Securing emails in your WordPress contents



There are so many websites owners displaying their emails on their websites without securing emails that i wanted to tell them “STOP” ! No, really “STOP” ! Displaying an email is never a good idea, i much prefer the use of a contact form, but sometimes some clients really want to display their email in a widget, in the sidebar or whatever. So, if you have to (read: if you have been forced to) display an email, here is a quick tip to ofuscate the email in the page code source so that spammers robots can’t use it.

Securing emails is crucial!

And the solution is given directly by a WordPress core function. It’s called antispambot(). And to use this function, it’s really simple, there’s only two parameters, and only one is required. Here are these parameters:

  • $emailaddy – Nothing more than the email you want to ofuscate
  • $mailto – (optional) 0 or 1. Used for encoding

To use the function, simply do something like that :

echo antispambot('');

and on the browser screen the email will show perfectly, but in the code it will be encoded to something like this:

Let’s be honest it’s pretty unreadable, that’s what we were looking for ! Don’t forget that securing emails, and specially yours, is our aim!

To last here is a nice adaptation on this functions by wpengineer i slightly modified to create a shortcode using antispambot():

Just paste this code in your the functions.php file in your theme folder, or in any of your plugins files.
To use the shortcode here is the method:

[email mailto="" txt="click here"]
[email mailto="" txt=""]

Leave a Reply