdict Cache – Identical repeated spam reuses a recent AI verdict instead of calling the API again, cutting cost during floods.
Intelligent Heuristics Engine – Pre-analyzes comments to catch obvious spam without API calls.
Async Background Processing – Comments are queued and processed via WP-Cron so your site stays fast.
Smart IP Blocking – Automatically blocks repeat offenders with escalating ban durations (24h, 48h, 96h…).
Automatic Retry with Backoff – Failed API calls retry with exponential delays; a real “Test Connection” verifies actual classification, not just the HTTP status.
Encrypted API Key Storage – AES-256-CBC encryption, or wp-config.php constants for maximum security.
Statistics Dashboard & Logs – Track spam caught by each layer, API usage and errors, with the AI’s reasoning for every comment. An admin warning surfaces silent failures (no provider, or a backlog of failed items).
Customizable AI Prompts, Fallback Providers, Prompt-Injection Defense, Configurable Threshold, Moderator Bypass.

How It Works

A visitor submits a comment.
Rate limit – too many comments from this IP too fast? Throttled with an HTTP 429 (before anything is stored).
IP block – is the IP already banned for repeat spam? Blocked.
Form traps – was the hidden honeypot filled, or the comment submitted implausibly fast? Marked as spam instantly, no API call.
Heuristics – a quick regex/statistical pre-analysis; obvious spam is auto-marked with no API call.
Otherwise the comment is queued for AI analysis (or processed immediately in sync mode). Identical repeated content reuses a cached verdict.
The AI analyzes the comment in context (post title, author info, heuristic data) and returns a spam score.
Comments above your threshold are marked spam; clean comments are auto-approved. Repeat-offender IPs are escalated.

With Open Mode on, comments publish instantly and any spam is removed in the background instead of being held for moderation.
Use Cases

Blogs receiving hundreds of spam comments per day
WooCommerce stores where comment spam affects SEO and credibility
Membership sites that need to protect community discussions
Multilingual sites – AI understands comments in any language, unlike keyword-based filters
High-traffic sites – Async processing handles any volume without slowing down your site
Sites tired of Akismet – Free alternative with no cloud dependency and full data control

Security
SpamAnvil follows WordPress security best practices throughout:

AES-256-CBC encrypted API key storage
wp-config.php constant support for API keys (never touch the database)
Nonce verification on all forms and AJAX requests
Capability checks on all admin actions
Prepared SQL statements on every database query
Output escaping on all rendered content
Prompt injection defense: boundary tags, system prompt hardening, heuristic injection detection, strict JSON validation, temperature 0

Languages

English (default)
Translation-ready (.pot file included)

Third-Party Services
SpamAnvil sends comment data (content, author name, email, and URL) to external AI services for spam analysis. The specific service used depends on your configuration. No data is sent until you configure and enable a provider.

OpenAI — https://openai.com — Terms of Use — Privacy Policy
Anthropic (Claude) — https://www.anthropic.com — Terms of Service — Privacy Policy
Google Gemini — https://ai.google.dev — Terms of Service — Privacy Policy
OpenRouter — https://openrouter.ai — Terms of Service — Privacy Policy
Featherless.ai — https://featherless.ai — Terms of Service — Privacy Policy

When using the “Generic OpenAI-Compatible” option, data is sent to the URL you configure. You are responsible for ensuring compliance with the privacy policies of your chosen service.

延伸相關外掛

文章
Filter
Mastodon