OOPSpam Anti-Spam


OOPSpam Anti-Spam WordPress Plugin is a new generation spam filter that uses modern approaches. Every comment and contact form submission is analyzed with advanced algorithms such as machine learning models and checked against our database.

It uses OOPSpam API, which protects over 1M websites daily.


  • Adjust the Sensitivity Level of spam filtering, so you don’t miss any important messages
  • Checks messages with a machine learning model
  • Country Restrictions
  • Language Restrictions
  • Automatically checks against multiple blacklisted IP & Email lists
  • Automatically detects spam word patterns
  • [Privacy] Do not analyze IP addresses setting
  • [Privacy] Do not analyze Emails setting.
  • [Privacy] Remove sensitive information from messages setting
  • Form Spam Entries: view spam entries, delete or report them to us.
  • Form Ham Entries: view not spam entries, delete or report them to us.
  • and many custom rules, advanced analyses to detect and mark as spam

The value we bring:

  • Fast & lightweight
  • No cookies, no challenges, no Javascript, no tracking
  • Does NOT break your website with each update
  • High accuracy (%99.9)
  • Use one API key with unlimited websites
  • No data stored in our servers. All your data stored in your local WordPress database.
  • Privacy by design
  • Support (24-hour response)

The plugin filters both comments, site search, and contact form submissions.

Supported form & comment solutions:

  • WooCommerce Order & Registration
  • Elementor Forms
  • Ninja Forms
  • Gravity Forms
  • Kadence Form Block
  • Fluent Forms
  • WS Form
  • WPDiscuz
  • Forminator
  • WPForms
  • Formidable Forms
  • Contact Form 7
  • Bricks Forms
  • Toolset Forms
  • Piotnet Forms
  • GiveWP Donation Forms
  • MailPoet

OOPSpam Anti-Spam WordPress Plugin needs a minimum configuration. The only thing you need to do is get a key and insert it into the appropriate setting field under Settings=>OOPSpam Anti-Spam. If you have a contact form plugin, make sure to activate spam protection on the settings page.

Please note: This is a premium plugin. You will need an OOPSpam Anti-Spam API key to use the plugin. Every account comes with free 40 spam checks per month.
If you are already using OOPSpam on other platforms, you can also use the same API key for this plugin.


  • OOPSpam admin settings
  • Spam Entries from contact forms


You can install OOPSpam Anti-Spam plugin both from your WordPress admin dashboard and manually.


  1. Visit the plugins page within your dashboard and select ‘Add New’;
  2. Search for ‘oopspam’;
  3. Activate OOPSpam Anti-Spam from your Plugins page;
  4. Go to OOPSpam Anti-Spam=>Settings


  1. Upload the ‘oopspam-anti-spam’ folder to the /wp-content/plugins/ directory;
  2. Activate the OOPSpam Anti-Spam plugin through the ‘Plugins’ menu in WordPress;
  3. Go to OOPSpam Anti-Spam=>Settings


Using the plugin requires you to have an OOPSpam API key. You can get one from here.
Once you have a key, copy it and paste into OOPSpam API key field under OOPSpam Anti-Spam=>Settings


Where do I report security bugs found in this plugin?

Please report security bugs found in the source code of this plugin through the Patchstack Vulnerability Disclosure Program. The Patchstack team will assist you with verification, CVE assignment, and notify the developers of this plugin.


Mee 15, 2023
I tried this as an alternative to Akismit on 40 or so sites I maintain. Now that it's been a few months, I can say I'm very happy with the usable data and tools provided to me. It's eliminated all spam, and even the need for Captcha. I like being able to solve my own problems, and I've learned a lot about spam control since installing this! Great plugin, highly recommend.
Maarec 28, 2023
I run a small website development agency and had a lot of complaints from clients about spam submissions. After trying honeypots and Google reCAPTCHAs, a large amount of spam was still coming in. I gave Oopspam a shot and it worked really well, I actually just upgraded my plan. I would recommend this plugin for reducing the number of spam emails you or your clients have to go through.
Februari 6, 2023
We've had a tough time dealing with spam since putting up an Elementor based Contact form. Neither Akismet nor AntiSpam Bee could deal with it. OOPSpam worked out of the box - so well, that we blew past the 40/requests/month limit on the Free account within a day.Well done, OOPSpam, and happy to have now purchased a license.
Februari 1, 2023 4 replies
I use Elementor Pro Form and the plugin won`t work. Known spammers such as Eric Jones and James Milo will pass it through the form like a knife through butter. What else is there to stop them?
Disambor 4, 2022
I signed up for a test and joined a paid program right away. All the spam emails getting through reCaptcha and Captcha have now stopped. Loved how easy it was to work with Elementor Forms
Read all 10 reviews

Contributors & Developers

“OOPSpam Anti-Spam” is open source software. The following people have contributed to this plugin.


Translate “OOPSpam Anti-Spam” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • NEW: Quickly add spam countries in Block countries setting
  • FIX: Make WP site search protection optional
  • FIX: Avoid multiple API calls when searching


  • NEW: Block countries


  • NEW: WP site search protection
  • IMPROVEMENT: Tested with WP 6.3


  • IMPROVEMENT: Include the current Sensitivity Level in a report
  • SECURITY: Escape and HTML encode the raw entry in Form Spam/Ham Entries


  • SECURITY: Added nonce check for Empty Spam/Ham Entries actions


  • NEW: Apply your own logic with oopspam_check_for_spam hook. Check the docs for more info: https://www.oopspam.com/help/wordpress/hooks/


  • NEW: Forminator support
  • NEW: MailPoet support


  • IMPROVEMENT: Show an error when a comment is spam


  • NEW: WPDiscuz support
  • IMPROVEMENT: Encourage sensitivity at level 3
  • IMPROVEMENT: Make the ‘API Key Exceeded’ warning message more informative


  • FIX: Fallback if Kadence doesn’t exist


  • NEW: Kadence Form Block support


  • FIX: Remove First and Last Name detection from Remove sensitive information from messages as it causes false negatives in some cases


  • FIX: Support unicode in the content field


  • SECURITY: Escape all input setting fields with esc_html. Thanks Rio Darmawan & Patchstack for the report


  • NEW: Piotnet Forms support
  • NEW: Multilingual support with WPML
  • NEW: Better support for Action Packs for Elementor Forms
  • FIX: Don’t store password type values in Elementor Forms under Form Ham/Spam Entries
  • FIX: An alternative way to find First Name in WooCommerce order if the default fails


  • FIX: Allow all capital First Name orders


  • NEW: Don’t allow invalid URL in the website field in the WP comment system
  • NEW: Integrate email check to the WP comment system
  • FIX: UK short country code in “Allowed Countries” setting


  • NEW: Toolset Forms support
  • NEW: [Privacy] Do not analyze Email addresses setting
  • NEW: [Privacy] Remove sensitive information from messages before sending them to OOPSpam setting.
  • NEW: Locally, stop auto-generated gibberish First & Last Name attack in WooCommerce
  • FIX: Premature exit from a loop when looking for an email field in Ninja Forms
  • SECURITY: Use sanitize_textarea_field instead of wp_filter_nohtml_kses for textarea fields in all forms.


  • FIX: Removed unnecessary file injection


  • FIX: Compatibility issues with PHP 7
  • MISC: Clean up


  • NEW: WS Form support
  • NEW: Auto-truncate Form Spam Entries & Form Ham Entries
  • IMPROVEMENT: Better clean up when uninstalled
  • IMPROVEMENT: Enforce default values when activated
  • FIX: In some cases, an email field value wasn’t captured in Elementor Forms


  • NEW: Email field spam check on all integrations
  • NEW: Form Ham Entries; report false negatives
  • NEW: Search on Form Ham Entries and Form Spam Entries tables
  • NEW: Email column on Form Ham Entries and Form Spam Entries tables
  • NEW: Bricks Forms support
  • NEW: Spam check on all types of forms such as newsletters and forms without any content field
  • IMPROVEMENT: GiveWP; removed unnecessary checks, sanitized the entire input array
  • FIX: Less annoying “The limit is hit” admin notice
  • FIX: Don’t fire spam check twice on WordPress account registration


  • IMPROVEMENT: Support forms with Page Break fields in Formidable Forms


  • IMPROVEMENT: Prevent the plugin from making multiple requests in Formidable Forms
  • IMPROVEMENT: Set default “I got my API Key from” value to OOPSpam Dashboard


  • FIX: WooCommerce login attempt


  • NEW: Ability to specify a custom content field ID
  • FIX: Filter submissions with empty content value
  • FIX: Correct the short country code for UK.
  • FIX: Enforce filtering in Ninja Forms


  • IMPROVEMENT: Protect registration under My account in WooCommerce integration


  • NEW: WooCommerce integration


  • NEW: WordPress user registration integration


  • NEW: GiveWP integration
  • NEW: “Form Spam Entries” page is visible for non-admins


  • NEW: Report form submissions as ham (aka not spam)


  • SECURITY: Sanitized inputs in ListTable implementation to avoid potential XSS attack


  • IMPROVEMENT: Delete OOPSpam-related table from the db when uninstalled


  • IMPROVEMENT: Update the plugin tags
  • IMPROVEMENT: Broken ‘Settings’ link is fixed


  • NEW: Store spam form entries locally
  • FIX: Prevent IP leaks


  • NEW: Added Formidable Forms integration


  • NEW: Added Fluent Forms integration
  • NEW: Added WPForms integration
  • FIX: small bug fixes


  • NEW: Added Elementor Forms integration
  • FIX: Some short comments bypasses the length check


  • FIX: Check for spam sometimes fails in Gravity Forms & comments


  • Bump to WP 5.8


  • NEW: Ask for a plugin review


  • NEW: A new setting “Current API Usage”
  • NEW: Support API keys from OOPSpam Dashboard
  • NEW: Contact Form 7 support


  • Bug fix


  • NEW: A new setting “Allow messages only from these countries”
  • NEW: A new setting “Allow messages only in these languages”
  • NEW: A new setting “Do not analyze IP addresses”


  • NEW: Added Gravity Forms support
  • NEW: A setting “Consider short messages as spam”


  • NEW: Added Sensitivity level, control the spam-filter’s sensitivity
  • NEW: An option to move spam comments to Trash or Spam folder


  • NEW: Ninja Forms Support


  • IMPROVEMENT: Comment Author’s url became part of analysis
  • IMPROVEMENT: HTTP request timeout increased


  • IMPROVEMENT: Some UI improvement


  • First Stable version of the plugin