Block Editor Button?

As a follow up, I also looked at the source code for the page in 3 browsers and was surprised to see the only viewable email address on my site was NOT obfuscated in Safari v17.2.1, but WAS in the latest versions of Firefox and Brave (chrome browser). I thought that was the whole point of this plugin? By default shouldn’t it at minimum protect a visible MAILTO link? Alternately, I tried to manually protect the email with [eeb_protect_emails], and got the same results.

In addition the manually protected phone number that shows on my site doesn’t appear to be protected in Safari when viewing the source code, but does not show in search results of the source code in Firefox and Brave. I used the [eeb_protect_content] for that. For what it’s worth, I cleared the cache for my domain on each browser with each test.

Again, I know enough to get myself in trouble, so maybe I’m misunderstanding how this tool works, or how to check it looking at source code. In Safari I went to Develop>Show Page Source, in Firefox I use Tools>Broswer Tools>Page Source, and in Brave View>Developer>View Source. Assuming I’m using it correctly, as it stands, I can’t recommend it and am going to have start looking for other options. ??

I see an update for the tool was JUST released today, so it seems like it’s actively being developed. Hope you can shed some light!

Unless I am misunderstanding something, it seems like the way I was Safari searching Source data, it maybe combines Inspector and Source data, thus yielding my results. So that may be why that’s happening. As I mentioned in the other post that led me to this conclusion, I’m still not sure why I got spam to an obfuscated email associated with a button on my page… I know there are many ways to have email compromised, but this is a very new email address, and not a logical one. So either someone manually harvested it, or is using some other scraping method?

Hey @ballou – Thanks for your message.

After checking, your email seems to be properly obfuscated. Though my plugin does a good job, there will always be ways to harvest emails for serious platforms.

While normal bots are easily blocked by our plugin, sophisticated harvesters can interpret javascript and run it in a virtual environment, and then use AI or other extraction tools to scan rendered images of websites to find email addresses. Those bots are more rare, but they exist, and there is not much to do against it except of removing the email from the website, or in best case, obfuscating it visually.

This means that you can continue to use Javascript as a preferred method, but instead of showing the email as the actual email, you can obfuscate it further by changing its display (This is possible via the “display” argument of the available shortcodes.

E.g. instead of having [email protected], you can write jondoe [AT] example.com

This further hardens the possibility of your email being exposed automatically.

Hope that helps.

Thanks for your reply @ironikus! I appreciate the explanation.

Follow up question to your suggest on further obfuscating displayed email: How do you insert a SUBJECT line into MAILTO shortcode?

For instance, following your instructions to replace my old MAILTO link, I’m now using something like, [eeb_mailto email=”[email protected]” display=”jondoe(AT)example(DOT)com”]

I tried a variety of ways for the manually protected MAILTO link to insert the SUBJECT line but couldn’t figure it out. I also used the brackets in your example “jondoe [AT] example.com” and that seemed to break things, so I went with parentheses and that appears to work.

Hey @ballou – good point – the shortcode currently only supports the direct email for validation purposes.

If you want to add additional parameters to an email, you can use the [eeb_protect_content] shortcode instead.