WordPress.org

Testing Rosetta

Get WordPress
WordPress.org

Plugin Directory

Mimic Guard

Mimic Guard

By aoto
Download

Description

Mimic Guard is an anti-spam plugin for WordPress mail and contact forms. It uses dynamic honeypots, submission time monitoring, and integration with major form plugins to reduce automated bot submissions.

  • Honeypot — Detects bots that fill hidden form fields
  • Time check — Flags submissions that are unrealistically fast after the form is shown
  • Form integration — Works with WPForms, Contact Form 7, comments, and more
  • Page caching — Optional AJAX honeypot injection when HTML is cached
  • Privacy — Optional IP anonymization when logging events

Configure minimum submission time, token lifetime, log list size, and more from the admin screens.

Installation

  1. Upload the plugin folder to /wp-content/plugins/mimicguard/ or install from the ZIP file.
  2. Activate Mimic Guard on the Plugins screen in WordPress.
  3. Open the Mimic Guard menu to review settings and logs.

FAQ

I use a full-page caching plugin

Enable “Insert honeypot via AJAX (cache-friendly)” so honeypots can still be loaded even when HTML is cached.

Legitimate submissions are being blocked

Try increasing the minimum submission time slightly, or disable “Require time-check token” if you do not need it.

Where are logs stored?

In a dedicated database table. You can run cleanup from the admin area based on retention settings.

Reviews

There are no reviews for this plugin.

Contributors & Developers

“Mimic Guard” is open source software. The following people have contributed to this plugin.

Contributors

“Mimic Guard” has been translated into 1 locale. Thank you to the translators for their contributions.

Translate “Mimic Guard” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.

Changelog

1.3.3

Reduced honeypot false positives from browser/password manager autofill by hardening honeypot field attributes and narrowing dynamic prefix checks; also improved detailed block reason logging and frontend guard checks.

1.3.2

Further hardening for WordPress.org review: sanitize request data used for spam checks, escape admin template output, sanitize server variables for IP logging, Prime Form AJAX callback naming, remove bundled PHPUnit bootstrap from the distribution package.

1.3.1

WordPress.org review: enqueue scripts, sanitization/escaping, readme contributor, translations loading.

1.3.0

Internal improvements, security, and code quality updates.

Meta

Ratings

No reviews have been submitted yet.

Your review

See all reviews

Contributors

Support

Got something to say? Need help?

View support forum