Skip to Content


Return an array of spam domains.

PHP April 1, 2021


This function runs automatically, so it is not called manually. Is this incorrect?

Source File

Located in /libs/Security.php on line 227.

1 Hook

Find these filters and actions in the source code below to hook into them. Use do_action() and add_filter() in your functions file or plugin.

Need a new filter hook? Request one here.

This function has no action hooks available. Request one?

        public function get_spam_domain_list(){
            $spam_domain_json_file = get_template_directory() . '/inc/data/spam_domain_list.txt';

            //Potential candidate for new Nebula transient() function
            $spam_domain_list = get_transient('nebula_spam_domain_list');
            if ( empty($spam_domain_list) || $this->is_debug() ){ //If transient expired or is debug
                $response = $this->remote_get(''); //Watch for this to change from "master" to "main" (if ever)
                if ( !is_wp_error($response) ){
                    $spam_domain_list = $response['body'];

                //If there was an error or empty response, try my GitHub repo
                if ( is_wp_error($response) || empty($spam_domain_list) ){ //This does not check availability because it is the same hostname as above.
                    $response = $this->remote_get('');
                    if ( !is_wp_error($response) ){
                        $spam_domain_list = $response['body'];

                //If either of the above remote requests received data, update the local file and store the data in a transient for 36 hours
                if ( !is_wp_error($response) && !empty($spam_domain_list) ){
                    global $wp_filesystem;
                    $wp_filesystem->put_contents($spam_domain_json_file, $spam_domain_list);
                    set_transient('nebula_spam_domain_list', $spam_domain_list, HOUR_IN_SECONDS*36);

            //If neither remote resource worked, get the local file
            if ( empty($spam_domain_list) ){
                global $wp_filesystem;
                $spam_domain_list = $wp_filesystem->get_contents($spam_domain_json_file);

            //If one of the above methods worked, parse the data.
            if ( !empty($spam_domain_list) ){
                $spam_domain_array = array();
                foreach( explode("\n", $spam_domain_list) as $line ){
                    if ( !empty($line) ){
                        $spam_domain_array[] = $line;
            } else {
                $this->ga_send_exception('(Security) spammers.txt was not available!', 0);

            //Add manual and user-added spam domains
            $manual_nebula_spam_domains = array(
            $all_spam_domains = apply_filters('nebula_spam_domains', $manual_nebula_spam_domains);
            return array_merge($spam_domain_array, $all_spam_domains);


This function can not be short-circuited with an override filter. Request one?