Skip to content

How to Configure WPBruiser and Stop Spam on Your WordPress Site

If you’ve been running your own WordPress site for any length of time, dealing with spam is probably high on your list of the most annoying things you have to worry about. Luckily, your not alone. The WordPress community has already come up with some great solutions for this problem. The WPBruiser plugin (formerly Goodbye CAPTCHA) is our favorite plugin for dealing with spam and boosting the security of your site. Once you have it installed, here’s how to navigate and configure the settings:

  • If you haven’t already, log in to your WordPress dashboard, and select “WPBruiser”>”Settings” from the left side-bar menu.
    (click to enlarge)

    (click to enlarge)

     

     

  • Settings Tab: This tab is where you can control the WPBruiser’s most general settings. Currently, we don’t see any reason to change these from the default settings show, so there’s not much on this page that you should need to worry about.
    (click to enlarge)

    (click to enlarge)

     

  • Security Tab: The security tab allows you to determine which IP address you’d like to block. An IP address is a specific number that’s issued to you by your internet service provider. Think of it like your WiFi’s phone number. We’d recommend clicking all the boxes on this page.  Automatically blocking an IP address that’s executing a brute force attacks on your site is always a good idea. It’s good to know, however, that this step won’t protect you entirely. Hackers have ways to disguise and hide their IP addresses, and would still be able to access your site from a public library or coffeeshop. We’d also recommend copy-and-pasting your own IP Address into the “Add to WhiteList” field. This will make sure that WPBruiser doesn’t think you’re ever trying to hack into your own site, and never sees a network you know is safe as a threat.
    (click to enlarge)

    (click to enlarge)

  • WordPress Tab:  For this tab, we’d recommend clicking all 4 boxes at the top which will provide additional protection agains your site’s admin pages. The rest of the settings can remain as is, keeping an eye out to avoid checking “Completely Disable XML-RPC” which will prevents WordPress from working on mobile apps.
    (click to enlarge)

    (click to enlarge)

  • Contact Forms Tab: If you’re getting spam from a contact form installed on your site, this tab is where you’d prevent that. Click the box to protect jetpack or any other contact form plugin you’re using.
    (click to enlarge)

    (click to enlarge)

  • Membership Tab: If your sites allows readers to become members and create a username and login, you can protect against spam signups here. If your site doesn’t have this capability here, go ahead and leave these boxes unchecked.
    (click to enlarge)

    (click to enlarge)

  • Others Tab: The others tab allows you to choose if you want other plugins already installed on your site to be protected as well. In this case, it gives me the option to extend coverage to my MailChimp plugin.
    (click to enlarge)

    (click to enlarge)

  • Notifications Tab: This tab allows you to determine under what circumstances WPBruiser will send you an email. You can choose to be notified every time an administrator logs into your site, or just when the plugin detects a “Brute Force Attack”. You can also edit where these emails are sent if the site owner and developer are different people.
    (click to enlarge)

    (click to enlarge)

  • Extensions Tab: This tab is where you can purchase and add premium extensions for other plugins you might have installed on your site. WPBruiser is a “freemium” plugin, which means that using it for more complex WordPress sites will start to cost you a little. Their paid extensions are under $10 for an unlimited license, which is pretty reasonable if something like WooCommerce is a central part of your site.
    (click to enlarge)

    (click to enlarge)

  • Reports Tab: WPBruiser allows you to see in real time when it’s protecting your site from Spam and brute force attacks. The reports tab offers a graph and detailed list of the times it prevented an attempted security breach and lists the IP addresses that made the attempt.
    (click to enlarge)

    (click to enlarge)

     

    Once you start making changes to your settings, don’t forget to click “Save Changes” at the bottom of every screen. While we’ve had success using WPBruiser on our sites, it’s definitely changed a lot since we installed it as Goodbye CAPTCHA. If you have tips on how you’ve used it successfully on your site, please tell us in the comments!

Yay! 🎉 You made it to the end of the article!
Harper Phillips

2 Comments
Most Voted
Newest Oldest
Inline Feedbacks
View all comments
Neal Umphred
July 11, 2020 7:09 pm

Thanks for (1) the advice on the WPBuffer ettings and (2) on making that advice readable.

Jim Bolger
July 4, 2017 5:02 pm

Thank you! I appreciate this post!

Or start the conversation in our Facebook group for WordPress professionals. Find answers, share tips, and get help from other WordPress experts. Join now (it’s free)!

2
0
Would love your thoughts, please comment.x

Most Searched Articles

Best JavaScript Libraries and Frameworks: Try These 14 in 2024

In this post, we look at the best JavaScript libraries and frameworks to try out this year. Why? Well, with JavaScript being available in every web browser, this makes it the most accessible programming language of ...

20 Best Free WordPress Themes for 2024 (Responsive, Mobile-Ready, Beautiful)

If you're looking for only the best free WordPress themes in the market for this year, then you're in the right place. We have more than enough such themes for you right ...

12 Best WordPress Hosting Providers of 2024 Compared and Tested

Looking for the best WordPress hosting that you can actually afford? We did the testing for you. Here are 10+ best hosts on the market ...

Handpicked Articles

How to Make a WordPress Website: Ultimate Guide for All Users – Beginners, Intermediate, Advanced

Many people wonder how to make a WordPress website. They’ve heard about WordPress, its incredible popularity, excellent features and designs, and now they want to join the pack and build a WordPress website of their own. So, where does one get ...

How to Start an Ecommerce Business: Ultimate Guide for 2024

Is this going to be the year you learn how to start an eCommerce business from scratch? You’re certainly in the right place! This guide will give you a roadmap to getting from 0 to a fully functional eCommerce business. ...