GhostTrap provides sophisticated invisible spam protection using a comprehensive 5-layer detection system. Legitimate users comment normally while automated spam is silently blocked through advanced timing analysis, cryptographic validation, and behavioral detection.
5-Layer Protection System
- Timing Analysis – Detects submissions too fast for human interaction
- Cryptographic Signatures – Prevents replay attacks and form manipulation
- Year Validation – JavaScript-enhanced field verification
- JavaScript Detection – Ensures legitimate browser interaction
- Honeypot Fields – Multiple hidden traps catch automated bots
Professional Features
- Enhanced Admin Interface – Professional statistics dashboard with custom branding
- Real-time Statistics – Track protection effectiveness with detailed blocking metrics
- Configurable Timing – Adjust detection sensitivity from 5-300 seconds
- WordPress 6.4+ Compatible – Full support for block themes and FSE
- Admin Bar Integration – Quick spam statistics for administrators
- Screen Options Control – User-configurable interface elements
Zero User Friction
All protection operates invisibly – no captcha, no puzzles, no delays. Users with JavaScript enabled see normal comment forms, while those with disabled JavaScript get simple year validation. Protection effectiveness remains high in both scenarios.
Performance Optimized
- Lightweight JavaScript – Only 2KB, loads exclusively on comment pages
- Smart Script Loading – Conditional loading based on comment form presence
- Minimal Database Impact – Efficient storage with optional spam archiving
- Browser Compatibility – Works across all modern browsers with graceful degradation
GDPR Compliant
No external services, no tracking, no personal data collection beyond standard WordPress comment processing. All spam detection happens locally on your server.
Attribution
Built upon the original Anti-spam plugin foundation by webvitaly, with comprehensive modernization, enhanced detection layers, and professional admin interface for current WordPress compatibility.
Privacy Policy
GhostTrap operates with privacy-first design principles:
- No External Services – All spam detection processing occurs on your server
- No Personal Data Collection – Uses only standard WordPress comment data for protection
- No Tracking or Analytics – Zero data sharing with third parties or external systems
- GDPR Fully Compliant – Minimal data processing with transparent, local-only operation
- Optional Spam Storage – Blocked comments stored locally only if explicitly enabled
Advanced Configuration
Timing Threshold Recommendations
- High Security Sites: 10-15 seconds (stricter protection)
- General Purpose Sites: 15-20 seconds (balanced protection)
- Accessibility-Focused Sites: 25-30 seconds (accommodates slower interaction)
- Reading-Heavy Sites: 30+ seconds (allows time for content review)
Admin Interface Customization
- Admin Bar Statistics – Toggle spam counter visibility in admin bar
- Screen Options – Control information panel display on comments page
- Dashboard Integration – Spam statistics in 「At a Glance」 widget
- Contextual Help – Comprehensive protection information in WordPress help system
Technical Requirements
Server Environment:
* WordPress 5.0 or higher
* PHP 7.4 or higher
* Standard WordPress hosting with wp_options table access
Browser Support:
* All modern browsers (Chrome, Firefox, Safari, Edge)
* Internet Explorer 11+ with graceful degradation
* Mobile browsers with full functionality
* JavaScript-disabled browsers with fallback protection
Performance Specifications:
* JavaScript payload: ~2KB minified and compressed
* Database impact: Single option row with minimal queries
* Server processing: Sub-millisecond detection analysis
* Memory usage: Negligible footprint during comment processing
