CC WordPress Anti-spam Documentation.
Comprehensive documentation for an advanced anti-spam WordPress plugin (cc_wordpress_anti_spam) with IP blocking, statistics and integration with popular contact forms.Table of contents
- Introduction
- Installation
- License activation
- Management panel
- Protection of comments
- Protection of user registration
- Integration with external forms
- IP blocking system
- Log management
- Statistics and reports
- Automatic tasks (CRON)
- Advanced settings
- Troubleshooting
- FAQ
1. introduction
CC WordPress Anti-Spam is an advanced spam protection system for WordPress that works solely on PHP technologies without the use of JavaScript. The plugin provides comprehensive form protection, IP blocking management and detailed activity statistics.The plug-in offers:
- Protecting WordPress comments from spam
- Securing user registration forms
- Integration with Contact Form 7 and Gravity Forms
- Advanced IP blocking system (temporary and permanent)
- Honeypot field invisible to users
- Checking the time of filling the forms
- Filtering content based on banned words
- Detailed logging of all anti-spam activity
- IP check cache system for better performance
- Automatic cleaning tasks (CRON)
- White list of allowed IP addresses
- Statistics and activity reports
- License management system
2 Installation
System requirements- WordPress 5.0 or later
- PHP 7.4 or later
- MySQL database 5.6 or later
- Permission to create tables in the database
- Access to CRON settings (optional)
- Download the ZIP file of the plugin from the official site cocos.codes
- Log in to your WordPress admin panel
- Go to: Plugins → Add New → Upload plugin to server
- Select the downloaded ZIP file and click "Install Now".
- Once the installation is complete, click "Activate Plugin"
- The plug-in will automatically create the necessary tables in the database
- Go to Settings → CC Anti-spam to configure the plugin
Info
After installation, the plug-in will automatically create two tables in the database: wp_cc_anti_spam_logs for logs and wp_cc_anti_spam_ip_blocks For IP blockers. Automatic cleaning tasks will also be scheduled.
3. license activation
It is necessary to activate the license before using the full functionality of the plug-in:- After installation, go to Settings → CC Anti-Spam
- Select the "License" tab
- Enter the license key you received after purchase
- Click "Activate License"
- After successful activation, a confirmation message will be displayed
- All features of the plug-in will be unlocked
Warning
Without an active license, the plugin will work in restricted mode. The admin panel will display messages about the inactive license, and the functions for saving settings will be disabled.
4. management panel
The plugin management panel is available in the WordPress menu under the path "Settings" → "CC Anti-spam" and consists of the following tabs:Main tabs:
- Settings - configuration of all anti-spam protection features
- Logs - viewing activity logs with filtering and pagination
- Statistics - detailed reports and blocking statistics
Information Bookmarks:
- Documentation - link to full online manual
- License - plug-in license management
- Plugins - information on other COCOS extensions
- Support - access to technical support
Tip
The plugin automatically detects installed and active forms plugins (Contact Form 7, Gravity Forms) and adjusts available configuration options.
5. protection of comments
The WordPress comment protection system provides multi-level spam protection without affecting the user experience.Comment protection mechanisms:
- Honeypot field - invisible field that only bots fill in
- Fill time check - blocking forms that are filled out too quickly or too slowly
- Content filtering - checking for banned words in the body of the comment
- Limit the number of links - blocking comments with excessive URLs
- IP checking - verification that the IP address is not blocked
- Under the "Settings" tab, check "Protect comments from spam."
- Set the minimum time for filling out the form (default is 3 seconds)
- Specify the maximum number of links in a comment (default is 2)
- Add forbidden words (one per line)
- Save your settings
| Level | Time min. | Matching words | Number of links |
| Low | 0.5x base | Fine tuning | 1.5x base |
| Medium | 1x base | + variations (-s, -ing) | 1x base |
| High | 1.5x base | Partial fit | 0.5x base |
Note
All blocked comments are logged in the system with detailed information about the reason for the block, the IP address and the content of the comment (abbreviated to 500 characters).
6. protection of user registration
A security system for registration forms protects against bot auto-registrations and suspicious user accounts.Registration protection mechanisms:
- Honeypot field - As in comments, invisible to real users
- Checking the registration time - minimum form filling time (default is 5 seconds)
- Validation of user fields - checking username, email and URL for suspicious patterns
- Filtering temporary emails - blocking of known temporary email services
- Username: patterns like "user123", very short/long names, spam-related words
- Email: addresses from 10minutemail, tempmail, guerrillamail, .tk/.ml/.ga/.cf domains
- URL: link shorteners, gambling/crypto-related domains, suspicious parameters
| Level of protection | Blocking criteria |
| Low | ≥3 patterns in username + ≥1 in email |
| Medium | ≥2 patterns in the name or ≥1 in the email or URL |
| High | Any pattern or ≥2 different types of patterns |
Success
The registration protection system significantly reduces the number of spam accounts without affecting real users. All blockers are logged in detail for analysis.
7 Integration with external forms
The plugin offers native integration with the most popular WordPress forms plugins, providing consistent protection across all site forms.Contact Form 7 - integration
Automatically protect all CF7 forms without code modification:
- Automatically add honeypot fields to all forms
- Fill time check (default min. 2 seconds)
- Filtering message content based on banned words
- Validation before shipment with appropriate error messages
Full integration with the Gravity Forms validation system:
- Adding honeypot fields to form tags
- Fill time control (default min. 3 seconds)
- Filtering form text fields
- Marking form as invalid with messages
- Plugin automatically detects active form plugins
- In the "External Forms Protection" section, enable protection for detected plug-ins
- Set minimum fill times for each form type
- Enable message content filtering
- Save your settings
Info
If the forms plugin is not installed or activated, the corresponding options will be displayed as disabled with status information. Once the forms plugin is activated, the options will become available automatically.
8. IP blocking system
An advanced IP lock management system provides automatic and manual control of site access at the IP address level.Types of IP blocking:
- Time locks - automatic expiration after a specified time (30 min - 24h)
- Fixed locks - permanent blockages that require manual removal
- White list - IPs allowed will never be blocked
- Automatic interlocks - The system automatically blocks IPs when they exceed the spam threshold
- Single IPv4 addresses: 192.168.1.100
- Single IPv6 addresses: 2001:db8::1
- CIDR IPv4 ranges: 192.168.1.0/24
- CIDR IPv6 ranges: 2001:db8::/32
- Enable "Automatically block IPs after multiple spam attempts"
- Set the lockout threshold (default is 5 attempts in 24 hours)
- Select the type of automatic lock (temporary/permanent)
- The system will automatically block IPs when the threshold is exceeded
# Example list of IP blockers
192.168.1.100
10.0.0.0/8
2001:db8::1
suspicious-domain.com (unsupported - IP only)Warning
Be careful when adding IP blockers - you may block yourself! Your current IP is displayed in the settings panel. Always add your IP to the whitelist before mass blocking.
9. log management
A comprehensive logging system records all anti-spam activity with the ability to review, filter and analyze the data.Types of events logged:
| Form type | Reasons for blockade | Examples of activities |
| Comment | honeypot, time_check, content_filter, too_many_links | Comment spam blocker |
| Registration | honeypot, time_check, user_fields | Block suspicious registration |
| Contact form | honeypot, time_check, content_filter | Spam blocking in CF7/GF |
| IP blocking | blocked_ip, temp_blocked_ip, auto_blocked | Attempting to access from a blocked IP |
Log filtering system:
- Form type - filtering by protected form type
- Reason for blocking - filtering by reason of spam detection
- IP address - searching for the activity of a specific IP
- Date range - restriction to a specific period
- Pagination - review of large sets of logs (50 records per page)
- Automatic cleaning - By default, logs older than 30 days are deleted
- Log limit - A maximum of 5000 logs in the database (the oldest are deleted)
- Manual cleaning - ability to clear all logs
- Data export - all data available through the administration panel
Tip
The logs are colored according to the reason for the blocking for easier analysis. Red is honeypot and content_filter, orange is time_check, blue is IP blocking. Use filters to quickly find specific types of attacks.
10. statistics and reports
The statistics tab presents detailed anti-spam activity reports with visualization of trends and key metrics.IP blocking statistics:
- Fixed locks - number of permanently blocked IP addresses
- Active time locks - Number of IPs with active time blocks
- Allowed IPs - number of addresses on the white list
- Expired blockades - number of time blocks that have expired
- Ranking of IP addresses by number of spam attempts in the last 30 days
- Last spam attempt for each IP
- Current IP status (active/ temporarily blocked/permanently blocked)
- Ability to quickly add IPs to blockers or whitelists
- Breakdown of spam attempts by form type (comments, registration, contact)
- Most common reasons for blockages (honeypot, time_check, content_filter)
- Daily trend - spam activity in the last 7 days
- Comparison with previous periods
- List of 10 latest blockchain with expiration time
- Lockout type (temporary/permanent) and reason
- Remaining time for time locks
- Direct links to blockchain management
Success
Regular monitoring of statistics will help you identify trends in spam attacks and adjust your protection settings. Keep an eye out for IPs with a high number of attempts - they may need to be permanently blocked.
11. automated tasks (CRON)
The plug-in automatically configures WordPress CRON tasks to regularly clean and optimize the anti-spam system.Automatic system tasks:
| Task | Frequency | Function |
| cc_anti_spam_daily_cleanup | Daily | Removes expired IP blocks, enforces log limit, removes logs >90 days old |
| cc_anti_spam_weekly_cleanup | Weekly | Advanced cleaning with report, base optimization |
Daily cleaning (light):
- Removal of expired IP time-locks
- Enforcing the limit of 5,000 logs in the database
- Deleting logs older than 90 days
- Fast operations without affecting performance
- Advanced log cleaning with type prioritization
- Limiting logs per IP (max 100 per IP)
- Optimization of database structures
- Generating a cleaning report
// The plugin automatically adds a custom "weekly" interval
add_filter('cron_schedules', 'cc_anti_spam_add_weekly_cron_schedule');
// Schedule: 604800 seconds = 7 days
$schedules['weekly'] = array(
'interval' => 604800,
'display' => 'Weekly'
);Info
CRON tasks are automatically registered when the plugin is activated and deleted when it is deactivated. You can check the status of CRON tasks in WordPress tools or CRON management plugins.
12. advanced settings
The advanced settings section allows you to optimize performance and customize the plugin's behavior to meet your site's specific needs.Performance optimization:
- Check IP only at POST - Restricts IP checking to shipping forms
- Skip logged in users - disables anti-spam checking for those logged in
- IP check cache - stores the results of IP checks in cache memory (30-300 seconds)
- Enable "IP Check Cache" for better performance
- Set the cache time (default is 60 seconds)
- Cache reduces database load on multiple requests from the same IP
- Cache is automatically invalidated when IP status changes
| Option | Impact on performance | Security implications |
| Check only at POST | +++ | No impact |
| Skip logged in | ++ | - (logged in omitted) |
| IP Cache (60s) | ++ | No impact |
Advanced security settings:
- IP detection by proxy - HTTP_CF_CONNECTING_IP, HTTP_X_FORWARDED_FOR header support.
- Validation of IP formats - validation of IPv4, IPv6 and CIDR ranges
- Private IP filtering - exclusion of private ranges from locks
Note
Performance settings are especially important for high-traffic sites. Enabling IP caching and limiting checks to POST forms can significantly reduce server load.
13 Troubleshooting
Plugin does not block spam- Check if the plug-in has an active license under the "License" tab
- Make sure protection is enabled in general settings
- Check whether specific form types are enabled in the protection of the
- Verify that the protection level is not set too low
- Check logs for blocking information
- Make sure the spammer's IP is not whitelisted
- Reduce the protection level from "High" to "Medium" or "Low"
- Increase minimum times for completing forms
- Check the list of banned words - remove terms that are too general
- Add IPs of valid users to the whitelist
- Disable user field validation if it blocks real accounts
- Review logs to identify causes of blockages
- Enable IP check cache (60 seconds)
- Enable "Check IP only at POST"
- Enable "Skip logged-in users"
- Reduce log retention time to 7-14 days
- Increase the frequency of CRON cleaning tasks
- Check PHP limits (memory_limit, max_execution_time)
- Check if WordPress CRON is enabled
- Verify server settings - whether CRON can perform tasks
- Check PHP error logs for problems
- Make sure WP_CRON is not disabled in wp-config.php
- Consider using the actual system CRON instead of WP_CRON
- Make sure Contact Form 7 or Gravity Forms is active
- Check if protection for a specific plug-in is enabled
- Clear plugin and browser cache
- Check browser error consoles for JavaScript conflicts
- Test with other plugins disabled for conflict detection
Error
If problems persist, enable WordPress debugging (WP_DEBUG = true) and check the error logs. In case of license issues or critical errors, contact COCOS support via cocos.codes/support.
14 FAQS.
Does the plug-in work without JavaScript?Yes, the plugin runs on 100% based on PHP and does not require JavaScript. All checking is done on the server, which makes it immune to disabled JS.
Can I use the plugin with other anti-spam systems?
Yes, the plug-in is compatible with Akismet and other solutions. It adds additional layers of protection without conflicting with existing systems.
How often are logs and locks cleaned?
Logs are cleaned daily (>90 days) and weekly (advanced). Expired IP locks are cleared daily. The frequency can be adjusted in the code.
Does the plugin affect the performance of the site?
Minimal impact with IP check caching, query optimization and performance options. Checks only take place when forms are submitted.
What types of attacks are detected?
Bot filling honeypot, forms filled automatically (too fast), spam containing forbidden words, excessive links, suspicious registration data.
Can I customize the error messages?
The plugin uses standard WordPress translation features. You can create translations or use plugins to customize texts.
What happens when uninstalling the plug-in?
The uninstall.php file automatically deletes all data: database tables, options, CRON tasks, metadata. The site returns to its pre-installation state.
Does the plugin support multisite WordPress?
Yes, the plugin is compatible with WordPress Multisite. Each site in the network has an independent configuration and its own logs.
How do I restore access if I block my IP?
Remove the block via FTP/phpMyAdmin from the wp_cc_anti_spam_ip_blocks table or add your IP to the whitelist via another site/VPN panel.
Does the plugin log users' personal information?
The plugin only logs IP addresses, form type, lock reason and abbreviated content (up to 500 characters). It does not store users' full personal information.
