Email Address Security by WebEmailProtector


Welcome to WebEmailProtector’s Email Address Security Plugin for WordPress.

WebEmailProtector is an Email Address Encryption service that protects any email address listed on your website from being seen or scraped by non genuine users, preventing leakage at source.

Just Register the Emails you want to use, Validate that everything is set up and then place the email in Square Brackets [] anywhere on you site and the Plugin will do the rest.

What is it ?

Spam, emails with viruses, malware, phishing and ID theft are annoying at minimum and costly at worst.

More than just obfuscation, our unique technology replaces your public facing Email Address with an IES secured Email Address Encryption Key. It provides the strongest email address anti-harvesting protection available.

When used on your website bona-fide visitors are still able to contact you seamlessly with one click. Exactly the same way a normal email can be clicked on your site. But non genuine & black-listed users, harvesters and bots blocked.

And now you can take your site further : more confidently listing multi-point contacts without fiddly Contact Forms and annoying Captcha’s, making your site more engaging and your business more connected.

What does it do?

Using our service your Email Address is no longer available publicly on your website, instead, it is replaced by an Email Address Encryption Key.

This key is your own unique 20 character IES based Cryptographic Hash Function (CHF) encryption code and replaces any email address. This is seamless: without needing to do anything special to your, or your visitors, email tools.

Our 24/7 cloud-based service detects who and what is trying to access the Address Key on your site, and then uses algorithms to validate whether this request is being made by a bonafide visitor. If so, the email is provided as the Address Key is swapped for your Email Address, if not it’s not released and access to it disabled.

In the background our algorithms check multiple points using a robust Artificial Intelligence (AI) derived IES method including searching global blacklists and checking heuristics.

Using a combination of secure on-page encryption and authenticated release enables us to offer the strongest level of security available. It all happens seamlessly in the blink of an eye so it does not slow down the email experience. And just in case you were wondering, we do not see or track the email itself, we only authorize the release of your address so your privacy is protected.

How to Install ?

We’ve made it ultra simple to install and use. Just follow the instructions on the GET-A-KEY page to register your email and generate your unique Email Address Encryption Key.

Once your email is confirmed, we will generate your unique Key, and send full instructions on how to use on your web site. It’s as quick and simple as that.

This plugin for WordPress makes it even easier to manage the service on your site.

Check Out Your Site

As a start why not check how secure your existing pages are using our email finder tool at

More Information

Please see more at and our Questions & Answers at


  • This plugin is provided to more conveniently manage the WebEmailProtector service on your WordPress pages.
  • Access to the associated WebEmailProtector service itself is offered FREE for a trial period of 1 month, and no payment details are required.
  • Visit for more details regarding definitions and subscription pricing options.

How do you use it?

After installing the Plugin, just Register the Emails you want to use, Validate that everything is set up and then place the email in Square Brackets e.g. [] anywhere on you site and the Plugin will do the rest.


  • HTML4/5 compliant is compatible with all known browsers/devices including:
  • Browsers: Internet Explorer, Safari, Google Chrome, Mozilla Firefox & Opera
  • Platform: Windows, Linux, Apple iOS & Android
  • Devices: PC, Tablets & Phones including: Blackberry, Apple iPad iPhone


  • This is a screenshot of the WebEmailProtector WordPress plugin administration panel once installed. Note the secured email address appears in RED until the email is verified, when it turns GREEN.
  • This is a screenshot of example html text code showing what a standard or unprotected linked email address looks like on a web page, hence why it is easy to "scrape".
  • This is a screenshot of example html text code showing what a webemailprotector linked email address looks like on a web page (the real code has been replaced with ####-####-####-####), can no longer be scraped.
  • This is a screenshot showing how both the above would appear to a webpage visitor.


  1. Go to Plugins in the Admin menu
  2. Click on the button ‘Add New’
  3. Search for WebEmailProtector and click ‘Install Now’ or click on the upload link to upload
  4. Click on Activate plugin
  5. Click on the Settings->WebEmailProtector menu
  6. Follow the instructions on the settings page to enter the “secured email addresses” and “display text”
  7. Register each email address at
  8. Validate each email addresses on the settings menu
  9. To use the protected email address(es) anywhere on your site either write them on a page using square brackets e.g. []
    or within WordPress Link elements e.g.


What is it?

Email address harvesters operate by using software “scrapers” or “click through” staff to steal email addresses directly from web-site pages.
Using our service prevents this as your email addresses no longer need to be listed directly on your web-site. Instead
they are hidden away from your site. We then only release the address after
we are sure it is not being accessed improperly. Because of this it becomes invisible to harvesters and machines and yet is completely
visible to bona fide users.

How does a WebEmailProtector secured email address appear?

The secured email address appears on a site like this: ” <a href=’JavaScript:emo();’ >Any Text </a >”
(you can change what it says and how it looks)
whereas a non protected email address usually appears like this:” <a href=’’ > </a >”.
Both operate when you “click”, but only the former is safe.

Why is it better than a Contact Form?

Contact Forms are effective in dealing with both human and machine based harvesting, unless you ever want to use email auto responders of course
as this gives your identity away.
However the real problem is that all the form filling can annoy and therefore dissuade real users from getting in touch – effectively putting a
barrier between you and your users in your most important communications channel – email

Why is it better than Captcha codes?

Captcha codes are effective in dealing with machines but not with users who simply click to reveal your address.
And the other main issue is that they are very very annoying to real users and can heavily dissuade communications with you – so are effectively
putting a barrier between you and your wanted users.

Why is it better than ‘free’ address encoder?

Although at first they may appear effective as your ‘mailto:’ text is no longer obvious to the eye within your HTML code. Encoders and encrypters,
‘free’ or otherwise, have to be built so that they can be interpreted by any web-browser using standard HTML. And this is the nature of there
They are more or less complex but involve a Java/JavaScript sequence munger or character set coder. But to cut a long story short if your browser
understands them so can any harvesting software.
So it’s actually quite simple for encoded email addresses to be interpreted and harvested using standard software libraries and methods.

How is the email protected?

We provide protection as the email address is never listed or disclosed on your website. Instead WebEmailProtector detects who and what is trying to access
the email link on your site at the time of “clicking”, and then deploys algorithms to validate whether this request is being made by a credible, bona-fide visitor.
The algoriths check multiple points about the request using our robust, proven Artifical Intelligence (AI) derived method.
After running the validation process, the email address is only returned if certain criteria are met and others not broken.

What do you get for the FREE trial?

You get the full service free for 1 month, with exactly the same protection as offered with a paid up subscription.
There is no obligation to purchase, but at the end of the trial we are confident that you will see a reduction in volume of new email
spam originating from your web site. At the end of the trial we would also ask you to complete a 10 question survey on how you found
installing and using it.
Please note that as its a trial you only get it once per email/website for you to try unless otherwise agreed with us.

How do you subscribe following the trial?

Once your trial is coming to an end we will send you an email detailing what you have to do to continue the services. You need do nothing if you are
a non commercial site. All payments can be made on-line using PayPal. the more people that use it the more we can keep prices down. More details at

How can you check if you are protected?

Once installed, click on your Email and your installed email tool should open as normal. If you really want to check your email is no longer
listed view your web site in text mode (e.g. pressing the F12 key in your Internet Explorer/Google Chrome/Firefox web browser) and search for
your email address or the mailto: reference. It should no longer be there. And finally check out your site using our email finder tool at


يناير 9, 2019
I think that this plugin is quite good. Unlike the other choices it does actually securethe email address - whearas I can't see how the others available work, I don't think they do??? And I'm a php/ajax developer. So would recommend. Slightly fussy to set up (but really not that difficult if you read the instructions - like one of the other reviewers said). so I'm pleased with it - D
فبراير 3, 2017
Useful plugin! Plus: the support is very compent and they answer prompt. Thank you!
Read all 13 reviews

Contributors & Developers

“Email Address Security by WebEmailProtector” is open source software. The following people have contributed to this plugin.




  • 6th Nov 2020
  • Tested for WP 5.5.3
  • Minor bug fixes for Verification


  • 8th Sept 2020
  • Tested for WP 5.5.1
  • Minor bug fixes for Verification


  • 13th July 2020
  • Reverted back to standard 1.5x JQuery with JavaScript as v3.2.0 with JQuery 3.x broke the functionaility on some sites


  • 9th July 2020
  • WP Uses such an old insecure JQ (v 1.5x) that the latest Plugin Release had call issues, breaking some users
  • Updated the header function to add the latest JS 3.5.1 from CDN


  • 8th July 2020
  • Major Update to everything
  • New Security Mechanisms
  • New Forms
  • New Branding
  • New Server Side Database Structure


  • 17th Jun 2020
  • Upgraded and check to WP v5.4.2
  • Started to migrate to New Branding


  • 12th July 2019
  • Upgraded and check to WP v5.0.3
  • New Images Added


  • 9th Jan 2019
  • Upgraded and check to WP v5.0.3
  • New Images Added


  • 29th Nov 2018
  • Upgraded and checedk to WP v5.0.2


  • 14th Aug 2018
  • Upgraded and checked to WP v4.9.8


  • 14th Aug 2018
  • Upgraded and checked to WP v4.9.8


  • 29th Jan 2018
  • Improved site URL detection logic to prevent false assumptions
  • Upgraded and checked to WP v4.9.2


  • 14th Dec 2017
  • Corrected bug with validation over HTTPS


  • 13th Dec 2017
  • Upgraded and checked to WP v4.9.1


  • 15th Aug 2017
  • Upgraded to WP v4.8.1


  • 3rd April 2017
  • Minor update as stable tag was wrong


  • 31st March 2017
  • Upgraded to WP v4.7.3
  • corrected issue of email getting invalidated on copy and paste in email box


  • 25th Feb 2017
  • Upgraded to WP v4.7.2
  • new add_filter method to run on whole post processed content
  • Implmented css icon to WEP email calls


  • 17th Jan 2017
  • Upgraded to WP v4.7.1
  • Remove and _target and subject style field for email calls
  • Added icon to WEP email calls


  • 19th Oct 2016
  • Apply morphing add_filter on whole site


  • 26th Sept 2016
  • Upgraded to WP v4.6.1


  • 6th June 2016
  • Upgraded to WP v4.5.2
  • Added https SSL/TCN support for secure sites


  • 28th April 2016
  • Upgraded to WP v4.5.1
  • Updated registration links making FREE resgitration an option


  • 22nd February 2016
  • Upgraded to WP v4.4.2


  • 27th September 2015
  • Upgraded to WP v4.3.1


  • 16th June 2015
  • Moved headerscript to enque in footer to speed up


  • 17th May 2015
  • Upgraded to WP v4.2.2
  • Added REGISTER as a link


  • 9th April 2015
  • Added register button to admin table to directly access addresses
  • Improved top section layout
  • Made on hover class for buttons


  • 17th March 2015
  • Added new title for plugin to improve searchability
  • Slightly reworded pricing to make clearer


  • 19th Feb 2015
  • Changed install use text to add link replacement instructions
  • Removed validation bug when adding new email


  • 17th Jan 2015
  • Upgraded to work with WP theme TwentyFifteen and the like that do not pass shortcodes from Social Menu
  • Corrected various text and added updated logo on Settings Menu


  • 6th Jan 2015
  • Upgraded to be compatible with WPv4.1
  • Added email response confirmation of version activation & verification


  • 5th Dec 2014
  • Updated assets images


  • 2nd August 2014
  • Added more info on free for Not For Profits
  • Added http search tool link


  • 21st June 2014
  • Sorted header issue due to lingering old release in CSV


  • 13th June 2014
  • Improved description text in the main .php


  • 6th June 2014
  • Improved installation instructions


  • 28th May 2014
  • Updated validation text to make it easier to understand
  • Updated validation process to change validation state and remove old code if fails
  • Updated add_filter(content) command to only change content text to call if valid
  • Updated add_filter(content) to fix issue with unchanged pages not being written out
  • Added add_filter(widget) to also replace text in widgets – special forms, headers, themes etc


  • 9th May 2014
  • Updated description text


  • 6th May 2014
  • First release onto WordPress sites