CAPTCHA helps you to stop spammers from filling out your forms. Humans can easily solve this but it is difficult for bots and automated software to figure out.

You can add Google reCAPTCHA or add Custom CAPTCHA in your WordPress forms. Here I will show you both, how to add Google reCAPTCHA and Custom CAPTCHA on your WordPress forms.

The annoying Google Captcha badge is now gone from your WordPress site. But be aware, once you have a new Worpress update, the script will be gone. So check out our other article about setting up a child theme for your WordPress blog, to prevent your changes to disappear after every update. Captchac means CAPTCHA-Challenge and it represents an element for a CAPTCHA image. Captchar means CAPTCHA-Response and it represents an element for a response input field. A captchac tag must always be paired with a captchar tag with the same name. For example, tags shown below are valid.

Free Math Captcha WordPress Plugin Math Captcha is a 100% effective and easy to use CAPTCHA for WordPress that seamlessly integrates into login, registration, lost password, comments, bbPress and Contact Form 7. More Info / Download 3. Really Simple CAPTCHA is a simple WordPress captcha plugin. It’s dependent on other plugins and doesn’t function alone, so you need to use it with your WordPress contact form plugins. It offers an easy captcha solution. When a user enters the answer in the captcha, it verifies the answer from the response image file.

How to add CAPTCHA in your WordPress forms

For this tutorial, we are using WPForms, which is the most popular and advanced form building plugin for WordPress.

With WPForms, you can easily add CAPTCHA to your WordPress forms. And it is a drag and drop contact form plugin, so, you don’t need to worry about knowing coding knowledge.

WPForms lets you create advanced forms like multi-page forms, survey forms, file upload forms, donation forms, order forms, etc.

WPForms has two versions: free and paid. If you want to create a simple contact form and only use Google reCAPTCHA, then you don’t need to buy their paid plan.

But if you want to add Custom CAPTCHA on your forms. Then you need to buy their paid plan which starts at $39/year.

Also, with their paid plan, you’ll get lots of advanced features.

So, click the link below to buy WPForms and get the maximum discount possible:

How to add Google reCAPTCHA on your WordPress forms

Google reCAPTCHA is a free service from Google which helps to protect websites from spam and abuse. I will show you how you can use Google reCAPTCHA on your WordPress form and protect your forms.

Step- 1. Know about reCAPTCHA and their types

reCAPTCHA is a free spam protection service provided by Google. You can add three types of reCAPTCHA in WPForms.

Type- 1. reCAPTCHA v2 (“I’m not a robot” Checkbox)-

Here the user must check the box and confirm that they are human.

This will either pass the user without a CAPTCHA or show them a CAPTCHA to verify whether they are human or not.

Type-2. reCAPTCHA v2 (Invisible reCAPTCHA badge)-

This type of reCAPTCHA doesn’t contain any checkbox. Just a badge added to the bottom right side of the page.

In some cases, this will show image-based questions directly when the user clicks on the submit button.

Type- 3. reCAPTCHA v3-

This type of reCAPTCHA doesn’t show any boxes or badges, it runs in the background.

If you add this type of reCAPTCHA, Google will monitor the user behavior of your site. Every user who wants to submit a form, Google will give them a score, if the score doesn’t match your decided score(you will need to decide a score to allow your forms to submit), they will have no way to submit your form.

If you running AMP on your site, you can use this type of reCAPTCHA.

Step- 2. Generate Site and Secret Key

To create site key and secret key, go to Google’s reCAPTCHA page, click Admin console and login to your Google account.

If you have set up a reCAPTCHA with your google account in the past, then you need to click + icon to add a new site.

If you never set up Google reCAPTCHA before, you’ll be redirected to ‘register a new site page’.

a. Put a name, like your name, your website name (recommended).

b. Select the version of reCAPTCHA you want to use, WPForms’ recommendation is to use reCAPTCHA v2 (Invisible reCAPTCHA badge).

c. Enter the URL of your website(Just put your website name, don’t use https://, http://, www.), like codebahar.com.

d. Accept the reCAPTCHA Terms of Service and click SUBMIT.

After registering your site, you should see this type of page with your SITE KEY and SECRET KEY.

If you are using AMP, then you’ll need to do some extra adjustments. To do that click GO TO SETTINGS underneath your keys and select Allow this key to work with AMP pages, then click Save.

Step- 3. Add reCAPTCHA to WPForms

To add reCAPTCHA in WPForms, login into your WordPress dashboard, go to WPForms >Settings, and click reCAPTCHA.

a. Choose the version of reCAPTCHA you want to use(same version as you select in ‘register a new site’ page).

b. Put your Site Key and Secret Key.

c. If any user doesn’t pass the reCAPTCHA test, which message you want to show them.

d. Sometimes reCAPTCHA loaded more than once on your site (for example, by both WPForms and your WordPress theme), this can prevent reCAPTCHA from working properly. If you enable this, it removes any reCAPTCHA code that’s not loaded by WPForms.

Don’t enable this. However, we highly recommend getting in touch with the WPForms support team if you’re in at all unsure whether to use this option.

In the end, don’t forget to save this.

If you use reCAPTCHA v3, then you need to select Score Threshold.

At which score you want users to fail reCAPTCHA v3’s verification. Scores can range from 0.0 (very likely a bot) to 1.0 (very likely a human).

To add reCAPTCHA in your forms, create a new form or edit your existing form. Click the reCAPTCHAwidget and click OK. Don’t forget to SAVE this.

Now look at the top right corner of your form builder and you will see a reCAPTCHA tag is enabled.

To confirm that your reCAPTCHA is enabled, go to your contact form page and check reCAPTCHA is enabled or not?

Now you have successfully added Google reCAPTCHA in your WordPress Forms using WPForms. Now let’s see how you can add Custom CAPTCHA on your WordPress forms.

How to add Custom CAPTCHA on your WordPress forms

If you are not already buying WPForms, please do it first. Because without their paid version, you can not create Custom CAPTCHA for your WordPress forms.

Step- 1. Install the Custom Captcha Addon

Wordpress Captcha Comments

For using Custom CAPTCHA on your WordPress forms, you need to install the Custom Captcha Addon. To do that, simply click on WPForms > Addons and install the Custom Captcha Addon.

With this addon, you can define custom questions or use random math questions as CAPTCHA to fight spam form submissions.

Step- 2. Add Custom CAPTCHA to WPForms

Create your form or edit your existing form where you want to add Custom CAPTCHA to protect your form from spammers.

Now click on the Captcha field to activate the Custom Captcha Addon.

After doing that, you will see a popup where you need to click on the Yes, Install and Activate button. and after that click on Yes, Save and Refresh.

Your Custom Captcha Addon will now successfully installed and activated.

Step- 3. Customize your Custom CAPTCHA

Drag and drop the Captcha field from left to right to add Custom CAPTCHA on your form.

By default, the field will automatically show a random math question to the users who want to submit the form.

You can change the custom captcha type to Question and Answer. To do that, click on the Captcha field and on your left change the type to Question and Answer.

Then enter the question you want you to show your users and also enter the answer. If you want to show different questions and answers every time your page loads or refreshes, then click the plus (+) icon and enter your question and answer.

In the end, don’t forget to save all the changes by hitting on the Save button.

Now you have successfully added Custom CAPTCHA in your WordPress Forms using WPForms.

In the same way, you can add CAPTCHA to all types of forms that are created with WPForms.

Also, read how to send confirmation emails to users after submitting a form to helps the users to know is their form is submitted or not.

Frequently Asked Questions (FAQs)

Is reCAPTCHA available on WPForms Lite?

Yes, Google reCAPTCHA is available on WPForms Lite.

If you have any questions about this article you can ask in the comment section below. And if you like this article, don’t forget to share it with your friends and family. Thanks for reading this article.

Website security is one of the most important parts of running a website and CAPTCHA in WordPress can help make your website less vulnerable to spambots. This is extremely important, especially when you can sign up for free.

This would give bots access to your login, registration forms, and comment sections. To better protect your WordPress website CAPTCHA tests can help.

There are many disadvantages to having spam bots enter your website. Bots can lead to inflated visitor numbers, disrupt comment sections, and harass or disturb visitors. WordPress CAPTCHA can help keep your website spam bot free by adding a simple test that any human can pass, but no spam bot can.

Today I will demonstrate how to accomplish this with the Advanced noCaptcha plugin.

Why Spam Bots Hurt Your Website

Spambots are never a good thing to have on a website.

For starters, they can inflate your website’s visitor and registration numbers. While experienced web developers may understand that this is normal, beginners do not. Instead, they may think their website is really taking off.

This can make them spend more on resources because they think it will pay off. This can have serious financial consequences.

The comments section is always an interesting place to find different views on topics, but it is also an easy spot for spambots to advertise for other websites or products. If half the comments are about the content and the rest are all advertising other websites it can really hurt the discussion on a blog.

This can be avoided by having a WordPress CAPTCHA registration in the comments section. This will ensure that bots cannot leave a comment without passing a CAPTCHA test.

Installing Advanced noCaptcha

The Advanced noCaptcha plugin allows you to add CAPTCHA protection to your website in a multitude of ways. It supports noCaptcha and invisible CAPTCHA. NoCaptcha just makes users check a simple, “I am not a robot” checkbox.

While invisible CAPTCHA is where an algorithm determines if you are a robot based on your mouse movement and typing behavior. If it thinks that you are a robot, you will have to pass a test.

Let’s start by going to the plugins area of WordPress and click on the “Add New” button.

Search for Advanced noCaptcha in the available search box. This will pull up plugins that have similar functionality.

Scroll down until you find the Advanced noCaptcha plugin and click on the “Install Now” button and activate the plugin for use.

Setting Up the Plugin

On the left-hand admin panel, click on Settings and select the Advanced noCaptcha & invisible captcha option.

The plugin does most of the work for you. All you really need to do is pick your Captach type, enter your site key from Google, and select where it will be present on your website.

The first option you need to decide on is what type of Captcha you will select. You have 3 options V2 “I’m not a robot,” V2 Invisible, and V3.

Note: V3 is not like v2. It simply detects abusive traffic and sends you a report on it to help you implement the correct response. It will not stop spambots, it will simply inform you about them.

Next, you need to enter your site key. This comes straight from Google, the owner of reCAPTCHA. Simply visit the reCAPTCHA site and log in. You will need to register your website and create a label to obtain a site key.

If you already know how to get your site key feel free to skip the next section.

Obtaining a Site Key

The process is really easy and quick once you are logged in, you can register your website. Simply enter the Label (title), the reCAPTCHA type, the domain name (your website’s URL), owner email (should be auto-filled), accept the terms and conditions and click on the submit button.

Note: Make sure to select the correct reCPATCH type. If it does not match what you select in the plugin, it will not work.

You will now be on this page and see your API keys. Copy these keys for later use.

Now go back to your website.

Back to Setup

Paste the Site Key and Secret Key into the appropriate boxes.

Now you must select which forms you will select to have the reCAPTCHA appear on. You can enable the plugin on the following forms:

• Login Form
• Registration Form
• Multisite User Signup Form
• Lost Password Form
• Reset Password Form
• Comment Form
• bbPress New topic
• bbPress reply to topic
• BuddyPress register
• WooCommerce Checkout

Captcha Plugin

Simply check the boxes of the ones you want.

Note: Some of these are for specific plugins, so do not check them carelessly.

You will then have some other settings you can fill in. These include the Error message, language detect, light or dark mode, size, and more. Simply go through them and change them to your website’s needs.

Once you have made your selections click on the “Save Changes” button to finish setting up the plugin.

You can now view the reCAPTCHA on your website.

Congratulations, you have successfully enabled reCAPTCHA on your WordPress website.

Other Useful CAPTCHA Plugins

WordPress is home to many other fine plugins that can help with CAPTCHA. There are many CAPTCHA plugins that can better suit your site depending on how you wish to test your visitors. Here are a few plugins I can recommend trying.

Really Simple CAPTCHA

Really Simple CAPTCHA is a very popular WordPress CAPTCHA plugin with over 700.000 active installers. It is unique because it does not use PHP sessions to store states, but instead stores them as temporary files. Perhaps its biggest advantage is how easy it is to set up as the name suggests but does not offer full security like other plugins.

Simple Google reCAPTCHA

If you want the quickest plugin to set up reCAPTCHA on your website, look no further than Simple Google reCAPTCHA. This plugin will is straight to the point. Simply enter the site keys and your good to go. No settings to change, it’s really that simple.

Login No Captcha reCAPTCHA

Another very simple plugin you can use is the Login No Captcha reCAPTCHA plugin. Just like the above mentioned one, all you need to do is add the site keys from google. This plugin supports both the “I’m not a robot” text box and is as simple as it gets.

Keep Your Website Spam Bot Free

The end goal of any website should be to share their content with real visitors, spam-free. Spambots, unfortunately, advertise other businesses’ services and products on your site, inflate your traffic, and disrupt your comments section.

However, all of this can be prevented by using WordPress CAPTCHA plugins to test each visitor when logging in, commenting, or using a registration form.

By enabling these plugins, your site will remain secure and spam bot free. This will let visitors see your content and other visitor’s comments, without any spam.

Almost every major company uses CAPTCHA to prevent bots from invading their websites but this is important for smaller websites as well.

Has using CAPTCHA cleaned up your comments section, registration forms, and login forms? Do you have a better sense of the real traffic on your website with bots blocked?

Author: Ron Helms

Wordpress Recaptcha

I currently work for GreenGeeks as a Support Technician. My primary roles are supporting our VPS and Dedicated server clients, as well as performing site migrations. With experience in the web hosting industry since 2009, there is rarely a question I can’t help answer. In my spare time, I enjoy gaming and working on cars as an automotive enthusiast.

Related Articles