Stop Spambots From Scraping Email Addresses From Your WordPress Site With The AntiSpamBot Function

There are a few useful plugins that will do this, but I like to use as few plugins as possible and want to keep my site as simple and bloat free as possible.

The fine folks at WordPress have built in a function that prevents spambots from gathering email address from your site. And it doesn’t involve adding any plugin.

Spambots are programs designed to collect email addresses from various parts of the Internet. The goal is to build mailing lists for sending spam.

You can find the details of what I did at this WordPress Codex page. I chose to use the shortcode method.

So what I did is add the following code to my Theme Functions (functions.php) file:

// Hide email from Spam Bots using a shortcode.

function wpcodex_hide_email_shortcode( $atts , $content = null ) {
 if ( ! is_email( $content ) ) {

 return '<a href="mailto:' . antispambot( $content ) . '">' . antispambot( $content ) . '</a>';
add_shortcode( 'email', 'wpcodex_hide_email_shortcode' );

And now anywhere I want to add an email address on a page or post, I do it with the short code


To us humans, the result will look like this But if you look at the source code, which is what spambots read, it might look something like:

<a href="mailto:sh&#111;r&#116;co&#100;&#101;&#64;&#101;&#120;&#97;mp&#108;&#101;.c&#111;&#109;">&#115;h&#111;rt&#99;o&#100;&#101;&#64;e&#120;amp&#108;&#101;.com</a>

This doesn’t prevent someone from copying my email address, but it will stop most spambots from harvesting my email address.