Google is providing advanced security solution called reCAPTCHA to protect website from spam and abuse. reCAPTCHA is very effective to prevent your site from spam comments and e-mails.
In this article, we will show you how to set up Invisible reCAPTCHA for WordPress site.
Table of Contents
What is reCAPTCHA?
reCAPTCHA is a free service that protects your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site. It does this while letting your valid users pass through with ease.
Here is a short YouTube video for reCAPTCHA introduction.
Currently, there are two types of reCAPTCHA available for websites. They are reCAPTCHA 2nd and 3rd generation.
The following is a reCAPTCHA V2 badge to validate users by clicking the “I’m not a robot” checkbox.
What is Invisible reCAPTCHA?
Google introduced 3rd generation reCAPTCHA in Q1 2017. The 3rd generation reCAPTCHA validates users in the background, so users don’t have to do validation test like V2. In Q1, 2017, Invisible reCAPTCHA was beta release. The following image is when Invisible reCAPTCHA was introduced as a beta program.
Starting in Q2, 2017, Invisible reCAPTCHA is publicly available for all websites.
reCAPTCHA benefits
Very effective for spam comment prevention
reCAPTCHA is absolutely effective to prevent spam. Although WordPress plugin, Akismet is very popular and well known for spam comment protection, adding reCAPTCHA for comment system is absolutely effective.
While Akismet is filtering spam comment, reCAPTCHA is preventing spam comment. As Akismet is filtering comments, you don’t see the spam comments but actually the site is getting a lot of spam comments. If you are using reCAPTCHA, you won’t get spam comments.
Here is a Akismet spam report for the past 6 months after implementing reCAPTCHA in comment system.
It showed only 1 spam comment is blocked. It was actually not blocked by Akismet, I manually marked 1 comment as a spam which human left a comment.
In fact, there have been no spam comment since using reCAPTCHA in comment system of the site.
I am no longer using Akismet for my sites, as using reCAPTCHA, you won’t get any spam comment.
Protect site from hacking attempt
In general, a site is getting a lot of spam tends to get more hacking attempt, as it is become an easy target by hackers and spammers.
reCAPTCHA can also be used for WordPress user login verification. With reCAPTCHA verification, you will shut off spammers login attempt.
Less spam, more secure. You can also use reCAPTCHA for contact form verification.
How to set up Invisible reCAPTCHA for websites
In order to use reCAPTCHA on your site, you need to register your site at Google reCAPTCHA site. After registration, you will be able to get reCAPTCHA keys for your site.
Register a site for reCAPTCHA
Go to Google reCAPTCHA home page, and press “Get reCAPTCHA” button. (Log in Google account if you have not logged in.)
Fill out registration form.
- Enter a label name(①)
- Select Invisible reCAPTCHA(②)
- Enter domain name(s) (③)
- Check to accept the reCAPTCHA terms of Service(④)
- Push “Register” button(⑤)
Get Site key and Secret key
After registration, reCAPTCHA information for the site integration will be displayed. You will need Site key and Secret key to install reCAPTCHA in your site. These keys are your site specific information. Copy them.
Setting up Invisible reCAPTCHA for WordPress site
Install Invisible reCAPTCHA for WordPress plugin
- From WordPress Dashboard, click [Plugins] and then click [Add New].
- Enter “Invisible reCAPTCHA for WordPress” in plugin search box.
- Press [Install Now] button, and activate.
Set up Invisible reCAPTCHA plugin
1. From WordPress Dashboard, click [Settings] and then click [Invisible reCAPTCHA.
2. Paste Site key and Paste key in each box.
3. Select Language. (Default is automatically detected.)
4. Select Badge Position from the following locations.
- Bottom Right
- Bottom Left
- Inline
5. Press “Save Changes” button.
Is it OK to hide the Invisible reCAPTCHA badge?
No. You are not allowed to hide Invisible reCAPTCHA badge.
Here is the excerpt of reCAPTCHA Terms of Service.
You agree to explicitly inform visitors to your site that you have implemented the Invisible reCAPTCHA on your site and that their use of the Invisible reCAPTCHA is subject to the Google Privacy Policy and Terms of Use.
The reCAPTCHA badge has a important role to inform visitors your site has implemented the Invisible reCAPTCHA and their use of the Invisible reCAPTCHA is subject to the Google Privacy Policy and Terms of Use.
Set up Invisible reCAPTCHA for WordPress protection
Click “WordPress” tab, and check the boxes. You can enable the following forms on WordPress site.
- Login Form
- Registration Form
- Comments Form
- Forgot Password Form
Select forms to enable Invisible reCAPTCHA, and press “Save Changes”.
You have done!
Invisible reCAPTCHA for verification examples
WordPress Login
When you log in, the Invisible reCAPTCHA badge will be shown. (If you select badge position as Inline.)
When you press “Log In” button after enter username and password, Invisible reCAPTCHA will do verification.
Comment
Now, comment system is protected by Invisible reCAPTCHA. When users Leave a comment and press “Post Comment” button, Invisible reCAPTCHA will do verification to check whether leaving a comment is human or not.
Comments