Spambot Email Protector

Name: Spambot Email Protector
Version: 2.03 (Released: Apr 16, 2019 - changelog)
Requires:  CMS Builder v3.50
Price:  Free
Download:  Login to download

Automatically encodes email addresses in viewer pages to protect them from spambots and email harvesters.


By just installing this plugin in your CMS you can instantly protect every email addresses on your site from Spambots - malicious scripts that automatically scan your web pages for email addresses.

Spambots are programs that scan the source code of your site looking for email addresses to add to their mailing lists. Once added to a list it's just a matter of time until you're inundated with unwanted spam email.

Web developers have often gone as far as to manually protect each email address on their site, displaying their email address as something like or email(AT) The problem with this is manually editing each email address is slow and monotonous, and it inconveniences legitimate site visitors who only want to send you an email.

Spambot Email Protector makes protecting your email addresses easy. Once this plugin is installed each email address on your site is heavily encrypted so spambots can't read it when viewing your source code. All this without inconveniencing your visitors. Visitors to your site will see a perfectly readable email address.

Why do I need Spambot Email Protector on my website?

To protect your email address and the email addresses on your clients' websites from being harvested.

Every day thousands of spambots scour the internet looking for email addresses. Spambots constantly visit websites in an aggressive attempt to harvest email addresses. If a spambot finds your email address it will index it and add it to a mailing list. Spammers use these lists to send you and thousands of others unwanted junk email. At any time, your site or your client's site is being scoured by a spambot.

Spambot Email Protector defends your site from harmful spambots by encrypting your email addresses, making it near impossible for a spambot to recognize them.

Do I really need to offer my clients this service?

While developing and designing websites is your main business, web development is a competitive industry and you need every tool available to close more sales. SpamBot Protection is another service that compliments your main offering, giving prospective clients one more reason to choose you instead of your competitors.

What's best about Spambot Email Protector is that if you purchase an unlimited license there's no limit to how many sites you can install it on. Spambot Email Protector comes with an unlimited-use license, buy it once and offer the service countless times to any future client.

So what do the spambots see, and what do my site visitors see?

Your site visitors will see a normal, linkable email address:
Spambots will see a heap of encrypted code making it virtually impossible to detect it's an email address:

<bdo dir="rtl">&#109;<!-- lrm -->&#x6f;<span>&#x63;<!-- umr -->&#x2e;&#x73;&#115;&#101;<!-- tpt -->&#x72;&#x64;&#x64;&#x61;&#x6c;</span>&#x69;&#x61;&#x6d;&#101;&#x40;&#114;&#x75;<!-- gku -->&#111;&#x79;<!-- ahs --></bdo>

Encoding Methods
Spambot Email Protector employs over a half-dozen encoding methods to make sure your email addresses are kept safe from malicious email harvesters. Note: You have complete control over which methods are used, each encoding methods can be toggled on and off in the script.

Mixed Entity Encoding
Web browsers have a special character encoding method called HTML Entities. Spambot Email Protector replaces each character with a special code that displays exactly the same to humans but can fool less advanced spambots. For added security we mix two types of Entity encoding, decimal and hexidecimal.
What you see:
What spambots see: &#117;&#115;&#x65;&#114;&#x40;&#104;&#x6f;& #115;&#x74;&#x2e;&#99;&#111;&#x6d;

Url Encoding
mailto: links get even more encoding. You've probably done a search before and see %20 in the url (for space). Using url encoding AND the above method we make mailto links that are near impossible for spambots to decode.
What you see:
What spambots see: %20%20&#117;&#115;&#x65;&#114;&#x40;&#104;&#x6f; &#115;&#x74;&#x2e;&#99;&#111;&#x6d;

<bdo> reversal
There's a little known HTML tag called <bdo> that lets you show text in reverse. We store your email backwards - since spambots don't understand tags, especially obscure ones like this, they don't know how to flip the text to get your protected email address.
What you see:
What spambots see: <bdo dir="rtl">moc.tsoh@resu</bdo>

Embedded HTML Comments
Spambots scan pages for complete email addresses. By inserting invisible HTML comment tags in the source of the page we can break up the email address. This prevents spambots from recognizing it by still allows it to display as normal.
What YOU see:
What SPAMBOTS see: us<!-- xd --><!-- de -->m

Embedded HTML Tags
Even harder to remove than HTML comments are html tags. Without them your page becomes one long stream of text. We randomly insert <span> tags to even further confuse email harvestors.
What YOU see:
What SPAMBOTS see: us<span>er@ho</span>

Javascript Mailto: Links
Spambots and harvestors don't understand javascript, but all modern browsers do. Spambot Email Protector automatically encodes mailto: links like this:
What YOU see:
What SPAMBOTS see: javascript:window.location='mail'+'to:user'+'@'+'';

Javascript Character Encoding
To even FURTHER block spammers, Spambot Email Protector uses javascript to encode emails in mailto: links in another COMPLETELY different method than any other similar script. Characters are encoded as unicode - modern browser easily turn this back into text, but spambots simply don't know how. Spambots and harvestors don't understand javascript, but all modern browsers do. So mailto links are automatically encoded like this:
What YOU see:
What SPAMBOTS see: mailto:void(\u0075\u0073\u0065\u0072\u0040\u0068\u006f\u0073\u0074\u002e\u0063\u006f\u006d')

Key Features

  • Crazy-simple installation: Upload plugin, activate it and you're done.
  • Minimal requirements: Automatically works on all existing viewer pages

Customer Quotes

A must have if you are in Web Design/Development.
Jeff Taylor
Why wouldn't you have this in your web-dev toolkit?
Tim Forrest
Toledoh Enterprises
Thank you for making it a plugin. I've used the single-line code since it's inception and it's worked EXCELLENTLY! My clients TRULY appreciate it!
Terry Conrad
Terry Conrad