There are so many websites owners displaying their emails on their websites without securing emails that i wanted to tell them “STOP” ! No, really “STOP” ! Displaying an email is never a good idea, i much prefer the use of a contact form, but sometimes some clients really want to display their email in a widget, in the sidebar or whatever. So, if you have to (read: if you have been forced to) display an email, here is a quick tip to ofuscate the email in the page code source so that spammers robots can’t use it.
Securing emails is crucial!
And the solution is given directly by a WordPress core function. It’s called antispambot(). And to use this function, it’s really simple, there’s only two parameters, and only one is required. Here are these parameters:
- $emailaddy – Nothing more than the email you want to ofuscate
- $mailto – (optional) 0 or 1. Used for encoding
To use the function, simply do something like that :
and on the browser screen the email will show perfectly, but in the code it will be encoded to something like this:
Let’s be honest it’s pretty unreadable, that’s what we were looking for ! Don’t forget that securing emails, and specially yours, is our aim!
To last here is a nice adaptation on this functions by wpengineer i slightly modified to create a shortcode using antispambot():
Just paste this code in your the functions.php file in your theme folder, or in any of your plugins files.
To use the shortcode here is the method:
[email mailto="firstname.lastname@example.org" txt="click here"] or [email mailto="email@example.com" txt="firstname.lastname@example.org"]