內容簡介
WhoKnew Shield 是一款 WordPress 安全外掛,專為保護聯絡資訊而設計。它能有效防止機器人收集電子郵件地址、電話號碼及實體地址,提供零設定的聯絡資訊隱私保護,確保您的商業和個人資料安全。
【主要功能】
• 雙層隱藏技術:結合 HTML 實體、CSS 反轉及 JavaScript 保護
• 自動檢測電子郵件:自然撰寫,自動啟用安全措施
• 一鍵顯示按鈕:方便訪客使用,阻擋自動化收集器
• JavaScript 保護連結:電子郵件地址不會出現在 HTML 原始碼中
• 多種聯絡類型保護:保護電子郵件、電話及實體地址
• 嚴格控制選項:三種檢測級別以平衡保護與誤報
外掛標籤
開發者團隊
② 後台搜尋「WhoKnew Shield — Email, Phone & Address Security」→ 直接安裝(推薦)
原文外掛簡介
WordPress security plugin for contact obfuscation — Stop bots from harvesting your email addresses, phone numbers, and physical addresses. Whether you need to hide email addresses in WordPress, deploy honeypot traps that actively catch scrapers, or defend against anti-scraping threats with a built-in Web Application Firewall, WhoKnew Shield provides email harvesting protection with zero configuration required.
Why stores and businesses need contact security:
Privacy Risk: Scrapers harvest emails for spam databases
Security Threat: Phone scrapers collect numbers for robocalls, SMS spam, and phishing
Fraud Prevention: Address scrapers use your location for junk mail and identity theft
Passive Exposure: Contacts in posts, widgets, and footers are often left unprotected
Bot Evolution: Modern bots can parse basic HTML encoding
Comprehensive Coverage: Every unprotected contact is a potential harvest point
WhoKnew Shield uses dual-layer security to help keep your contact information private.
Free Features (Instant Setup)
Dual-layer obfuscation — HTML entities + CSS reversal + JavaScript protection
Email auto-detection — Write naturally, automatic security everywhere
Click-to-reveal buttons — One click for visitors; blocks automated scrapers
JavaScript-protected links — Email addresses never appear in HTML source code
Multiple contact types — Protect email addresses, phone numbers, and physical addresses
Shortcodes — [whoknew_shield] for precise control when needed
Strictness controls — 3 detection levels to balance protection vs false positives
Modern admin UI — Clean, intuitive dashboard
No locked features — Everything in free plugin is fully functional
Works with any theme — Page builders, Gutenberg, Classic Editor, WooCommerce
Cache-compatible — Works with WP Rocket, LiteSpeed, W3 Total Cache, SG Optimizer
Pro Features ($80/year)
Phone protection & address protection — Auto-detect ALL contact types automatically
Web Application Firewall (WAF) — Scraper Trap™ honeypot defense catches bots in action
WhoKnew Intelligence™ Network — Community-powered blacklist with daily-updated threat intelligence from Shield Pro users worldwide
Bot blocker with automatic IP blocking — Block caught scrapers site-wide (1hr to permanent)
Analytics Dashboard — Visual charts, geographic heat maps, threat intelligence
Competitor shortcode support — Supports Email Address Encoder, Neotrendy, Email Encoder Bundle, Antispambot shortcodes
Advanced encryption — Domain-specific rotating keys (changes every 15 minutes)
Custom obfuscation engine — Create your own scraper protection patterns
Geographic tracking — See where attacks originate with country-level data
Custom block pages — Show your message to blocked bots
Email alerts — Get notified when threats are detected
IP whitelist/blacklist — Complete control over access
Priority support — Direct access to our team
No coding. Works with any WordPress theme. Set it once, protect everything.
Upgrade to Pro → | View Features
Why Auto-Detection Matters
Manual shortcode plugins require wrapping every contact individually:
Easy to forget contacts in old posts, footer widgets, page builder sections
Manually wrapping every email address or phone number in shortcodes is time-consuming and error-prone
Shield’s auto-detection ensures nothing slips through
Write naturally. Shield finds and protects email addresses, phone numbers, and physical addresses automatically. No gaps. No missed contacts.
Plugin Switching
Switch from other email security and anti-spam plugins with no broken pages:
Email Address Encoder — [encode] shortcodes work immediately
Email Obfuscation by Neotrendy — [obfuscate_email] supported
Email Encoder Bundle — [eeb_protect_emails], [eeb_mailto] compatible
Antispambot — All shortcodes work with stronger dual-layer security
Just activate Shield Pro and deactivate the old plugin. All existing shortcodes continue working. No find-and-replace needed across your posts.
Web Application Firewall (WAF) — Pro Feature
Active security defense beyond passive hiding:
The Pro version includes WAF capabilities through Scraper Trap™ honeypots:
Hidden honeypot traps invisible to real users but attractive to bots
Automatic blocking — Caught bots are banned site-wide
Threat intelligence — See attack patterns, geographic origins, bot signatures
Real-time analytics — Visual charts showing when and where attacks happen
Privacy protection — Stop bots before they harvest any email addresses, phone numbers, or physical addresses
Security monitoring — Know exactly who tried to scrape your site
This turns passive protection into active security. You’re not just hiding contacts — you’re catching and blocking malicious bots.
WhoKnew Intelligence™ — Community Blacklist Network (Pro)
Collaborative threat protection and anti-spam defense:
Shield Pro users can join the WhoKnew Intelligence™ network to share threat data and download a community-powered blacklist:
Daily-updated blocklist — Block known scrapers before they reach your site
Anonymous contribution — Optionally share caught IPs to help protect the community
Live threat intelligence — Benefit from detections across Shield Pro sites
Pre-emptive blocking — Stop bots that attacked other sites before they find yours
Community-powered security — The more sites that join, the stronger the protection
When you catch a bot with Scraper Trap™ honeypots, you can anonymously share that IP to protect other Shield users. In return, you get access to a constantly-updated blocklist of confirmed threats.
External Services
This plugin displays links in the WordPress admin area that point to whoknew.io, the author’s website. These links are used to provide upgrade information, pricing, and documentation for the optional Pro add-on.
WhoKnew.io (Plugin Author Website)
What it is: whoknew.io is the website of the plugin author (WhoKnew). It hosts the Pro upgrade page, documentation, and support resources for this plugin.
What data is sent and when: The free plugin does not automatically transmit any data to whoknew.io or any other external server. The admin UI contains standard upgrade and documentation links; clicking those links takes you to the whoknew.io website in your browser, subject to normal browser behaviour. No data is collected, tracked, or sent without user action.
Note on the optional Pro add-on: If you separately purchase and activate WhoKnew Shield Pro, that add-on may connect to whoknew.io for licence validation and to download the WhoKnew Intelligence™ community blocklist (an opt-in feature). Those connections are documented in the Pro add-on itself.
Terms of Service: https://whoknew.io/terms/
Privacy Policy: https://whoknew.io/privacy/
Third-Party Libraries
WhoKnew Shield Free does not use any third-party libraries or external services. All code is self-contained within the plugin. No CDN dependencies, no external API calls, no data transmission to third-party servers.
Bundled Data: IANA Root Zone Database
The plugin bundles a static copy of the Internet Assigned Numbers Authority (IANA) Root Zone Database (data/iana-tlds.txt). This file is used exclusively for offline TLD validation when email detection is set to Strict mode — it is never loaded, transmitted, or used outside of that context.
Source: https://data.iana.org/TLD/tlds-alpha-by-domain.txt
License: Public domain / IANA (no restrictions on use)
Usage: Bundled locally; no runtime HTTP request is made to IANA
Updates: The file is updated with each plugin release to reflect newly delegated TLDs
Privacy by Design:
– All protection runs locally on your WordPress server
– No external scripts loaded from CDNs
– No tracking or analytics sent to external services
– Complete data sovereignty — everything stays in your database
– GDPR-friendly architecture with zero external dependencies
