Title: Pixeline's Email Protector Author: pixeline Published: January 23, 2010 Last modified: September 6, 2025 --- Search plugins ![](https://ps.w.org/pixelines-email-protector/assets/banner-772x250.png?rev=1569063) ![](https://ps.w.org/pixelines-email-protector/assets/icon.svg?rev=979985) # Pixeline's Email Protector By [pixeline](https://profiles.wordpress.org/pixeline/) [Download](https://downloads.wordpress.org/plugin/pixelines-email-protector.1.4.0.zip) * [Details](https://mlt.wordpress.org/plugins/pixelines-email-protector/#description) * [Reviews](https://mlt.wordpress.org/plugins/pixelines-email-protector/#reviews) * [Installation](https://mlt.wordpress.org/plugins/pixelines-email-protector/#installation) * [Development](https://mlt.wordpress.org/plugins/pixelines-email-protector/#developers) [Support](https://wordpress.org/support/plugin/pixelines-email-protector/) ## Description This plugin provides an unobtrusive yet efficient protection against email harvesters/ spambots. Here is a [demo](https://pixeline.be/blog/email-protector-demo-4258.html). Post/page authors may write email addresses in their article in the usual format(“ john@doe.com”) without exposing them to spam email harvesters. The plugin takes care of the obfuscation, implementing a graceful degradation technique focusing on usability so as to protect your email addresses from harvesters while keeping them usable to your human visitors. The plugin replaces any email address found in posts, pages, comments and excerpts, and replace them by a bit of html markup that should deceive most email harvesters:` john(replace the parenthesis by @)doe.com`. If javascript is available, it will display a clickable link and display the original email to the human user. Maximum usability, maximum protection. **Please [rate the plugin](https://wordpress.org/extend/plugins/pixelines-email-protector/) if you like it.** ### Usage Write your email addresses inside your posts and pages as usual. When the plugin is activated, it will replace them by a human-readable html string that explains how to deduce the email address, and if javascript is available (99.9% of the time), the original email address will be displayed as a clickable mailto: link. For example: Hello john@doe.com. How are you today? will become John( replace these parenthesis by @ )doe.com. Additionally, you can specify what the mailto: link should look like by sticking a parenthesis inside of which you put the visible link text, like this: ``` Hello john@doe.com(John Doe). How are you today? ``` will become John( replace these parenthesis by @ )doe.com. #### inside a theme If you need to protect emails inside your Theme’s files (like the footer.php for example), you can use the function safe_email() like this: ``` echo safe_email('you@domain.com');

Contribute

``` Github repo: https://github.com/pixeline/pixeline-email-protector ## Installation 1. Unzip the file into your wp-content/plugins directory. 2. In your wp-admin screen, activate the plugin. That’s it, your emails are now safe! Additionally, there is a Settings screen (Email Protector) allowing you you to customize the text that is displayed as a replacement to the email address. ## Reviews ![](https://secure.gravatar.com/avatar/7e66365aa2ebb0381c8941e5ebb27a4a05271ce276fb00a3d14f05a0a4771aff? s=60&d=retro&r=g) ### 󠀁[up-to-date plugin](https://wordpress.org/support/topic/up-to-date-plugin-2/)󠁿 [itforme](https://profiles.wordpress.org/itforme/) October 15, 2025 I was looking for an alternative, more up-to-date plugin. All the others haven’t released any updates for quite some time. Now I have an up-to-date plugin to protect my emails again. It works as described and expected. ![](https://secure.gravatar.com/avatar/b5ee9b0c3f4d3deadb52c8c0fb05373b59351f734f1d34dcf49ee4fbf25e6cad? s=60&d=retro&r=g) ### 󠀁[Works great! A couple of suggestions, however:](https://wordpress.org/support/topic/works-great-a-couple-of-suggestions-however/)󠁿 [ardalanme](https://profiles.wordpress.org/ardalanme/) October 7, 2017 Thanks for creating this plugin! It works great. There are a couple of features, however, that I think should be added. Otherwise, bots will soon learn how to parse the emails you’re protecting. 1. The class name should be customizable on the settings page. 2. The parenthesis should be included in the text that the admin is able to customize. Without these 2 changes, it’s very easy to write a regex that extracts emails. ![](https://secure.gravatar.com/avatar/3592d11c3fe4386a5f0b93105319d6d41cc2b0ebbb295075926cf76e75aa43fe? s=60&d=retro&r=g) ### 󠀁[Great plugin, initial problem w/ using email as text link, but resolved now…](https://wordpress.org/support/topic/great-plugin-initial-problem-w-using-email-as-text-link-but-resolved-now/)󠁿 [Sound View](https://profiles.wordpress.org/lkkuhn/) March 19, 2017 1 reply This plugin ended up working great for me. Initially I had already coded the mailto links. I had used the email address as the text to link to, so that was a problem. I was able to resolve that my removing the mailto link and keeping only the email address and that worked perfectly. Now all email addresses added to the site will be protected. thank you! ![](https://secure.gravatar.com/avatar/3ce1cce6db43060ff122271767f0376fd73ecd0ea5c63df69b8c31dfc5ff041f? s=60&d=retro&r=g) ### 󠀁[Works without problems](https://wordpress.org/support/topic/works-without-problems-3/)󠁿 [jimmyppi](https://profiles.wordpress.org/jimmyppi/) October 23, 2016 1 reply You can also config the text that replaces @ ![](https://secure.gravatar.com/avatar/1591198e869a85d1aac6ef4128700bd7bde5369e944a700b65c9357ba7e2d09c? s=60&d=retro&r=g) ### 󠀁[Does just what I want](https://wordpress.org/support/topic/does-just-what-i-want-1/)󠁿 [sigurdvt](https://profiles.wordpress.org/sigurdvt/) September 3, 2016 1 reply I maintain a web site that has addresses of an organization’s board members. Wanting to better protect them from spam, I tried this plugin and am quite pleased. On the WordPress “Edit Page” for the page in question I enter email addresses in the form myname@myorg.com([Click here to send])* The plugin takes everything in the parentheses and displays that as the link. I’ve told the board members that if they’d prefer, I can do something like myname [at] myorg [dot] com or any variation they’d prefer, for their email address. At the bottom of the page in question I added the text * This site uses an “anonymizer” to protect email addresses from spammers. Click on the text if you want to send someone an email. In many browsers, moving the pointer to the link will give you a popup that displays the actual email address (preceded by “mailto:”). ![](https://secure.gravatar.com/avatar/0e3a651cd9133a074fcd79fd3f38e6e9de6f940d3b6b1811c799dc5ef8806777? s=60&d=retro&r=g) ### 󠀁[Bug fix required](https://wordpress.org/support/topic/bug-fix-required/)󠁿 [CH3man](https://profiles.wordpress.org/ch3man/) September 3, 2016 1 reply The Email Protector plugin is useful but needs amending – domain extensions can now exceed 4 characters in length. e.g. .london [ Read all 8 reviews ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/) ## Contributors & Developers “Pixeline's Email Protector” is open source software. The following people have contributed to this plugin. Contributors * [ pixeline ](https://profiles.wordpress.org/pixeline/) [Translate “Pixeline's Email Protector” into your language.](https://translate.wordpress.org/projects/wp-plugins/pixelines-email-protector) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/pixelines-email-protector/), check out the [SVN repository](https://plugins.svn.wordpress.org/pixelines-email-protector/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/pixelines-email-protector/) by [RSS](https://plugins.trac.wordpress.org/log/pixelines-email-protector/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.4.0 * Security: Fixed stored XSS vulnerability on the Settings page by sanitizing input and escaping output. * Security: Escaped frontend-generated markup (title and visible text) and used safe DOM APIs. * Admin: Migrated options to the WordPress Settings API. * Admin: Changed settings page capability to manage_options. * JS: Rewrote frontend manipulation to use createElement/textContent instead of insertAdjacentHTML. * Meta: Updated “Tested up to” to 6.8.2 and plugin version to 1.4.0. * I18n: Load text domain via load_plugin_textdomain on plugins_loaded. * Widgets: Remove non-existent widget_content; add widget_text_content filter. * Options: Add whitelist and 64-char length cap to substitution string. * Performance: Early exit in content filters when no ‘@’ present. * Assets: Use filemtime-based versioning for the enqueued JS. #### 1.3.7 Enhancement: now filters the Text Widget content. #### 1.3.6 mild fixes. #### 1.3.3 * fixed admin ui #### 1.3.2 * Support for WP 4.7 #### 1.3.1 * improved readme with a Demo + transition to Github + French translation. #### 1.3.0 * Extensive rewrite. * Plugin does not run in the Admin anymore. * The plugin does not need jQuery anymore. Plain vanilla javascript. #### 1.2.6 * Fix bug occurring when there are similar addresses, one being a substring of the other. Thank you, @mkranz ( https://wordpress.org/support/profile/mkranz ) #### 1.2.5 * Stupid error fixed. My bad. #### 1.2.4 * Fixed all notices showing up when WP_DEBUG is true. #### 1.2.3 * Fixed a possible cause of javascript errors on some setups. #### 1.2.2 * Fixed Warnings appearing before comments. #### 1.2.1 * Added filters for get_the_content, get_the_title and get_the_excerpt #### 1.2 * Full code rewrite in OOP to avoid polluting the namespace. * added filters to protect emails in title, widgets, and comments. * Provided a function safe_email($email) to protect emails outside the loop in a theme for example. * Clarified the Settings screen and provided thorough documentation. #### v1.1 * Now detects “mailto:” links and protects them too. #### v1.0.3 * Added the option to specify what should be the visible part of the clickable email by adding a title attribute to the generated Anchor. * Changed the span class from “email” to “pep-email” to (kind of) use the “pep” namespace. #### v1.0.2 * Corrected the plugin’s “Stable version” variable. * fixed folderpath issue because of the wrong foldername the wordpress repository generates for the plugin :-/ #### v.1.0.0 * Initial release ## Meta * Version **1.4.0** * Last updated **7 months ago** * Active installations **900+** * WordPress version ** 2.7 or higher ** * Tested up to **6.8.5** * Language * [English (US)](https://wordpress.org/plugins/pixelines-email-protector/) * Tags * [address](https://mlt.wordpress.org/plugins/tags/address/)[email](https://mlt.wordpress.org/plugins/tags/email/) [harvest](https://mlt.wordpress.org/plugins/tags/harvest/)[obfuscate](https://mlt.wordpress.org/plugins/tags/obfuscate/) [spam](https://mlt.wordpress.org/plugins/tags/spam/) * [Advanced View](https://mlt.wordpress.org/plugins/pixelines-email-protector/advanced/) ## Ratings 4.3 out of 5 stars. * [ 3 5-star reviews ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/?filter=5) * [ 4 4-star reviews ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/?filter=4) * [ 1 3-star review ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/pixelines-email-protector/reviews/) ## Contributors * [ pixeline ](https://profiles.wordpress.org/pixeline/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/pixelines-email-protector/) ## Donate Would you like to support the advancement of this plugin? [ Donate to this plugin ](http://goo.gl/7L2ua)