How to add WordPress Comment Captcha from Google reCAPTCHA

How to add WordPress Comment Captcha from Google reCAPTCHA: Did you know what is Google Captcha for WordPress? It is a free Google tool used by owners of a web page to verify that whoever visits your website is a human person and not a robot who tries to pretend to be a person in order to violate the web system.

The History of Google Captcha:
Google Captcha was not always owned by Google. In fact, he bought it back in 2009 and has been improving it since then (he updated the version in 2013 to allow the famous “I’m not a robot” box). Surely you remember that box that forced you to put the words I indicated and, if they did not match, you could not finish completing the form or access a website or finish registering. It was a bit tedious.

Google realized that, late, but realized. Since the beginning of last year this way of verifying a person has gone down in history and is now invisible. The tool will only ask you to verify that you are a human by clicking when it detects irregular activity.

What will Google Captcha do for you?

As I said before, Google Captcha serves to apply a filter on your website and thus not receive spam. You can apply it in all kinds of forms, actions, checks to prevent hundreds of robots that enter your website to leave malicious content. You will also avoid comments from users who claim to be but in reality they are robots that want to leave toxic links pointing to their websites.

Google Captcha usage examples

  • Making sure who sends a contact form or similar is not a robot.
  • Verify that who reads a certain content is a person
  • When there are bridge pages, such as link exchange, you can put a captcha to ensure that whoever sees the landing page with the links is a person.
  • Use it as a shield in login pages so that hundreds of robots do not arrive and try to log in brute force with common password dictionaries.
  • Use it as verification of purchases in your online store to make sure that whoever buys you is really a person.

The idea of ​​using Google Captcha is to make sure that whoever reads you is a person, you can apply it with a thousand different purposes.

How does Captcha detect in WordPress if you are a human or a robot?

The tool has a complex algorithm that focuses on hundreds of factors to determine if you are a person or a robot. Some of them we know and is that Google Captcha is fixed in your activity, how you navigate, your IP address, the cookies that you leave and are traceable (very traceable). At the end of the day, if you use Google Chrome the chances of identifying you are much greater since it is your own tool and can better judge what type of visitor you are.

In other browsers it costs you more and that is why it is more likely to ask you to verify yourself. Other elements that Google Captcha uses is the mouse path, the time you spend in the section where that Captcha is in WordPress, etc. There are many factors that Google uses but, obviously, the vast majority are not public since if not anyone could program their robot to skip the verification and it would make no sense.

How can we install it in WordPress?

If you want to install Google Captcha, the ways that exist to do so are very simple and very quick to do (you don’t have to have programming skills). It depends a bit on whether you want to do it with code or want to do it through one of the thousands of WordPress plugins that exist. Let’s see it in both ways, both for users and for developers.

Install Google Captcha WordPress automatically

If you have a website but you don’t know anything about code, don’t worry because, thanks to the advance of WordPress and the hundreds of plugins that exist, you can configure it in a few minutes. The first thing you have to do is get an authorization key (API Key). To do this, you must log in to Google with your email account (it is advisable to use the one linked to Google Search Console, Analytics, etc … to have everything in one account) and go to the following address: https: // www .google.com / Captcha.

Look for the blue button that says “My Captcha” in the upper right of the web and, after clicking there, it will redirect you to an installer where you will have to configure the information that you request as you see in this image:

captcha 2019
By default it says that you will not have any Captcha configured and that you follow the steps to start having one. You must put an identifier name to recognize it tomorrow, you can call it what you want. I have called it «Google Captcha in WordPress for raiolanetworks.es«. Next, it asks you to select what type of verification you want on your website or application.

If you choose Captcha v2

i m not roobot 2019Google Recaptcha I am not a gif robot

If you choose this option it is the version that you add after all the elements, for example of a form, that will force you to mark «I am not a robot«. Then, Google, depending on its algorithm, will decide if you are a robot or not. If you consider that you are not, you will get a green “tick” and if you consider that you are, you will be forced to choose the elements that match what you are asked to select with a click. For example, you may be asked to select images that resemble a car or traffic signs.

If you choose Invisible Captcha

Google Recaptcha invisibleThis option is the new one that Google has introduced and it is no longer necessary to force the user to mark any “I am not a robot” box, but will be invisible. That is, it will be present in any interactive element you choose and will only ask for verification to whom Google Captcha considers to be a bot. Isn’t he cool? You no longer force anyone to click on one more item, but you will get the verification on a form submit button directly if necessary.

If you choose Captcha on Android

This is a more complex version that exists for Android applications. We are going to see the web environment, but you know that it exists and that if you need it you can read its documentation in this link: https://developer.android.com/training/safetynet/

Suppose you choose the Captcha v2 version, since it is the most used version right now

While the invisible version is still spreading and becoming known, you will learn with this tutorial how to install Google Captcha on WordPress. The first thing you have to do is go back to the previous window where you stayed to resume the installation and select Captcha v2 (the one in the “I’m not a robot” box). Next, a box will appear below where you must specify under which domain names of your property the Captcha should work.

If you do not put any or put the Captcha code in a domain that has not been put in this box, it will not work. Suppose the domain raiolanetworks.es is where you want to install Captcha. Accept the terms and conditions and ask them to send you alerts in case something goes wrong. The configuration will look like this:

captcha option 2019Google recaptcha recaptcha types

Perfect! Now you just have to register and it will generate some codes that you must use to configure Captcha in WordPress. If you have done everything right, it is on the next screen where it will show you the 2 main keys that I was telling you (site key and secret key). It should be a screen similar to this:

Google Recaptcha secret keys

You already have everything you need to install Captcha in WordPress, you just have to connect it. Go to your WordPress and look in the plugins section: «Google Captcha (Captcha) by BestWebSoft«, download it and activate it:

Google Recaptcha panel wordpress Now a new option called «Google Captcha» will appear on the left like the one you can see in the image on the left (or above if you are in a mobile version) with different sections.

You must first go to «Google Captcha»> «Settings» where you will install the keys that we have previously copied. Put the respective keys in the first box:

Google Recaptcha secret keys configuration

Finally, specify for which elements you want to install Google Captcha in WordPress. It will mark you all the sites where there is a default WordPress form such as the login section in the administration panel, registration forms, reset password or when a comment is sent. You can also implement it in external plugins such as Contact Form 7, which is the most used plugin for contact forms.


As you can see, the free version of Google Captcha in WordPress can be used in some specific external plugins or in the native functions of WordPress itself. If you wanted to adapt captcha in other areas such as WooCommerce or BuddyPress, you would have to make use of the paid version being able to choose between all these options:

Google Recaptcha external plugins

It is done! Google Captcha in WordPress has been installed correctly. Try logging out and you will see how when you try to log in next time you will be asked to verify yourself on your own website (if you activated the login verification).

Install Google Captcha developer version

If you do not have a content manager like WordPress or another similar one in which to configure Captcha easily, you will have to install it manually with code. You will need programming knowledge although we will try to follow this tutorial to install Captcha using code easily. To start you will also need the site and secret keys, so you will have to perform the steps as if you did it manually, as I explained above.

Follow the steps just below where the keys are, which is the easiest way to do it. The instructions say you should do this:

Google Recaptcha install client side

What you have to do is install the library just before closing the <header> of the web. The code is as follows, so you can copy and paste it faster:
<img src=”data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7″ data-wp-preserve=”%3Cscript%20src%3D’https%3A%2F%2Fwww.google.com%2FCaptcha%2Fapi.js’%3E%3C%2Fscript%3E” data-mce-resize=”false” data-mce-placeholder=”1″ class=”mce-object” width=”20″ height=”20″ alt=”&lt;script&gt;” title=”&lt;script&gt;” />

After this, you must put the following code on the form or forms where you want the boxes to go right at the end of the <form> tag:
<div class=”g-Captcha” data-sitekey=”6LcBbF4UAAAAAHCDmf57[BORRO_ESTA_PARTE]”></div>
Well, you have already configured the code on the client side where it is what the user will see and will mark the option “I am not a robot”. Now you have to install a code on the server side with the code behind (PHP) where you will be waiting for the response from the client side. You must download the PHP library from Google Captcha and insert it into your code. You can download it from here: https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/Captcha/Captcha-php-1.11.zip

Extract the Captchalib.php file and upload it to the root or to the folder where you have the project on server. We are going to imagine that the project is at the root of the FTP, so you will upload that file to the root too (it is not necessary that it be at the root, it is just an example, it can be in a folder and you can call it the same wherever it is East).

Now you must go to the part where you are checking that the form data is being validated and that the code continues if the form submission was correct. Add this code:
require_once(‘Captchalib.php’);
$privatekey = “your_private_key”;
$resp = Captcha_check_answer ($privatekey,
$_SERVER[“REMOTE_ADDR”],
$_POST[“Captcha_challenge_field”],
$_POST[“Captcha_response_field”]);

if (!$resp->is_valid) {
// ERROR
die (“El Captcha no fue ingresado correctamente. Vuelve atrás e inténtalo correctamente.” .”(Captcha said: ” . $resp->error . “)”);
} else {
// OK, todo bien
}
Here, replace your_private_key with the secret key that Captcha generated for you. Everything else you keep as is. If all went well, you will have to put the code you already had after the commented line that says: “OK, everything is fine”. It’s like superimposing a layer on what you already had. That layer is that of Captcha.

And it would be! You have finished configuring Google Captcha on your website for the developer version. As it has been an explanation for someone who should know a little programming, I have gone a little above.

Conclusion of using Google Captcha:

Installing Google Captcha in WordPress will save you from having false data or records of malicious robots. Putting the “I’m not a robot” button could be an obstacle for the user in the funnel (funnel) of conversion, so it is not highly recommended to put it in many steps. To solve this problem there is a new invisible version that is less invasive for the user and will only come out when the system detects that it could be a false identity.

Leave us a comment with your curious experiences about spam that you have received. You can also ask us for help in the comments to install captcha in WordPress.

(How to add WordPress Comment Captcha from Google reCAPTCHA)

Leave a Reply

Close Menu