Email Address Encoder


A lightweight plugin that protects plain email addresses and mailto links from email-harvesting robots, by encoding them into decimal and hexadecimal entities. Has an effect on the posts, pages, comments, excerpts, text widgets and other filtered content. Works without JavaScript — just simple spam protection.

To see whether all your email addresses are properly protected, use the free page scanner tool.

Other content (like phone numbers) can be protected using [encode] shortcode:

[encode]+1 (555) 123-4567[/encode]

Premium Features

  • Full-page protection that catches all email addresses
  • Hardened protection using JavaScript and CSS techniques
  • Improved phone number protection
  • Built-in plugin support for ACF, Jetpack, WooCommerce and many others

Check out the Premium version of Email Address Encoder.

Capturas de pantalla

  • Settings: Configure the plugin to your needs.
  • Protection: This is how email addresses will look like under the hood.
  • [Premium] Hardened protection: A preview of JavaScript and CSS based techniques
  • [Premium] Phone number protection using polymorphous ROT47/CSS


For detailed installation instructions, please read the standard installation procedure for WordPress plugins.

  1. Upload the /email-address-encoder/ directory and its contents to /wp-content/plugins/.
  2. Login to your WordPress installation and activate the plugin through the Plugins menu.
  3. Use the “Page Scanner” under Settings -> Email Encoder to test if your email addresses are protected.


What does this plugin do?

This plugin searches for email addresses using WordPress filters like the_content, widget_text and others. Found email addresses are encoded using decimal and hexadecimal HTML entities, which obfuscates the email addresses to protect it from being read by most email-harvesting robots.

Alternatively, you can use the [encode] shortcode: [encode]+1 (555) 123-4567[/encode]

How can I make sure the plugin works?

You can use the “Page Scanner” found under Settings -> Email Encoder to see whether all your email addresses are protected. Alternatively, you can manually look at the “page source” of your site.

Please note: Chrome’s Developer Tools, Safari’s Web Inspector and others automatically decode decimal and hexadecimal entities. You need to look at the “plain HTML source code”.

How can I filter other parts of my site?

This guide will help you encode all email addresses that aren’t caught.


17 de Julio de 2019
Out of the box, Email Address Encoders obfuscates emails address posted as mailto:somethings@someplace.tld to <a h r e f = " & # x 6 d ; & # x 6 1 ; & # ` and so on... This provides some level of defence against email harversters, but allows the emails addresses to be visible and clickable in the browser for the end user. Combined with a modern email spam filter, that provides "good enough" spam protection in my opinion. I've been using Email Address Encoder for years. Some people are put off that the author offers even better protection at a cost, but you shouldn't, Email Address Encoder, "just works", and without mentionable performance impact.
12 de Mayo de 2019
absolut genial das plugin. super maßnahme gegen spam harvester und roboter, ich empfehle auch die tel. nummern auf allen seiten zu encoden. geht ganz einfach mit [encode]+43 677 1234 1234 1234.[/encode]. das "pagescanner" feature kann man auch nur empfehlen.
25 de Abril de 2019
UPDATE zu meiner vorherigen Bewertung: Till leistet einen super guten und extrem schnellen Support und hat mir verständlich gemacht, dass das Plugin nicht verantwortlich für die vielen (heute mittlerweile 200+) SPAM-Mails ist. Vielen Dank nochmal! 😉 Vorherige Bewertung: Das Plugin funktioniert eigentlich sehr gut. Beim letzten Update gab es aber anscheinend ein kleines Problem. Offenbar war die Mail-Adresse auf einer meiner Websites kurzzeitig sichtbar. Ich bekomme jetzt ca. 100 SPAM-Mails pro Tag!! Vorher waren es maximal 5. Es kann natürlich auch sein, dass es ein Zufall war und an einem anderen Plugin liegt. Dann frage ich mich aber, warum es nicht auch auf einer anderen Website passiert ist!? Gibt es eine Liste mit bekannten nicht kompatiblen Plugins?
23 de Marzo de 2019
Not sure how much this really distracts screen scrapers from collecting email addresses and phone numbers but sure better than letting such information sit there in plain text. Would prefer to use the pro version but this is not the kind of tool for which I'm willing to pay an annual subscription fee.
Leer los 129 comentarios

Colaboradores & Desarrolladores

“Email Address Encoder” es software de código abierto. Las siguientes personas han contribuido a este plugin.


“Email Address Encoder” ha sido traducido en 7 idiomas. Gracias a los traductores por sus contribuciones.

Traduce & #8220;Email Address Encoder” a tu idioma.

¿interesado en el desarrollo?

Revisa el código , echa un vistazo al repositorio SVN , o suscríbete al log de desarrollo por RSS .

Historial de cambios


  • Defer loading of email detector script
  • Use plugin version as cache buster
  • Add “Polymorphous ROT47/CSS” to techniques


  • Show warning when incompatible plugins are installed
  • Fixed saving of dismissed notices


  • Offload email detection to web worker
  • Flush WP Super Cache and Cachify when saving settings
  • Ignore emails in admin bar, debug bar and query monitor


  • Avoid fatal error when using PHP 5.5 or lesser


  • Added EAE_REGEXP constant
  • Added eae_email_callback filter
  • Added unprotected email detector to admin bar
  • Respect eae_method filter in shortcode
  • Fixed issue with notices not hiding in some cases
  • Flush page cache when saving settings (W3 Total Cache; WP Rocket; LiteSpeed Cache; JCH Optimize)


  • Fixed Dashboard JavaScript issue
  • Blocked signup for more non-production domains


  • Resolved issue with WordPress 4.7 and older
  • Blocked signup for local domains and IP addresses


  • Avoid fatal error when using PHP 5.3 or lesser


  • Added the ability to get notified when your site contains unprotected email addresses
  • Made EAE_DISABLE_NOTICES check stricter
  • Removed cross-promotion


  • Added option to disable notices and promotions
  • Added activation and uninstall callbacks
  • Added $hex parameter to eae_encode_str() method
  • Added ability to turn off email encoding
  • Various code and UI improvements


  • Made page scanner notice dismissable
  • Only show page scanner notice on Dashboard
  • Added setting for filter priority
  • Added EAE_DISABLE_NOTICES constant to disable all notices and promotions
  • Pass site URL along to page scanner
  • Moved cross-promotion to plugin screen


  • Added user interface
  • Added links to page scanner


  • Prevent potential compatibility issue with other plugins or themes


  • Added [encode] shortcode
  • Require PHP 5.3 to fix deprecation warning


  • Prevented error when eae_encode_emails() doesn’t receive a string


  • Added EAE_FILTER_PRIORITY constant to adjust default filter priority


  • Added filter to override the encoding function
  • Improved randomness of encode-function
  • Improved speed by doing fast @-sign existence check


  • Added filter to override the regular expression.


  • Effects now also page, post and comment excerpts


  • Lanzamiento Inicial