plugin-icon

HashCash – Proof of Work CAPTCHA

作者:RicheyWeb·
Invisible Proof-of-Work CAPTCHA. No checkboxes, no image grids, no Google, no tracking. Just spam protection that gets out of the way.
anti-spam
antispam
captcha
评级
添加评价
版本
1.0.10
最后更新
Jun 15, 2026

HashCash stops spam by making the visitor’s browser do the work — not the visitor.

While your user fills out a form, HashCash runs a cryptographic proof-of-work calculation silently in the background. By the time they hit Submit, the work is done. No checkbox to click. No images to identify. No third-party service watching over their shoulder.

This is the WordPress port of a Joomla plugin with a 12-year track record — originally released three years before Google launched reCAPTCHA v3. The core idea hasn’t changed: spam protection should be invisible to real users and brutal to bots.

What makes HashCash different:

  • No third-party services. No reCAPTCHA, no hCaptcha, no Cloudflare Turnstile. Nothing phones home.
  • No tracking, no cookies. GDPR and CCPA friendly by design, not by policy.
  • Nothing for users to solve. A brief “Securing this form…” indicator appears while the calculation runs — that’s it. No puzzles, no clicks, no friction.
  • Logged-in users are exempt. Trusted users never see the indicator at all.
  • Adjustable difficulty. SHA-256 at level 1 by default for maximum compatibility. Argon2id available for sites that need state-of-the-art memory-hard hashing.
  • Bot punishment mode. Suspicious behavior triggers difficulty so high the proof-of-work becomes computationally unsolvable. The bot spins forever. Legitimate users never notice.
  • Automatic protection. Works out of the box on WordPress comments, login, registration, lost password, and Contact Form 7. No configuration required.

Supported hash algorithms: * SHA-256 (default — fast, broadly compatible) * SHA-384 / SHA-512 * PBKDF2 * PBKDF2 (64KB) * Argon2id (recommended for maximum security — requires PHP sodium extension)

Works automatically with: * WordPress comment forms * WordPress login form * WordPress registration form * WordPress lost password form * Contact Form 7

Add to any other form:

Use the shortcode [hashcash] to add protection to any form on your site.

Support

For support, feature requests, or custom integrations: https://www.richeyweb.com/

HashCash for WordPress is maintained by Michael Richey — author of the original Joomla HashCash plugin, with over 12 years of proof-of-work CAPTCHA development.

免费基于付费套餐
从这里开始
通过安装,您同意 WordPress.com 服务条款第三方插件条款
目前已测试版本
WordPress 7.0
这个插件是可用的下载,适用于您的站点。
下载