Cybersecurity is the one critical area that worries every other Internet user to corporate with web portal administrators. Since WordPress powers more than 30% of websites on the Internet, it often becomes a prime target for hackers and spammers.
Many experts suggest that selecting a reliable WordPress hosting provider is critical to deal with security issues. And the good news is that Cloudways offers the most secure WordPress hosting services that protect the sites from almost all possible security invasions.
Over the years many good plugins and tools have been introduced to secure your WordPress site. In particular, always remember to secure WordPress sites with .htaccess.
WordPress website administrators often face spam comments, automatic fake registrations, and login attempts as common security threats. CAPTCHA is a potent tool for protecting sites against spamming done via bots. Until now, this security measure generated a security question that only humans can answer. In many cases, solving a CAPTCHA every time for gaining access to resources is very annoying.
Invisible reCAPTCHA is activated only in cases where Google suspects that the visitor is not a human.
In this article, I will discuss how you can integrate Google’s invisible reCAPTCHA plugin in WordPress to control spam, abuse of forms, and improve the security of the website.
Features of Google Invisible reCAPTCHA
This solution is ideal for all WordPress websites, including simple WordPress sites, WooCommerce stores, Community, or a network of WordPress Multisite.
It must be noted that protecting WordPress multisite becomes even more difficult due to multiple sites involved. Therefore, in addition to integrating Google’s invisible reCAPTCHA, we must ensure opting for a reliable WordPress multisite hosting service that offers iron-clad security and active support.
- Login form protection annihilates Brute Force attacks
- Registration form protection
- Comments form protection
- Forgot Password form protection
- Product Review form protection
- Reset Password form protection
- Contact Form 7 support
- Gravity Forms support
- Ultra Community Invisible reCaptcha
- BuddyPress Invisible reCaptcha
- Hooks to integrate Invisible reCaptcha with any plugin or custom form
Below are a few easy steps to add Google Invisible reCAPTCHA Plugin on the WordPress website.
IdeaBox – Case Study
Read how Cloudways Helped a WordPress Agency Build Better Products.
Thank You
Your Ebook is on its Way to Your Inbox.
Step 1: Install Google Invisible reCAPTCHA Plugin
To add this useful plugin to your site, log in to your WordPress Admin Dashboard, navigate to Plugins → Add New, search for Invisible reCAPTCHA for WordPress and install the plugin. Check out the following screenshot for reference:
Once installed and activated, you will see a new label Invisible reCAPTCHA under the Settings tab. You will find several settings to configure the plugin. Check out the following screenshot for reference:
Step 2: Authentication – Connect WordPress Website with Google Account
As invisible reCAPTCHA is a Google product, therefore, it first needs to be connected to your Google account. First log in to your Google account, open this link to register the website with your Google account by filling in the required fields. Check out the following screenshot for reference:
Once registered, you will get the Site and Secret keys.
Copy and Paste these keys in the plugin’s settings tab as shown in the screenshot below:
Step 3: Google reCAPTCHA Settings
The best part of this plugin is that it allows adding invisible reCAPTCHA to the most important areas of the website described above. From the left pane of the plugin, navigate to the tab that best describes your site.
Just check the fields that you require. I would suggest that you mark them all, as all of these are sensitive areas that are often subjected to abuse and attacks.
WordPress Protection Settings
WooCommerce Protection Settings
Ultra Community Protection Settings
BuddyPress Protection Settings
Custom Forms Protection Settings
Step 4: reCAPTCHA in Action
After configuring the settings correctly, you should be able to see reCAPTCHA only at the selected pages and locations. In the above example, I set the options to display reCAPTCHA on login, registration, password reset, and comment forms.
As you can see, I was not presented with the Invisible reCAPTCHA challenge because it decided that I am a human!
This is why only the logo appears at the right bottom of the page. This indicates that Google Invisible reCAPTCHA protects this page.
Google Invisible reCAPTCHA plugin allows you to reposition the badge. Not only this, but it also allows to add custom CSS code to the badge.
To remove the badge completely, you can use the below-mentioned code at the Badge Custom CSS label.
.grecaptcha-badge { display: none; }
And click on Save Changes.
P.S. I would not suggest hiding the badge, since it may violate Google reCAPTCHA’s policies, as the badge links to Google’s terms and privacy documents.
In the End
I introduced Google invisible reCAPTCHA in WordPress for controlling the spam and form abuse. To tighten the security of your website, here are some best WordPress security plugins. If you have any questions about setting up the plugin, feel free to leave a comment!
Q. How do I make reCAPTCHA invisible?
When setting up the reCAPTCHA, choose Invisible reCAPTCHA. You will receive the public and private keys that you can use to set up the invisible reCAPTCHA.
Q. What is invisible reCAPTCHA?
Invisible reCAPTCHA is an automated test that uses user behavior (mouse movement and keyboard patterns) to show the reCAPTCHA challenge only to suspicious users.
Q. Can you bypass reCAPTCHA?
Despite the security of the reCAPTCHA, they can be bypassed by using a proxy server, a VPN, or a custom-built reCAPTCHA bot that mimics the patterns of a human user.
Q. How do I know if invisible reCAPTCHA is working?
When properly installed, the users could see the reCAPTCHA icon at the bottom right (or left) of the screen.
Danish Naseer
Danish Naseer is a WordPress Community Manager at Cloudways. He is passionate about designing, developing, and engaging with people to help them. He also actively participates in the community to share his knowledge. Besides that, he loves to watch documentaries, traveling and spending time with family. You can contact him at [email protected]