Plugin / AVH First Defense Against Spam

Peter van der Does



The AVH First Defense Against Spam plugin gives you the ability to block spammers before any content is served by identifying them at the Project Honey Pot, a local blacklist or the local IP cache.
Visitors trying to post a comment are checked at Stop Forum Spam is not used to check before content is served due to the amount of requests, which overloads their infrastructure.


  • PHP 5 is required.
  • The visitor’s IP can be checked at the following third parties:
  • Spammers can be blocked based on the information supplied by the third party or by using a local blacklist.
  • Comments made without a HTTP referrer can be blocked.
  • Separate thresholds can be set for the following features:
    • Send an email to the board administrator with information supplied by the third party about the spammer.
    • Block the spammer before content is served.
  • Bypass the checks for the IP at the third parties and the local blacklist, based on IP in the local whitelist.
  • Ability to add single IP’s and/or IP ranges to the blacklist and whitelist.
  • When an IP is blocked a message can be displayed to the visitor with the reason why access was blocked.
  • Report a spammer to Stop Forum Spam. A valid API key from Stop Forum Spam is necessary.
  • Add a spammer to the local blacklist by clicking a link in the received email.
  • IP Caching system.
  • Use a honey pot from Project Honey Pot.
  • Option to block spammers that access wp-comments-post.php directly by using a comment security check. An email can be send when the check fails.

Blocking a potential spammer before content is served has the following advantages:

  1. It saves bandwidth.
  2. It saves CPU cycles. The spammer is actually checked and blocked before WordPress starts building the page.
  3. If you keep track of how many visitors your site has, either by using Google’s Analytics, WP-Stats or any other one, it will give you a cleaner statistic of visits your site receives.

Usage terms of the 3rd Parties

Please read the usage terms of the 3rd party you are activating.
* Stop Forum Spam.
* Project Honey Pot.
* Spamhaus.

The IP Caching system.

Stop Forum spam has set a limit on the amount of API calls you can make a day, currently it is set at 20,000 calls a day.
This means that if you don’t use the Blacklist and/or Whitelist you are limited to 20,000 visits/day on your site. To overcome this possible problem I wrote an IP caching system.
If you use the caching system you still have a limit with Stop Forum Spam , but the limit is set to 20,000 unique visits/day.

The following IP’s are cached locally:

  1. Every IP identified by a 3rd party as spam and triggering the terminate-the-connection threshold.
  2. Every clean IP.

Only returning IP’s that were previously identified as spammer and who’s connection was terminated will update their last seen date in the caching system.
Every day, once a day, a routine runs to remove the IP’s who’s last seen date is X amount of days older than the date the routine runs. You can set the days in the administration section of the plugin.
You can check the statistics to see how many IP’s are in the database. If you have a busy site, with a lot of unique visitors, you might have to play with the “Days to keep in cache” setting to keep the size under control.

Checking Order and Actions

The plugin checks the visiting IP in the following order, only if that feature is enabled of course.

  1. Whitelist – If found in the list skip the rest of the checks.
  2. Blacklist – If found in the list terminate the connection.
  3. IP Caching – If found in the list and it’s spam terminate connection otherwise if it’s clean skip the rest of the checks except when posting a comment then a Stop Forum Spam check will be done.
  4. Stop Forum Spam – Only when the visiting IP is posting a comment. If found and it’s spam terminate connection.
  5. Project Honey Pot – If found and it’s spam terminate connection, if found and it’s set to be a search engine no further checks will be performed.
  6. Spamhaus- If found and it’s spam terminate connection.

To my knowledge this plugin is fully compatible with other anti-spam plugins, I have tested it with WP-Spamfree and Akismet.


15 reviews

Rating breakdown

Details Information



First Released

18 Mar, 2009

Total Downloads


Wordpress Version

4.5 or higher

Tested up to:


Require PHP Version:





The plugin hasn't been transalated in any language other than English.


The information provided in this THEME/PLUGIN DIRECTORY is made available for information purposes only, and intended to serve as a resource to enable visitors to select a relevant theme or plugin. wpSocket gives no warranty of any kind, express or implied with regard to the information, including without limitation any warranty that the particular theme or plugin that you select is qualified on your situation.

The information in the individual theme or plugin displayed in the Directory is provided by the owners and contributors themselves. wpSocket gives no warranty as to the accuracy of the information and will not be liable to you for any loss or damage suffered by you as a consequence of your reliance on the information.

Links to respective sites are offered to assist in accessing additional information. The links may be outdated or broken. Connect to outside sites at your own risk. The Theme/Plugin Directory does not endorse the content or accuracy of any listing or external website.

While information is made available, no guarantee is given that the details provided are correct, complete or up-to-date.

wpSocket is not related to the theme or plugin, and also not responsible and expressly disclaims all liability for, damages of any kind, arising out of the use, reference to, or reliance on, any information or business listed throughout our site.

Keep Leading Your Followers!
Share it for them.