Full site protection for your email addresses from spam-bots, email harvesters and other robots. No configuration needed.
It also protects phone numbers or any other text using our integrated
[eeb_protect_content] shortcode or href attribute encoding.
- Full page protection for all of your emails
- Instant results (No confiruation needed)
- Protects mailto links, plain emails, email input fields, RSS feeds and much more
- Protect phone number links, ftp, skype, file and other custom link attributes
- Autmoatic protection technique detection (Our plugin chooses automatically the best protection technique for each email)
- Exclude posts and pages from protection
- Automatically convert plain emails to mailto-links
- Automatically convert plain emails to png images
- Supports rot13 encoing, escape encoding, CSS directions, entity encoding and much more
- Deactivate CSS directions manually for browser backwards compatibility
- Shortcode support:
- Template tag support:
- Protect phone numbers (or any text or html)
- Also supports special chars, like é, â, ö, Chinese characters etcetera
- Use the Encoder Form to manually create encoded scripts
- The plugin works with mostly any theme and plugin. Some special ones need special treatment. Down below you can learn more about that.
- Compatible with the Maintenance plugin from WP Maintenance
- Divi Theme is fully integrated as well
- Jetpack Image carousel is compatible as well
Free Website Check
We offer you a free tool to test if your website contains unprotected emails. You can use our website checker by clicking here
Easy to use
After activating the plugin all email addresses on your website will be protected out-of-the-box.
We also offer custom shortcodes and template functions to protect phone numbers or other text.
- Documentation – After plugin activation, check the help tab on the plugin options page
- Documentation on wpemailencoder.com
Like this plugin?
- Title icon on Admin Options Page was made by Jack Cai
- Go to
Pluginsin the Admin menu
- Click on the button
- Search for
Email Encoderand click ‘Install Now’ or click on the
uploadlink to upload
- Click on
- You will find the settings page unter “Settings -> Email Encoder” within your admin dashboard
How can I test if an email address (or other content) is encoded?
You can test this in three different ways.
The easiest (and most efficient) way is to use our website checker, which looks over your website and detects unprotected emails. It is completely free and you can find it here on our website.
The second possibility is to enable the plugin option (in the admin panel) called “Security Check”.
When you are logged in and look on the page there will be a icon on the right side of each email address confirming it was successfully encoded. (This counts only for emails that are displayed within the body tag as HTML. Emails within data attributes or the header won’t show this icon since otherwise the site breaks.)
The third possibility is to check the source code yourself by right-clicking on the page and select View Source Code (the exact text depends on the browser).
Now your (real) source code will be shown. Your email address should not be shown in a readable way in the source.
Important: in the element inspector of the browser the email address is nearly always shown, so don’t worry about that. That is because the inspector shows a real time representation of the page. This means an encoded email address is already decoded and made usable for the visitor of the page.
How do I encode my email address(es)?
All email addresses are protected automatically by default, so it is not necessary to configure anything else.
In case you wish to customize it, we also offer some neatsettings, shortcodes and template functions. Please check the settings page within your WordPress website or our documentation
The visitors will see everything as normal, but the source behind it will now be encoded.
For more information, please check out the following page
How do I encode phone numbers or other text?
Just use the following shortcode within your posts:
For other parts of your site you can use the template function
My website looks broken after activating the plugin. What to do?
First: Don’t panic!
Simply create a support request within the support forum and we will come back to you as soon as possible with help.
How can I encode content of BBPress, WP e-commerce or other plugins?
Every content will be automatically protected. In case you find something, that doesn’t work from your end, we are very happy to help!
Our plugin is fully compatible with WP Webhooks and plugins created via Pluginplate
Can I use special characters (like Chinese)?
Yes, since version 1.3.0 also special characters are supported.
Contributors & Developers
“Email Encoder – Protect Email Addresses and Phone Numbers” is open source software. The following people have contributed to this plugin.Contributors
“Email Encoder – Protect Email Addresses and Phone Numbers” has been translated into 2 locales. Thank you to the translators for their contributions.
Translate “Email Encoder – Protect Email Addresses and Phone Numbers” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
2.1.5: May 10, 2023
- Feature: New advanced settings to protect admin and ajax requests
- Feature: New advanced setting to enable the Email Encoder form within the frontend
- Tweak: Better validation for script tags
- Tweak: Changed old links from ironikus.com to wpemailencoder.com
- Tweak: Optimzied the Encoder Form logic to save performance
- Tweak: Various performance optimizations
- Tweak: Deprecated the “Activate the encoder form” setting
- Fix: In some occasions, backenbd sites did not work correctly with buffered content
2.1.4: April 06, 2023
- Provided compatibility for HTML attributes that start with an @ character ()
- Excluded additional file types from auto-encoding of images containing the @ sign: webp, bmp, tiff, avif
- Deprecated the widget filter as it was of no use anymore
- Fix deprecated preg_split message about the $limit set to null
2.1.3: February 04, 2021
- Tweak: Email Encoder runs now on its own website: https://wpemailencoder.com/
- Tweak: The eeb_mailto function now supports the default encoding methods if no specific method is given
- Tweak optimized text and descriptions
- Fix: Prevent error with undefined $id_base property
2.1.2: July 30, 2021
- Fix: Prevent notice on undefined post within the global object
- Fix: Revalidate Display Text for the frontend encoder form (via [eeb_form] or eeb_form();) to prevent userbased cross site scripting
- Fix: Fatal error if the content was not given
- Tweak: Centrlalized encoding icon for a better usability
- Dev: New filter eeb/validate/get_encoded_email_icon to cusotmize the encoding icon
2.1.1: April 07, 2021
- Tweak: Added svg images to the image exclude list
- Dev: New filter eeb/validate/excluded_image_urls to filter the excluded image list
- Feature: New advanced setting to automatically protect custom link attributes such as tel:, file:, ftp:, skype:, etc. (Protect custom href attributes)
- Tweak: Adjust JS documentation
- Tweak: Adjust readme file
- Fix: Issue with not properly validated soft-encoded attribute tags on the dom attributes
- Fix: Issue with not properly validated soft-encoded attributes on special softencoded tags for the content filter
- Tweak: Optimized performance for soft attribute filtering
- Dev: Added new filter to allow customization of the mailto text: https://wpemailencoder.com/filter-email-encoder-mailto-text/
- Feature: The shortcode [eeb_protect_content] now supports a new attribute called do_shortcode=”yes” which allows you to execute all shortcodes within the given content area
- Tweak: Add new link for the Email Checker (Allows you to check if all of your emails are being encoded)
- Tweak: Optimize layout and texts
- Fix: The documentation link on the settings page was not working
- Dev: The eeb/frontend/shortcode/eeb_protect_content filter now contains a new variable called $original_content (https://wpemailencoder.com/filter-eeb_protect_content-shortcode/)
- Feature: Underline emails that are converted to an image (Cutsomizable)
- Feature: Integration for the Google Site Kit plugin – https://wordpress.org/plugins/google-site-kit/
- Feature: Integration for the events calendar plugin – https://de.wordpress.org/plugins/the-events-calendar/
- Tweak: Softening the regex to recognize spaces before the closing tags
- Feature: We fully removed all external marketing advertisements! Enjoy our plugin without distrations! 🙂
- Feature: Full support for Oxygen builder
- Tweak: Optimize PHPDocs and comments
- Tweak: Optimize is_post_excluded functionality
- Dev: New filter: eeb/validate/filter_page_content – https://wpemailencoder.com/filter-to-manipulate-raw-page-content/
- Dev: New filter: eeb/validate/filter_content_content – https://wpemailencoder.com/filter-to-manipulate-raw-hook-content/
- Dev: New filter: eeb/validate/is_post_excluded – https://wpemailencoder.com/filter-excluded-posts-list/
- Dev: New filter: eeb/settings/pre_filter_fields – https://wpemailencoder.com/pre-filter-email-encoder-settings/
- Feature: Soft-Encode all HTML tags + new settings item (This will prevent complex plugins from breaking)
- Feature: Exclude script tags from being encoded
- Fix: Revalidate and strip escape sequences for encode_escape function
- Fix: Return shortcode content of eeb_mailto instead of outputting it
- Feature: Integration for Divi Theme included
- Tweak: Optimize Jetpack integration to also filter against image attribute description tags
- Tweak: Soft-filter html placeholder tags
- Tweak: Allow template tags to work as well with the plugin settings set to “Do nothing”
- Fix: Only one match of the soft attributes was soft encoded properly
- Fix: The escape js function stripped away all zeros from emails
- Feature: New settings item to include custom scripts within the footer and not in the header
- Feature: Support for the “Maintenance” plugin from WP Maintenance
- TweaK: Remove our main translation handler to make plugin translations on WordPress.org available again.
- Tweak: Optimize PHP code to WordPress standards
- Tweak: Enqueue dashicons as well if only “show_encoded_check” is checked and protection is set to “Do nothing”
- Tweak: Make eeb_mailto link available with protection set to “Do nothing” as well
- Fix: WP CLI did not work with this plugin in an active state (Due to the active buffer filter)
- Fix: Emails have been not encoded properly if “Do nothing” was chosen as a setting and the eeb_mailto shortcode was used
- Fix: Include missing template functions requirement
- Tweak: Clear languages
- PLEASE READ BEFORE UPDATING
- THIS IS A COMPLETELY REFACTORED VERSION OF THE PLUGIN. EVEN WITH INVESTING TONS OF TIME INTO MAKING THIS PLUGIN AS MUCH BACKWARDS COMPATIBLE AS POSSIBLE, WE WOULD STILL APPRECIATE IF YOU TEST THIS VERSION BEFORE YPU UPDATE.
- THE PLUGIN GOT A COMPLETE OVERHAUL AND OFFERS NOW MORE OPTIMIZED FEATURES AND A SUPER SIMPLE USER INTERFACE. PLEASE FIND ALL CHANGES DOWN BELOW.
- Feature: Completely rewritten version of your beloved plugin
- Feature: Introduce FULL SITE PROTECTION (Automatically protect ALL emails within your page)
- Feature: Simplified settings (We cleaned the settings a lot, but you can still get some your old settings page back by activating the advanced checkbox 🙂 )
- Feature: Feature to automatically detect the best protection method
- Feature: Choose from four new settings the strength of your protections
- Feature: Added admin security check icon to encoded input fields and encoded plain emails/texts, as well as to all shortcodes
- Feature: Also protect every single shortcode content
- Feature: Create images out of email addresses
- Feature: Protect header section automatically
- Feature: Added and refactored shortcodes. For a full list of shortcodes, please check this article: https://wpemailencoder.com/available-shortcodes/
- Feature: Setting to deactivate the Encoder Form completely
- Feature: Choose converting plain emails to mailto links as an additional feature
- Feature: Change filter apply from “wp” to “init” (This allows you to also grab some ajax values to parse them directy encoded)
- Feature: Website checker to search your site for unprotected emails. Follow this URL for more information: https://wpemailencoder.com/email-protection-checker/
- Tweak: Backward compatibility to the new plugin settings
- Tweak: Completely performance optimized (We removed everything that is not necessary, included a better object caching and much more)
- Tweak: Optimized filter combinations
- Fix: The old logic broke some email encodings, especially with custom tags. We fixed all of them
- Fix: We fixed tons of bugs from the previous version
- Dev: Code rewritten on the newest WordPress standards
- Dev: Tons of new WordPress filters and actions. For a full list, please check https://wpemailencoder.com/
- Deprecated: We removed the deprecated functions. Please make sure to update your custom logic to the newest standards.
- PLEASE READ BEFORE UPDATE
- THIS PLUGIN WILL BE REFACTORED WITH THE NEXT UPDATE
- TO PREPARE YOURSELF, YOU WILL FIND A LIST DOWN BELOW WITH THE CHANGES THAT AWAIT YOU
- The plugin will be simplified using automatically the best protection for your site
- The plugin will protect yout site out-of-the-box
- We introduce a site-wide protection, not only based on WordPress shortcodes (This includes protection for your FULL site)
- The plugin structure will be optimized using the current WordPress standards
- Switch between full site protection and only WordPress filters
- (Optional) Protect emails by converting them to PNG images (where applicable)
- Tons of bugfixes
- All settings will be fully compatible in any combination
- The encoding form will continue to exists
- All settings that have been available in the old version and will be available in the new version are backwards compatible
- Display admin notice to all encoded emails (where applicable)
- THE UPDATE WILL BE LAUNCHED WITHIN OCTOBER
- Tweak: Introduce our new partner MailOptin
- Tweak: Add popup window for admin success message of hidden email
- Fix: Fix bug for non-available antispambot() function
- WP Webhooks takes over development (https://wp-webhooks.com)
- minor bug fixes
- 161,000 downloads; 30,000 installs
- Fixed bug retina png and gif images
- Fixed ? params bug
- Fixed skip responsive images containing @
- Changed content
- Fixed potential xss vulnerability
- Fixed bug prefilled email address in input fields
- Added option protection text for encoded content (other than email addresses)
- Fixed bug unchecking options “use shortcode” and “use deprecated”
- Fixed bug index php error
- Added filter for Encoder Form content (eeb_form_content)
- Added filters for changing regular expression for mailto links and email addresses
- Fixed bug don’t encode when loading admin panel
- Fixed bug wrong “settings” link
- Fixed bug removing shortcodes RSS feed
- Fixed PHP support (same as WordPress)
- NOW ONLY SUPPORT FOR WP 3.4.0+
- Fixed bug deleting setting values when unregister (will now be deleted on uninstall)
- Fixed bug also possible to set protection text when RSS disabled
- Fixed bug saving metaboxes settings
- Added option support shortcodes in widgets
- Added option removing shortcodes for RSS feed
- Removed “random” method option
- Changed names for action and shortcode (prefixed with eeb_), optional the old names will still be supported
- Added template function for creating the encoder form
- Changed class en id names of the Encoder Form
- Added screen settings
- Registered metaboxes
- Fixed bug random method
- Workaround for display with special characters (like Chinese), works only with enc_html
- Option to make own menu item (in admin panel) for this plugin
- Option for showing “successfully encoded” check
- Fixed bug showing errors for calling wrong translate function
- Fixed bug always showing encoded check on site (for html encode method)
- Added workaround for saving disabled checkboxes in options table
- Fixed bug where encoded check was also applied on output of encoding form
- Fixed bug with extra params
- Changed texts and added help tabs on admin options page
- Changed visual check for encoded mails/content by showing icon and success message
- Solved that all attributes of mailto links remain when encoding
- Added hook “init_email_encoder_form” to add custom filters (of other plugins)
- Solved reinstalling bug for setting right encoding method
- Fixed bug shortcodes encoded with HTML method
- Added encode method for all kind of contents (template function and shortcode “encode_content”)
- Added extra param for additional html attributes (f.e. target=”_blank”)
- Added option to skip certain posts from being automatically encoded
- Added option custom protection text
- Removed “method” folder. Not possible to add own methods anymore.
- Other small changes and some refactoring
- Widget Logic options bug
- Fixed bug by improving regular expression for mailto links
- Changed script attribute
- Script only loaded on options page (hopefully this solves the dashboard toggle problem some people are experiencing)
- Added support for widget_content filter of the Logic Widget plugin
- Added option for setting CSS classes
- Improved RSS protection
- Removed Lim_Email_Encoder class (now all handled by the main class)
- Enabled setting checkbox for filtering posts
- Fixed PHP / WP notices
- Added param for encode methods: $obj
- Fix IE bug
- Bug plain emails
- Optional “method” param for tag and template function, f.e. [encode_email email=”firstname.lastname@example.org” method=”ascii”]
- Small adjustments
- Fixed tiny bug (incorrect var-name $priority on line 100 of email-encoder-bundle.php)
- Added protection for emails in RSS feeds
- Improved filtering tags [encode_email … ]
- Improved ASCII and Escape method and added noscript message
- Solved an option bug (encode mailto links VS encode plain emails)
- Made some cosmetical adjustments on the options page
- Code refactoring
- First decodes entities before encoding email
- Added more wp filters for encoding
- Made some minor adjustments and fixed little bugs
- Implemented internalization (including translation for nl_NL)
- Improved user-interface of the Admin Settings Page and the Encoder Form
- Added template function: encode_email_filter()
- Kept and added only high-quality encoding methods
- Refactored the code and changed method- and var-names within the classes
- Removed 3rd param $encode_display out of the encoding methods, display should always be encoded
- Added prefix ‘lim_email_’ to the encoding methods
- Nothing changed, but 0.11 had some errors because /methods directory was missing in the repository.
- also possible to use encode tag in widgets by activating the “filter widget” option
- Works with PHP4 and PHP5
- Methods: default_encode, wp_antispambot, anti_email_spam, email_escape, hide_email
- Use the tags:
[email_encode email=".." display=".."],
- Template function: