Fixes key tester false-positive: keys from a different domain no longer show as valid. Recommended update for all users.<\/p>","1.1.2":"
Plugin renamed to LukaCodes AntiSpam Shield. Adds CAPTCHA for login and registration forms. Fixes debug message in WPForms integration. Recommended update for all users.<\/p>","1.1.0":"
Adds CAPTCHA protection for WPForms Lite \u2014 using your existing reCAPTCHA v3 or Turnstile keys. Recommended update for WPForms Lite users.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3479965,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3479965,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3479965,"resolution":"1544x500","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.0.1","1.1.0","1.1.1","1.1.2","1.1.3"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":3482319,"resolution":"1","location":"assets","locale":""}},"screenshots":{"1":"The main settings dashboard with Comment Options, reCAPTCHA, Turnstile, Login & Registration, and WPForms sections.","2":"WPForms integration panel \u2014 shows detection status and toggle.","3":"reCAPTCHA key tester \u2014 real-time verification against Google API.","4":"Turnstile key tester \u2014 real-time verification against Cloudflare API.","5":"Plugin status panel \u2014 at-a-glance view of current configuration."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[2656,595,599,214603,130711],"plugin_category":[38,44,54],"plugin_contributors":[257567],"plugin_business_model":[],"class_list":["post-286960","plugin","type-plugin","status-publish","hentry","plugin_tags-anti-spam","plugin_tags-recaptcha","plugin_tags-spam","plugin_tags-turnstile","plugin_tags-wpforms","plugin_category-authentication","plugin_category-discussion-and-community","plugin_category-security-and-spam-protection","plugin_contributors-luka2013","plugin_committers-luka2013"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/lukacodes-comment-shield\/assets\/icon-128x128.png?rev=3479965","icon_2x":"https:\/\/ps.w.org\/lukacodes-comment-shield\/assets\/icon-256x256.png?rev=3479965","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/lukacodes-comment-shield\/assets\/screenshot-1.png?rev=3482319","caption":"The main settings dashboard with Comment Options, reCAPTCHA, Turnstile, Login & Registration, and WPForms sections."}],"raw_content":"\n
LukaCodes AntiSpam Shield<\/strong> is a lightweight, no-bloat plugin that protects your WordPress comment section and contact forms<\/strong> from spam. Five independent tools, one settings page. Read the full documentation<\/a>.<\/p>\n\n All features are independent<\/strong> \u2014 enable only what you need.<\/p>\n\n Version 1.1.2 adds CAPTCHA protection to Both are independently togglable in the settings panel. Admins already logged in are never affected.<\/p>\n\n Version 1.1.0 introduces CAPTCHA protection for WPForms Lite<\/strong>:<\/p>\n\n Note: WPForms Pro includes its own native CAPTCHA integration \u2014 this feature is intended for WPForms Lite<\/strong> users only.<\/p>\n\n Most anti-spam plugins are heavy, require accounts, or add ugly CAPTCHAs. LukaCodes AntiSpam Shield is different:<\/p>\n\n When a visitor submits a form, JavaScript silently requests a score token from Google. The token is sent with the submission and verified server-side against your minimum score threshold (configurable from 0.1 to 1.0). No user interaction required.<\/p>\n\n A Turnstile widget is rendered inside the form. When the visitor completes the challenge, a token is submitted and verified server-side against the Cloudflare API.<\/p>\n\n This plugin optionally uses the following third-party services:<\/p>\n\n A service provided by Google LLC.<\/p>\n\n A service provided by Cloudflare, Inc.<\/p>\n\n Both services are entirely optional. If you do not enter API keys or enable either CAPTCHA, no data is sent to any third party.<\/p>\n\n\n\n
<a href><\/code> hyperlinks from comment content \u2014 both on display and before saving to the database. Spammers get zero benefit from posting links.<\/li>\nwp-login.php<\/code>). Stops brute-force bots silently.<\/li>\nLogin & Registration Shield<\/h4>\n\n
wp-login.php<\/code>:<\/p>\n\n\n
wp_authenticate_user<\/code> for server-side verification after credentials are checked. Returns a WP_Error<\/code> if CAPTCHA fails \u2014 WordPress displays it as a normal login error.<\/li>\nregistration_errors<\/code> to add CAPTCHA validation during registration. Works alongside all other WordPress registration validations.<\/li>\n<\/ul>\n\nWPForms Integration<\/h4>\n\n
\n
wpforms_display_submit_before<\/code> to inject the CAPTCHA widget before the submit button.<\/li>\nwpforms_process<\/code> for server-side token verification.<\/li>\nWhy AntiSpam Shield?<\/h4>\n\n
\n
reCAPTCHA v3 \u2014 How it works<\/h4>\n\n
Cloudflare Turnstile \u2014 How it works<\/h4>\n\n
Third-Party Services<\/h3>\n\n
Google reCAPTCHA v3<\/h4>\n\n
\n
https:\/\/www.google.com\/recaptcha\/api\/siteverify<\/code> on each form submission.<\/li>\nCloudflare Turnstile<\/h4>\n\n
\n
https:\/\/challenges.cloudflare.com\/turnstile\/v0\/siteverify<\/code> on each form submission.<\/li>\n\n
lukacodes-comment-shield<\/code> folder to \/wp-content\/plugins\/<\/code><\/li>\nreCAPTCHA v3 Setup<\/h4>\n\n
\n
Cloudflare Turnstile Setup<\/h4>\n\n