马来西亚云服务

// Call the Google reCAPTCHA verification API on the login form page function login_style() { wp_register_script('login-recaptcha', 'https://www.google.com/recaptcha/api.js', false, NULL); wp_enqueue_script('login-recaptcha'); } add_action('login_enqueue_scripts', 'login_style'); // Add Google reCAPTCHA to the login form page function add_recaptcha_on_login_page() { echo '<div class="g-recaptcha brochure_form_captcha" data-sitekey="INSERT_YOUR_SITE_KEY_HERE"></div>'; } add_action('login_form', 'add_recaptcha_on_login_page');

For the WordPress Comment Form:


// Add CAPTCHA on a WordPress post’s comment form
function add_google_recaptcha_to_comment_form() {
    echo '<script src="https://www.google.com/recaptcha/api.js" async defer></script>';
    echo '<div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY"></div>';
}

function verify_google_recaptcha_comment($commentdata) {
    $recaptcha_response = isset($_POST['g-recaptcha-response']) ? $_POST['g-recaptcha-response'] : '';
    $response = wp_remote_post(
        'https://www.google.com/recaptcha/api/siteverify',
        array(
            'body' => array(
                'secret' => 'YOUR_SECRET_KEY',
                'response' => $recaptcha_response,
            ),
        )
    );
    $data = json_decode(wp_remote_retrieve_body($response));
    
    if (!$data->success) {
        wp_die('reCAPTCHA verification failed. Please try again.');
    }
    
    return $commentdata;
}

add_action('comment_form', 'add_google_recaptcha_to_comment_form');
add_filter('preprocess_comment', 'verify_google_recaptcha_comment');

This version keeps the login form reCAPTCHA and the comment form reCAPTCHA code separate. Make sure to replace the placeholder keys in each section with your actual Google reCAPTCHA site key and secret key.

Remember, these code examples are to show you how things work. Your WordPress might need a little tweak based on its version and setup.

Registering Your Website to Get reCAPTCHA API Keys

To set up WordPress reCAPTCHA on your website, follow these simple steps:

Go to the WordPress website using the ‘register your domain’ link.
Sign in with your Google account.
On the ‘Register a new site’ page, provide essential information.
Type your website or a name of your choice in the ‘Label’ field for easy identification.

Adding a New Site to Google reCAPTCHA

Select the ‘Challenge (v2)’ radio button to add the reCAPTCHA checkbox.
Choose ‘I’m not a robot Checkbox’ from the options.
Scroll down to the ‘Domains’ textbox.
Add the website domain name where you want to add the WordPress reCAPTCHA checkbox.
You can also add multiple domains or subdomains by clicking the plus (+) icon to use the duplicate API keys on different websites.

Add Domain and Email to reCAPTCHA Site

After you’ve completed the form, just click the ‘Submit‘ button to register your site. Google reCAPTCHA will show you a success message with the page’s site and secret keys. You can use these API keys in the plugin settings on your WordPress website.

Copy Site and Secret Keys

Adding reCAPTCHA to a WordPress Comment Form

Now, go to your website’s Advanced WordPress reCAPTCHA page in your admin area. You’ll see two special keys there: a site and secret keys. Copy these keys.

Paste the Site Key and the Secret Key

Then, tick the option that reads ‘Enable for Comment Form.’ This will guarantee that the reCAPTCHA technology protects your online presence from spam on pages where visitors may comment, such as the login, registration, forgotten password, and comment form. Ticking or unchecking the boxes next to each option lets you select which pages to protect.

After making your selections, remember to click the ‘Save Changes‘ option at the bottom of the page. This will preserve your preferences and enable reCAPTCHA.

So you’re done! You have successfully enabled reCAPTCHA on your WordPress comment form. You may now check the comment area of your blog articles to verify whether it is functioning to protect your site from spam.

Comment reCAPTCHA Preview

Enable WordPress reCAPTCHA for the Login Form.

If you’re utilizing User Registration, you may quickly add a CAPTCHA to your login form instead of generating a new one. Navigate to User Registration >> Settings, then Login Options, Enable Captcha, and Save your changes. This will help secure your website’s login form.

Additional Login Options

More Ways to Combat Comment Spam in WordPress

Aside from reCAPTCHA, you may employ various ways to manage spam comments on your website. First, activate comment moderation, which allows you to monitor and approve comments before they appear on your website. Consider utilizing the Akismet plugin to automatically identify and filter common spam comments from a worldwide database.

Comment Must Be Manually Approved

For added security, the premium Sucuri plugin can block suspicious requests before they even reach your site, preventing automated bots from posting comments. This plugin is highly recommended for all our websites.

Another effective tool is the Antispam Bee plugin, which allows you to set rules for trusted users and immediately mark suspicious comments as spam. These rules can include criteria like whether the commenter is approved or has a Gravatar image associated with their account.

How to Fix reCAPTCHA Not Working in WordPress?

If you’re having problems with reCaptcha, there are a few things you can do to determine the problem and solve it.

1. Invalid Site Key

Using the correct site keys is essential when connecting your WordPress site to Google reCAPTCHA. If you see a message like “ERROR for site owner: Invalid site key,” it means there’s an issue with the keys you’re using.

Here’s what might have happened:

The keys were copied incorrectly from Google reCAPTCHA.
The keys were accidentally deleted from your Google reCAPTCHA account.

invalid site key

To solve this problem, ensure you have the correct keys in your WordPress reCAPTCHA settings. Check the keys you got from Google reCAPTCHA API and ensure they match those you put in your LoginPress reCAPTCHA Site and Secret key fields.

2. Error for site owner: invalid domain for site key

When you see this message, the website address you added to the v3 Admin Console must be corrected. Here’s how you can fix it:

Log into the Admin Console.
Look for the Domains setting.
Edit your website address.
After editing, return to your WordPress form and refresh the page.

This adjustment ensures your website is connected correctly and optimized, potentially boosting its visibility on Google.

Error for site owner: invalid domain for site key

3. Plugin Conflicts

eCAPTCHA is a tool often used in WordPress websites through additional plugins. However, these plugins can sometimes clash, causing reCAPTCHA to stop working.

A plugin conflict occurs when two or more plugins share the same JavaScript or CSS stylesheets. When this happens, reCAPTCHA might not work correctly, and problems might appear in the browser console.

To start, deactivate any other plugins that perform functions identical to reCAPTCHA. If turning off a plugin resolves the issue, you may reactivate the other plugins individually to determine which is creating the conflict.

4. Recaptcha validation failed

Have you ever noticed the error message ‘reCAPTCHA validation failed‘? This can happen if you enable both v2 and v3 reCAPTCHA simultaneously. To remedy this, choose V2 or V3 and turn the other off. The problem should be fixed after you’ve selected and removed the other kind.

Login No Captcha reCAPTCHA

A WordPress plugin, Login No Captcha reCAPTCHA, improves security by including a Google No Captcha ReCaptcha checkbox in your user registration, login, and lost password pages for WordPress and WooCommerce. This is how it works.

Enhanced security: The plugin incorporates reCAPTCHA to prevent automated bots from gaining access to your registration and login forms. It requires human users to check a simple box to log in.
User-Friendly: While it strengthens security, it remains accessible for legitimate users. Instead of completing complex challenges, users merely check the box to show they are human.
Tough on Bots: Google describes its strategy as “tough on bots, easy on humans.”

Testing reCAPTCHA On WordPress Website

Let’s focus on testing reCAPTCHA in WordPress.

Functional Testing

Check that reCAPTCHA shows appropriately on your forms (such as login, registration, and contact forms).
Ensure that users can complete the reCAPTCHA challenge.
Examine both the checkbox-based visible reCAPTCHA and the background-running invisible reCAPTCHA.

Cross-Browser Testing

Check how reCAPTCHA behaves across browsers (Chrome, Firefox, Safari, Edge).
Ensure consistent functionality and appearance.

Form Submission Testing

Submit forms with incorrect reCAPTCHA responses to verify error handling.
Confirm that valid submissions proceed without issues.

Security Testing

Test reCAPTCHA’s effectiveness in blocking automated bots.
Monitor logs for any suspicious activity.

Conclusion

WordPress reCAPTCHA is a handy tool for keeping your website safe from robots and bad bots. It ensures that people visiting your site are real humans by using tests like clicking a checkbox or watching how they use the computer. There are different ways to add reCAPTCHA to your WordPress site, like score-based checks or invisible badges.

This helps protect your site from spam and abuse while keeping it easy to use for real visitors. Plus, it’s free and easy to set up with a plugin. Using reCAPTCHA, you can spend more time helping real people and less time dealing with fake users.

Kaif