Squelch Unspam


Unspam by Squelch Design is the simplest WordPress anti-spam plugin you can find for reducing your comment spam problem. Once installed there’s nothing
to configure, and nothing changes to your visitors: No captcha or silly games. Once installed
the plugin will simply randomize the names of the fields in the comments form on your blog and reject comments that are sent to the
standard WordPress field names, or where bots have blindly submitted data to the honeypot fields.

What this means for spammers is that they have to do quite a lot more work to send spam to your website. It may also make sending
spam to your website unreliable as changes to your theme may upset their spam submission tools. Or they may have to resort to using
humans to send spam to your website (not much I can do about that I’m afraid) which will cost them more money.

Currently implemented:

  • Names of fields are randomized every night at 12:00,
  • Submissions to the standard WordPress field names are automatically deleted,
  • Honeypot fields added to comments form,
  • WooCommerce support.

Additional (planned) features:

  • Contact Form 7 integration
  • Statistical collection,
  • Automated blocking of persistent IPs,
  • Opt-in centralized collection of comment spam and statistics for additional research.


Recommended Installation

  1. From your admin interface go to Plugins > Add New
  2. Search for unspam
  3. Click “Install Now” under the plugin in the search results
  4. Click OK on the popup
  5. Click “Activate” to enable the plugin

Manual Installation

  1. Unzip the installation zip file
  2. Copy the files to your plugins directory (via FTP or whatever)
  3. From the admin interface click Plugins
  4. Find the plugin in the list of plugins and click “Activate”


Currently there is no configuration on this plugin.


How do I configure the plugin?

There is currently no configuration available on this plugin, just install it and activate it and it will start protecting your blog.

Does this plugin require my readers to fill out a CAPTCHA?

No. I hate CAPCTHAs as much as the next person, this plugin does not use them. Future versions might include the option to enable
a CAPTCHA if you really want one.

Does this plugin require JavaScript to be enabled on my visitors’ browsers?

As of version 1.3, yes. This plugin will require JavaScript to be enabled by your users as an additional safeguard against spam.

Don’t my users have to do something to prove they’re human?

Nope, spammers just have to prove that they’re NOT human. We give the spammers enough rope to hang themselves with.

What about false positives?

With the exception of a few rare scenarios and users without JavaScript enabled, there shouldn’t be any false positives.


There are no reviews for this plugin.

Contributors & Developers

“Squelch Unspam” is open source software. The following people have contributed to this plugin.


Translate “Squelch Unspam” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Tested up to WordPress version 5.5


  • Fixed a bug that prevented logged-in users from being able to add comments from the front end (logged out users were still able to comment though)
  • Set minimum version to 4.4 as the above fix may cause issues on earlier versions of WP, but I don’t have time to test so safer to simply prevent Unspam updates to anything <WP4.4


  • Fixed another minor bug that could be exploited to reduce some of the existing protection.
  • Tested up to WordPress 4.4


  • Fixed a minor bug that could be exploited to circumvent some of the protection that was in place.
  • Added two new honeypot fields to the form.
  • Changed the naming scheme for randomized fields to make them legitimate page IDs.
  • Added in a JavaScript check (very few spammers will execute JavaScript).
  • Modified the hiding of the fields to use inline CSS instead of embedded styles to make it harder to detect honeypots.
  • Enhancements to give WooCommerce reviews the same protection as comment forms.
  • Created two external dependencies without which the comment form will not work in an attempt to catch out manual spammers.


  • Removed the ‘WooCommerce not supported’ message


  • Added in WooCommerce support.


  • Fix for plugin interfering with 404 Redirected plugin (and potentially other plugins) in the admin interface


  • Removed the ‘Field names will automatically update next time a post/page with comments enabled is viewed’ message by default, can be re-enabled by appending ?unspam-rmvmsg=showfieldupdatemessage to the page URL (in admin). Only really useful for testing.
  • Added “Remove this message” options to messages generated in admin.


  • Initial version