WordPress

WordPress Plugin

Automatically moderate posts and comments on your WordPress site. No coding required.

Installation

The SafeComms WordPress plugin is the easiest way to integrate content safety into your website.

  1. Download the Plugin
    Download the latest safecomms-moderation.zip from the Releases page.
  2. Upload to WordPress
    Log in to your WordPress Admin dashboard. Navigate to Plugins > Add New. Click Upload Plugin and select the zip file you downloaded.
  3. Activate
    Click Activate Plugin once the upload is complete.

Configuration

Once activated, you need to connect the plugin to your SafeComms account.

1. API Key Setup

You can configure the API key in two ways:

Option A: Admin Settings (Easiest)

Go to Settings > SafeComms in your WordPress dashboard and paste your API key into the "API Key" field.

Option B: wp-config.php (Most Secure)

Add the following constant to your wp-config.php file to lock the API key in code: 

// In your wp-config.php file
define('SAFECOMMS_API_KEY', 'sk_live_your_api_key_here');

2. Account Usage

The settings page displays a progress bar showing your current API token usage and plan limits. It will also warn you if you have enabled features (like Non-English support) that are not available on your current plan.

3. Moderation Settings

  • Scan Posts: Automatically scans post titles and content when you publish or update a post.
  • Scan Comments: Automatically scans new comments before they are approved.
  • Auto-approve new authors: (Comments) If enabled, allows SafeComms to bypass the "Comment author must have a previously approved comment" check for safe comments.
  • Enable Text Replacement: (Starter+) Automatically sanitizes content by replacing toxic words with asterisks (e.g. f***) instead of blocking the entire post.
  • Enable PII Redaction: (Starter+) Automatically removes personally identifiable information like emails and phone numbers.
  • Enable Non-English Support: (Pro) Enables detection for languages other than English.
  • Fail-open (Comments): If the API is unreachable, allow comments to be posted (pending approval) instead of blocking them.

4. Moderation Profiles

For advanced control, you can assign specific SafeComms Profile IDs to different content types in the settings:

  • Post Title Profile ID
  • Post Body Profile ID
  • Comment Body Profile ID
  • Username Profile ID

Features

Post Moderation

Prevents toxic content from being published. If a post is flagged, its status is set to Draft and the author is notified.

Comment Guard

Stops harassment and spam in comments. Flagged comments are marked as Spam or Unapproved instantly.

Admin Dashboard

View a dedicated moderation log to see why items were blocked, including the specific category scores (e.g., Toxicity, Profanity).

Smart Caching

Built-in caching prevents re-scanning unchanged content, saving your API quota and speeding up your site.

Status Shortcode

Display moderation status on the frontend. See the Shortcodes section for details.

Custom Hooks & Integrations

SafeComms can integrate with virtually any WordPress plugin (like bbPress, WooCommerce, Gravity Forms, etc.) using our Custom Hooks system. This allows you to moderate content from third-party plugins without writing any code.

How it Works

You can map SafeComms to listen to specific WordPress Actions or Filters. When that hook fires, SafeComms will scan the data and either sanitize it (remove bad words) or block the action entirely.

  • Hook Name: The WordPress hook to listen for (e.g., bbp_new_reply_pre_content).
  • Argument Position: Which argument contains the text to scan (usually 1).
  • Array Key (Dot Notation): If the argument is an array, specify the path to the text field (e.g., billing.address.city).
  • Profile ID: (Optional) Override the moderation profile for this specific hook.

Common Examples

PluginHook NameArgKeyBehavior
bbPress (Replies)bbp_new_reply_pre_content1- Sanitize Starter+
Contact Form 7wpcf7_posted_data1your-messageBlock
WooCommerce (Notes)woocommerce_new_order_note_data1comment_content Sanitize Starter+

Multi-Site Compatible

Custom hooks are site-specific. In a WordPress Multi-Site network, you can configure different hooks for different sites (e.g., a forum site vs. an e-commerce site) without conflicts.

Plan Requirements

The Sanitize behavior uses our advanced Text Replacement engine, which requires the Starter plan or higher. The Block behavior is available on all plans, including Free.

Shortcodes

The plugin includes a shortcode to display the SafeComms moderation status of a post or comment on the frontend. This is useful for authors to see why their content might be pending or blocked, or for admins to quickly check the status.

Usage

[safecomms_status]

By default, using [safecomms_status] inside a post will show the status for that current post.

Parameters

  • post_id: (Optional) Specify a Post ID to show status for. Defaults to current post.
  • comment_id: (Optional) Specify a Comment ID to show status for.

Examples

[safecomms_status post_id="123"]
[safecomms_status comment_id="456"]

Visibility & Security

To prevent leaking internal moderation details to the public, the shortcode has built-in visibility controls:

  • Default Behavior: The status is only visible to users who have permission to edit the specific post or comment. This allows authors to see the status of their own content.
  • Admin-Only Mode: You can enable the "Restrict shortcode visibility to admins only" option in the SafeComms settings. When enabled, only users with the manage_options capability (Administrators) can see the shortcode output, regardless of who authored the content.

Moderation Queue

Access the Moderation page under the SafeComms menu to view all scanned items.

  • Filter: View only Blocked or Allowed items, or filter by Posts/Comments.
  • Re-scan: Manually trigger a re-scan of an item.
  • Allow Override: Manually mark a blocked item as allowed. This will publish the post or approve the comment.

Logs: The Logs page provides detailed information about API errors, rate limits, and system events for troubleshooting.

Troubleshooting

Rate Limits & Retries

If your site hits your plan's API rate limits (HTTP 429), the plugin will:

  1. Hold the content (Post set to draft, Comment held).
  2. Add the item to a Retry Queue.
  3. Automatically retry scanning in the background using WordPress Cron with exponential backoff.

You can view these events and the retry status in SafeComms > Logs.

Common Issues

  • Plugin fails to activate Ensure your server is running PHP 8.0 or higher. The plugin does not support PHP 7.4.
  • "Quota Exceeded" errors Check your usage in the SafeComms dashboard. If you've hit your monthly limit, content will be blocked (fail-closed) or allowed (fail-open) based on your settings.
  • Connection Issues Ensure your server can make outbound HTTPS requests to api.safecomms.dev. Check with your hosting provider if firewalls are blocking the connection.