WordPress.org

Slovensko

Get WordPress
WordPress.org

Plugin Directory

Opportify Fraud Protection

Opportify Fraud Protection

Od Opportify
Stiahnuť

Popis

Opportify Fraud Protection stops fake sign-ups, form spam, bot submissions, and fraudulent leads on every WordPress form. It works silently, in real time, with no friction for real users.

Unlike CAPTCHA, which frustrates genuine visitors and is easily bypassed by modern bots, Opportify works invisibly in the background. It analyzes over 100 signals per submission: behavioral patterns, device fingerprints, email risk, IP reputation, and VPN or proxy detection. Each submission is scored so you can automatically allow, flag, or block it.

Who This Is For

WordPress site owners and marketers tired of spam flooding their contact forms, fake leads cluttering their CRM, or bots registering fake accounts.

WooCommerce store owners who need to stop fraudulent checkouts, fake account registrations, and disposable email sign-ups before they cause damage.

Developers and agencies who want an API-backed, code-configurable fraud layer with per-integration control, risk metadata on entries, and support for version-controlled config files.

Security and operations teams who need explainable risk scores with a per-submission breakdown of every contributing factor.

Why Not Just Use CAPTCHA?

CAPTCHA hurts conversion rates for real users and is routinely bypassed by modern bots. Opportify takes a different approach: it observes behavioral signals before the form is even submitted, analyzes every signal at the moment of submission, and delivers a risk verdict your site can act on. All of this happens in under a second, with no puzzles, no friction, and no false positives for legitimate visitors.

What It Detects

  • Disposable and temporary email addresses
  • High-risk and known-fraud email domains
  • VPN, proxy, Tor exit node, and datacenter IP addresses
  • Bot and automated browser behavior
  • Device fingerprint anomalies
  • Geographic and velocity anomalies
  • Mismatched or suspicious behavioral signals

Risk Levels

Every submission receives a score and one of five plain-language risk levels:

  • Lowest and Low: Healthy submissions from genuine users with clean signals.
  • Medium: Worth a closer look, but not necessarily fraudulent.
  • High and Highest: Risky submissions. Likely spam, bots, or fraud. Block or flag automatically.

Per-Integration Actions

For each supported form plugin, you can independently configure what happens at each risk level:

  • Allow: The submission proceeds normally.
  • Flag: The submission proceeds, but the risk score, level, and contributing factors are saved as metadata visible in WP Admin.
  • Block: The submission is rejected with a customizable error message.

Supported Form Integrations

Supported Newsletter and CRM Integrations

Key Features

  • Real-time fraud and spam detection on every form submission
  • Client-side behavioral fingerprinting via the Opportify JS SDK (loads automatically, no configuration needed)
  • Server-side AI analysis via the Opportify Fraud Protection API
  • 5-level risk scoring with explainable contributing factors
  • Per-integration configuration: set different rules for contact forms, registrations, and checkouts independently
  • Reports dashboard with risk distribution charts, submission log, and health checklist
  • Risk metadata columns in WP Comments, Users, and WooCommerce Orders list tables
  • Config file support (opportify-config.php) for DevOps, Bedrock, Trellis, and staging pipelines
  • Skip admins option to avoid false positives during development and testing
  • Automatic log cleanup via WP-Cron (configurable retention, default 30 days)
  • Compatible with WP Rocket, LiteSpeed Cache, W3 Total Cache, Autoptimize, and other caching plugins
  • Translated into 10 languages: German, Spanish, French, Italian, Japanese, Dutch, Polish, Portuguese (Brazil), Russian, and Simplified Chinese

How It Works

  1. The Opportify JS SDK loads silently in your site header. It collects behavioral signals such as mouse movement, keystroke timing, scroll depth, and device entropy, then generates a session fingerprint.
  2. When a form is submitted, the SDK attaches a behavioral token to the submission automatically.
  3. The Opportify PHP SDK sends the submission to the Fraud Protection API for analysis: email risk, IP intelligence, device signals, behavioral correlation, and more.
  4. Based on your configured thresholds, the plugin allows, flags, or blocks the submission instantly.

No CAPTCHA. No user friction. No separate configuration per form.

Reports Dashboard

The plugin’s Reports page gives you a clear view of your site’s submission health:

  • Health checklist: confirms your API keys, connection status, and active integrations at a glance
  • Risk distribution chart: donut chart showing the split between Healthy, Caution, and Risky submissions
  • Submissions by integration: bar chart showing which forms receive the most risk
  • Submission log: filterable table with date, integration, email, IP, score, risk level, action taken, and contributing factors
  • Dashboard link: access detailed trend analysis and advanced filters in the Opportify Dashboard

External Services

This plugin connects to two Opportify services:

  • Fraud Protection API (https://api.opportify.ai): analyzes each submission server-side using your private API key. Data sent: email address, IP address, and behavioral signals from the JS SDK.
  • JS SDK CDN (https://cdn.opportify.ai): loads the client-side behavioral telemetry script using your public key. This script collects behavioral signals (typing cadence, mouse movement, device entropy, and automation indicators) that are correlated server-side with the fraud analysis. The plugin automatically fetches the latest script version from the CDN manifest and injects it into your site header.

Please review Opportify’s Privacy Policy and Terms of Service before activating the plugin. By activating, you agree to the transmission of submission data to Opportify’s API for fraud analysis.

Support

For questions, feedback, or assistance, visit https://www.opportify.ai/contact-us.

Obrázky

  • Reports page: risk distribution charts, health checklist, and submission log
  • Settings page: General tab with API credentials and global protection settings
  • Settings page: Integrations tab with per-integration risk action configuration
  • Submission log: filterable table with risk level badges and contributing factor pills

Inštalácia

  1. Upload the plugin folder to /wp-content/plugins/opportify-fraud-protection/ or install directly via Plugins Add New in your WordPress admin.
  2. Activate the plugin through the Plugins screen.
  3. Go to Opportify Settings and enter your Private API Key and Public Key.
  4. Toggle Enable Protection on the General tab.
  5. Enable the specific integrations you want to protect on the Integrations tab.
  6. Click Test Connection to verify your API keys are working.
  7. You are live. Check Opportify Reports to see submissions as they come in.

Časté otázky

Where do I get my API keys?

Start a free trial at app.opportify.ai to get your Private API Key and Public Key. No credit card required. The free trial gives you full API access on live form submissions right away. It is not a sandbox or demo environment.

Does this replace CAPTCHA?

Yes, it is designed to be a better alternative. Opportify analyzes over 100 signals per submission without presenting any challenge to the visitor. Real users see nothing. Bots and fake submissions are scored and blocked automatically based on your thresholds.

Does it work with WooCommerce?

Yes. Both WooCommerce Checkout and WooCommerce Account Registration are supported. You can configure separate risk actions for each so checkout fraud and fake account registrations are handled independently.

Will it slow down my site?

No. The JS SDK loads asynchronously from a global CDN with no impact on page rendering. The server-side API call happens during form submission processing and completes in under a second for most submissions.

Does it work with caching plugins?

Yes. The plugin is compatible with WP Rocket, LiteSpeed Cache, W3 Total Cache, Autoptimize, and other major caching plugins. The JS SDK is loaded through the standard WordPress enqueue system and can be managed by your caching plugin using the handle opportify-telemetry. If you change your Public Key, clear your page cache afterward.

What does „Flag“ do?

When an action is set to Flag, the submission proceeds normally but Opportify stores the risk score, risk level, and contributing factors as metadata attached to the entry. For comments, this goes into comment meta; for users, into user meta; for WooCommerce orders, into order meta. A Risk column appears in the relevant WP Admin list tables so you can review flagged entries.

What is the difference between „Flag“ and „Block“?

Flag lets the submission through but records the risk data for your review. Block rejects the submission entirely and shows the visitor your custom block message. Use Flag for Medium risk when you want to review manually, and Block for High and Highest when you are confident in rejecting.

Can I configure settings via a file instead of the UI?

Yes. Copy opportify-config-sample.php to your WordPress root as opportify-config.php. When this file is present, all settings are loaded from it and the WordPress admin UI becomes read-only. This is useful for DevOps workflows, Bedrock and Trellis setups, and multi-environment staging pipelines where you want settings version-controlled.

Does it work with page builders and popular form plugins?

Yes. Elementor Pro Forms, Ninja Forms, Gravity Forms, WPForms, Fluent Forms, Forminator, Formidable Forms, Contact Form 7, and Mailchimp for WordPress are all supported natively.

Is it GDPR and privacy compliant?

Data sent to the Opportify API consists of the email address, IP address, and behavioral signals from the JS SDK, the minimum required for fraud analysis. No personal data is stored by the plugin beyond the risk score and factors in your own WordPress database. Review Opportify’s Privacy Policy for full details.

What happens if the Opportify API is unavailable?

If the API returns an error or is unreachable, the plugin applies the fallback action configured in Settings (default: Allow). By default, submissions are never blocked due to a service disruption. You can change the fallback to Block in Settings if you prefer a stricter posture during outages.

Does it affect logged-in administrators?

Not by default. The Skip Admins option is enabled by default, which bypasses fraud checks for users with the manage_options capability. You can disable this in Settings if needed.

Recenzie

Pre tento plugin nie sú žiadne recenzie.

Prispievatelia a vývojári

“Opportify Fraud Protection” je softvér s otvoreným zdrojovým kódom. Do tohto pluginu prispeli nasledujúci ľudia.

Prispievatelia

Preložiť „Opportify Fraud Protection“ do vašho jazyka.

Máte záujem o vývoj?

Prehľadávajte zdrojový kód, preskúmajte SVN repozitár, alebo sa prihláste na odber vývojárskeho logu cez RSS.

Zoznam zmien

1.1.0

  • Add enriched email and IP intelligence chips to fraud log entries (deliverable status, email type, connection type, country, blocklist flag)
  • Add Full Details button per log row linking to app.opportify.ai for deeper analysis
  • Fix flag action now produces visible indicators in native UIs: WordPress comments routed to spam, WooCommerce orders placed on hold, Gravity Forms entries starred, Forminator entries marked as spam, Fluent Forms entries starred
  • Fix Ninja Forms block action now correctly halts submission using the first real field ID
  • Fix WPForms integration now correctly sends all submitted fields to the Opportify API
  • Add plugin banner images for WordPress.org directory
  • Fix build pipeline to correctly exclude .wordpress-org directory from plugin ZIP

1.0.1

  • Add WordPress.org plugin directory assets (icons and screenshots)

1.0.0

  • Initial release

Meta

Hodnotenia

No reviews have been submitted yet.

Your review

See all reviews

Prispievatelia

Podpora

Máte čo povedať? Potrebujete pomoc?

Zobraziť fórum podpory