What is Google reCAPTCHA?
The Google reCAPTCHA to WordPress is a safety mechanism created and provided by Google. This mechanism can validate whether a user of your site is in fact a human or a robot. In this way, it manages to prevent robots from performing certain actions on your website, such as: performing registration, logging in, sending Spam messages, among others.
Although it sounds simple, it is an extremely powerful defense mechanism that can increase your website’s security!
Generally, reCAPTCHA is used on the website in more sensitive moments of navigation. For example: to fill in forms, register, login, send messages, make purchases in e-commerce, access social networks, among others. That is, at times when it is essential to ensure that the action is performed by a human, not a robot.
How does Google reCAPTCHA on WordPress work?
Overall, reCAPTCHA represents a new layer of protection for your website that adds some steps to verify the authenticity of a user’s navigation. When performing the actions required by Google reCAPTCHA on wordpress, without errors, and with success, then it means that the navigation is being performed by a Human!
Below, in the image, you can see an example of verification that reCAPTCHA adds:
In the image above, reCAPTCHA requires the user to select the image blocks that contain something specific. If the user manages to select the correct blocks, it means he is a human! In some cases, there may be more than one step.
Another example of reCAPTCHA that requires fewer steps, and is probably the most common one today, is like the image below:
In this example, the user would simply check the checkbox above, and then he would be validated as a human.
Both of the above examples consist of user actions directly with reCAPTCHA, through visual challenges. These options are especially related to the version of reCAPTCHA v2.
However, reCAPTCHA also has a more relaxed version, where it performs a series of hidden tests automatically, generating a score, and thus defining whether the behavior of that user is human or if it is suspected of being a machine. This option is available through reCAPTCHA v3.
How to install reCAPTCHA on WordPress
Now that you know what Google reCAPTCHA on wordpress is and what it does, let’s go to the step-by-step tutorial to get it on your site! It is noteworthy that, despite being simple, it is necessary to go through some steps.
The first step is to generate a reCAPTCHA Google Usage Key. After this step, we will install reCAPTCHA on WordPress, where we will use the plugin “reCaptcha by BestWebSoft”.
1st Step – Generate a Usage Key
To use Google reCAPTCHA on wordpress or application, you need to generate a Google reCAPTCHA key. That is, a key to use Google reCAPTCHA.
First, go to the GoogleReCAPTCHA Administration Configuration site and log in with your Google account, such as your Gmail account. If you don’t already have it, just create it.
If this is your first time logging in, you will likely be redirected to the page to create your key. Otherwise, click on the create option, that is, on the “+” sign.
On the key creation page, define a tag, that is, a name to identify this key. In our example, we use the name “ Example Site ”. Then select the version of reCAPTCHA you want to use. Although there is the v3 option, we recommend that you use the reCAPTCHA v2 option. Therefore, when selecting the v2 option, also select the verification type.
Later, enter the domains where you will include these reCAPTCHA keys. It is noteworthy that you must enter only the domain, without the HTTP:// or HTTPS://. For example “example.com.br”. If you want to use it also in localhost, add the domains: 127.0.0.1 and Localhost.
Also, define the owners of these keys. By default, you will already be selected. If you are the sole owner, just skip to the next step. Now read and agree to the terms of use. You can later select whether you want to be informed of threats, this is an optional choice.
Finally, on the next screen, you will receive two keys, Site Key and Secret Key.
These are your keys, which will be used to include the reCAPTCHA on your website.
Step 2 – Install plugin to include Google reCAPTCHA in WordPress login
To include reCAPTCHA in our WordPress in a simple way, let’s use the plugin “reCaptcha by BestWebSoft”. Although there are several plugins on the WordPress marketplace, we like and recommend BestWebSoft’s because it’s simple and constantly updated.
It is noteworthy that other plugins also perform this process or that have integration with reCaptcha. Wordfence itself, a security plugin widely used in WordPress, can include the steps of Google reCaptcha. If you use WP Forms, you can also enable Google’s CAPTCHA through it.
Anyway, several plugins currently allow you to integrate with reCAPTCHA. But, in this tutorial, we used the “ reCaptcha by BestWebSoft ” plugin because it is more generic, simple, and objective. However, most plugins involving integration with reCAPTCHA consist of steps very similar to what will be presented here.
To install a new plugin, go to the WordPress Admin Panel side menu, and in the plugin, options select add new.
Afterward, search for the plugin “reCaptcha by BestWebSoft” in the plugin bar and search.
After that, locate the plugin and click on the “Install” option.
Finally, after the installation is complete, click on the “activate” option.
There, the plugin reCaptcha by BestWebSoft is already installed and activated. However, we still need to configure it.
Read more: How to Change WordPress Login Page URL
3rd Step – Configuring the plugin “reCaptcha by BestWebSoft”
Now that we have installed and activated the plugin “reCaptcha by BestWebSoft”, a new option will appear in the WordPress side menu. So select option ReCaptcha > Settings.
On this page, just add your site key and your secret key, obtained in the 1st step of this tutorial, and select the version of reCAPTCHA that you registered the key for. Also, select the options you want to include Captcha. Therefore, select the “Login form” option to keep reCAPTCHA in your WordPress login.
In addition, you can also select other options as you like. Below these options, you can perform other settings, integrate with other plugins, but you can skip this step for now.
Finally, just click on “Save changes” and your site will be configured with Google’s CAPTCHA!
To take the test, just log out of your account and try again to log in to the WordPress Administration panel! Okay, now it should have Google reCAPTCHA included in the WordPress Login.
Conclusion
Every day, we realize that Cyber security issues are sorely needed. Obviously, as technology advances, we have more and more security solutions for our applications!
Here in this tutorial you got to know Google ReCAPTCHA on wordpress and learned how to include it in your WordPress login. And all this simply and quickly.
However, despite being more secure, it does not mean that you are free from attacks. Therefore, it is very important that you are aware and aware of other security measures to further enhance your WordPress defense.
For website maintenance service contact us.