Highlight Creative

Website design & development

Keeping email safe from site crawlers

Emails that are simply typed out on a page are fair game for spam crawlers — basically, bots who check website code, find email addresses, and use it to send you spam.

There are several ways to avoid this. Some people type in spaces or characters, like info[@]gmail.com. Others simply don’t write out email addresses, and use contact forms instead.

But sometimes, you need to write out the email address. Some people prefer clicking a link (on a device) to open their email app instead of using a contact form. And sometimes, you need it in a place where a form would be inappropriate, such as on a team page with email addresses in the bios.

In those cases, encoding the email addresses is a better option. This causes the email addresses to appear as a random string of characters to bots, but regular to people. (It won’t stop a human spammer from grabbing your email, but there are limits to what we can avoid :) )

Fast and easy: use this Email Encoder plugin by Ironikus. All your emails (and phone numbers, too!) encoded, out of the box. It’s great for situations with lots of emails entered into content areas.

But if you’ve got just one email address and you don’t want to add a plugin for it, you can use a really useful, built-in WordPress function called antispambot.

I add like to add a custom field (with ACF) to the contact page or an options page, and then use one of the following:

<?php 
	/* 
	 * Encode emails, for use in template
	 * Replace ACF field name
	 */	
	$email = antispambot( get_field( 'encoded_email' ) ); 
	?>
	<p>
		<a href="mailto:<?php echo $email; ?>"> 
			<?php echo $email; ?>
		</a>
	</p>
<?php

Or if it will be used in a few places, I put it in a shortcode:

<?php
/*
 * Creates shortcode for encoded email
 * Replace ACF field name
 * Creates shortcode [encoded_email] that returns the email address linked in a mail:to tag
 */
add_shortcode( 'encoded_email', 'hct_encoded_email_shortcode' );
function hct_encoded_email_shortcode() {	
	$email = antispambot( get_field( 'encoded_email', 'option' ) );
	$emailLink = '<a href="mailto:' . $email . '">' . $email . '</a>';
	
	return $emailLink;
}

Leave a Reply

Your email address will not be published. Required fields are marked *