It is true that email is the traditional and old-fashioned contact tool. However, it still establishes an immense communication channel so as to get the attention of most online hackers. In this case, when managing a WordPress site, you not only need to protect the whole site. In addition, you also need to safeguard the email address. Here, we’d like to introduce how to protect email address in WordPress.
Here, we need to mention that there is no one-time method for the full protection. However, what we introduce can effectively increase the difficulty degree to hack your email address.
How Can Hackers Target Your Email Address?
Before learning the method of email protection, you firstly need to know how these hackers find your email address for some bad utilization.
As researched, most hackers will refer to the special bots to scan the source code of your WordPress site. This practice can target your email address easily due to its formatting and the “mailto” scheme.
Protect Email Address from Harvesting Bots
To prevent these malicious bots from finding your email, the easiest way is to encode the email address. Here, you can use the Email Address Encoder plugin. This is a lightweight WordPress plugin that can protect the email from almost all the email harvesting bots. With it, you can have your email encoded into the hexadecimal or the decimal entities.
Here, we need to mention that this plugin does not have any UI. Once it is installed properly, your email address can be displayed properly in the front-end.
However, when the harvesting robots search your source code, the email can only be viewed in an encoded manner.
Protect Email Address from the Front-End
It is possible that hackers target your email address manually from the front-end without the utilization of the robots. If so, you can also use the Email Encoder Bundle plugin. With this special plugin, you can encode all the mailto links and email addresses to hide them effectively from the hackers.
To use it, you should click the Email Encoder Bundle button from your website admin. From the main settings part, you can choose what to protect, including the mailto links, the plain email address and the pre-filled email address in the input fields. In addition, you can apply this protection to all the posts, text widgets, pages and comments.
If you have some further requirements, you can also move down to the below settings. For instance, you can choose the protection methods among the options of JS Rot13, HTML Encode and JS Escape. Personally speaking, the first option is the most secure way. In addition, you can set the “noscript” text that will replace the plain email with the words you like.
In addition to your WordPress site, you can also enable the email protection in your RSS feeds. If you want, you even can set the protection text in the feeds as you like.
Lastly, we highly recommend you to show the “successfully encoded” message. This way, you can figure out whether the email addresses are encoded properly.