[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$f1z9gzp42STHH6Nb85SMmiChLzLtkB2UdpAeLfP377OM":3},{"slug":4,"display_name":5,"profile_url":6,"plugin_count":7,"total_installs":8,"avg_security_score":9,"avg_patch_time_days":10,"trust_score":11,"computed_at":12,"plugins":13},"luka2013","LukaCodes","https:\u002F\u002Fprofiles.wordpress.org\u002Fluka2013\u002F",1,0,100,30,94,"2026-04-05T02:57:18.160Z",[14],{"slug":15,"name":16,"version":17,"author":5,"author_profile":6,"description":18,"short_description":19,"active_installs":8,"downloaded":20,"rating":8,"num_ratings":8,"last_updated":21,"tested_up_to":22,"requires_at_least":23,"requires_php":24,"tags":25,"homepage":31,"download_link":32,"security_score":9,"vuln_count":8,"unpatched_count":8,"last_vuln_date":33,"fetched_at":34},"lukacodes-comment-shield","LukaCodes AntiSpam Shield","1.1.3","\u003Cp>\u003Cstrong>LukaCodes AntiSpam Shield\u003C\u002Fstrong> is a lightweight, no-bloat plugin that protects your WordPress comment section \u003Cstrong>and contact forms\u003C\u002Fstrong> from spam. Five independent tools, one settings page. \u003Ca href=\"https:\u002F\u002Flukacodes.com\u002Fcomment-shield-docs\u002F\" rel=\"nofollow ugc\">Read the full documentation\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Disable Website Field\u003C\u002Fstrong> — Removes the URL\u002Fwebsite field from the comment form. Works with all themes, including those that hardcode the field (CSS fallback included).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Strip Links from Comments\u003C\u002Fstrong> — Automatically removes all \u003Ccode>\u003Ca href>\u003C\u002Fcode> hyperlinks from comment content — both on display and before saving to the database. Spammers get zero benefit from posting links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>reCAPTCHA v3\u003C\u002Fstrong> — Adds Google’s invisible bot-score protection. No checkbox, no puzzle, no friction for real users. Bots are silently blocked server-side.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Turnstile\u003C\u002Fstrong> — A privacy-friendly CAPTCHA alternative. Mutually exclusive with reCAPTCHA v3 — enabling one automatically disables the other.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Login Shield\u003C\u002Fstrong> — Adds CAPTCHA to the WordPress login form (\u003Ccode>wp-login.php\u003C\u002Fcode>). Stops brute-force bots silently.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registration Shield\u003C\u002Fstrong> — Adds CAPTCHA to the WordPress registration form. Blocks bot account creation.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WPForms Integration\u003C\u002Fstrong> — Apply the same CAPTCHA protection to WPForms Lite — using the same keys you already configured, no extra setup.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>All features are \u003Cstrong>independent\u003C\u002Fstrong> — enable only what you need.\u003C\u002Fp>\n\u003Ch4>Login & Registration Shield\u003C\u002Fh4>\n\u003Cp>Version 1.1.2 adds CAPTCHA protection to \u003Ccode>wp-login.php\u003C\u002Fcode>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Login Shield\u003C\u002Fstrong> — Hooks into \u003Ccode>wp_authenticate_user\u003C\u002Fcode> for server-side verification after credentials are checked. Returns a \u003Ccode>WP_Error\u003C\u002Fcode> if CAPTCHA fails — WordPress displays it as a normal login error.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Registration Shield\u003C\u002Fstrong> — Hooks into \u003Ccode>registration_errors\u003C\u002Fcode> to add CAPTCHA validation during registration. Works alongside all other WordPress registration validations.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Both are independently togglable in the settings panel. Admins already logged in are never affected.\u003C\u002Fp>\n\u003Ch4>WPForms Integration\u003C\u002Fh4>\n\u003Cp>Version 1.1.0 introduces CAPTCHA protection for \u003Cstrong>WPForms Lite\u003C\u002Fstrong>:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Hooks into \u003Ccode>wpforms_display_submit_before\u003C\u002Fcode> to inject the CAPTCHA widget before the submit button.\u003C\u002Fli>\n\u003Cli>Hooks into \u003Ccode>wpforms_process\u003C\u002Fcode> for server-side token verification.\u003C\u002Fli>\n\u003Cli>Works with both reCAPTCHA v3 (invisible) and Cloudflare Turnstile (visible widget).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Note: WPForms Pro includes its own native CAPTCHA integration — this feature is intended for \u003Cstrong>WPForms Lite\u003C\u002Fstrong> users only.\u003C\u002Fp>\n\u003Ch4>Why AntiSpam Shield?\u003C\u002Fh4>\n\u003Cp>Most anti-spam plugins are heavy, require accounts, or add ugly CAPTCHAs. LukaCodes AntiSpam Shield is different:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>~30 KB total — no external libraries, no jQuery dependency\u003C\u002Fli>\n\u003Cli>Settings page with \u003Cstrong>live key testing\u003C\u002Fstrong> — verify your reCAPTCHA or Turnstile keys before enabling\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Link stripping preview\u003C\u002Fstrong> — paste any comment text and see exactly what gets removed\u003C\u002Fli>\n\u003Cli>Graceful fallback: if Google’s or Cloudflare’s API is unreachable, comments are held for moderation (never lost)\u003C\u002Fli>\n\u003Cli>Trusted users (administrators) bypass CAPTCHA checks automatically\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Mutual exclusion\u003C\u002Fstrong>: reCAPTCHA v3 and Cloudflare Turnstile cannot be active at the same time\u003C\u002Fli>\n\u003Cli>WP Coding Standards compliant — fully escaped output, nonce-protected AJAX\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>reCAPTCHA v3 — How it works\u003C\u002Fh4>\n\u003Cp>When a visitor submits a form, JavaScript silently requests a score token from Google. The token is sent with the submission and verified server-side against your minimum score threshold (configurable from 0.1 to 1.0). No user interaction required.\u003C\u002Fp>\n\u003Ch4>Cloudflare Turnstile — How it works\u003C\u002Fh4>\n\u003Cp>A Turnstile widget is rendered inside the form. When the visitor completes the challenge, a token is submitted and verified server-side against the Cloudflare API.\u003C\u002Fp>\n\u003Ch3>Third-Party Services\u003C\u002Fh3>\n\u003Cp>This plugin optionally uses the following third-party services:\u003C\u002Fp>\n\u003Ch4>Google reCAPTCHA v3\u003C\u002Fh4>\n\u003Cp>A service provided by Google LLC.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Detects bots and spam on your comment form and contact forms without user interaction.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent:\u003C\u002Fstrong> Only when reCAPTCHA v3 is enabled. A token is sent to \u003Ccode>https:\u002F\u002Fwww.google.com\u002Frecaptcha\u002Fapi\u002Fsiteverify\u003C\u002Fcode> on each form submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent:\u003C\u002Fstrong> The visitor’s IP address and a reCAPTCHA token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fpolicies.google.com\u002Fprivacy\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fpolicies.google.com\u002Fterms\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Cloudflare Turnstile\u003C\u002Fh4>\n\u003Cp>A service provided by Cloudflare, Inc.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>What it does:\u003C\u002Fstrong> Presents a privacy-friendly CAPTCHA widget on comment and contact forms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>When data is sent:\u003C\u002Fstrong> Only when Cloudflare Turnstile is enabled. A token is sent to \u003Ccode>https:\u002F\u002Fchallenges.cloudflare.com\u002Fturnstile\u002Fv0\u002Fsiteverify\u003C\u002Fcode> on each form submission.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>What data is sent:\u003C\u002Fstrong> The visitor’s IP address and a Turnstile token.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Privacy Policy:\u003C\u002Fstrong> https:\u002F\u002Fwww.cloudflare.com\u002Fprivacypolicy\u002F\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Cloudflare Terms of Service:\u003C\u002Fstrong> https:\u002F\u002Fwww.cloudflare.com\u002Fwebsite-terms\u002F\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Both services are entirely optional. If you do not enter API keys or enable either CAPTCHA, no data is sent to any third party.\u003C\u002Fp>\n","Block comment spam, brute-force logins and bot registrations with reCAPTCHA v3 or Cloudflare Turnstile. Lightweight, no bloat.",252,"2026-03-15T00:09:00.000Z","6.9.4","6.0","8.0",[26,27,28,29,30],"anti-spam","recaptcha","spam","turnstile","wpforms","","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Flukacodes-comment-shield.1.1.3.zip",null,"2026-03-15T15:16:48.613Z"]