Knowledgebase: Applications
HOW TO: add CAPTCHA protection to your WordPress site
Posted by on 06 September 2018 11:54 AM

CAPTCHA is an effective tool that you can use to prevent your contact forms from being used by automated bots, sometimes called spambots, to post spam on your site. CAPTCHA protection works by displaying an image containing text on each contact form. Users need to type the displayed CAPTCHA text before they can submit the form. Because automated bots are unable to read and type the text displayed in the CAPTCHA image, they can’t use your forms to generate spam.

There are two steps you need to complete to add CAPTCHA protection to your WordPress site:

  1. Install and activate a CAPTCHA plugin.
  2. Choose your CAPTCHA settings.

There are several CAPTCHA plugins available for WordPress. In this example, we’re using the SI CAPTCHA Anti-Spam plugin, but you are free to choose a different plugin. The procedure for installing, activating, and configuring another plugin may be different. Refer to the plugin’s documentation for more information.

Installing and activating the CAPTCHA plugin

Log in to your WordPress Dashboard as admin. Click Plugins Add New.

In the Keyword search box, type captcha. Several available CAPTCHA plugins are displayed in the search results. In this example, we’re installing the SI CAPTCHA Anti-Spam plugin. Click Install Now. The Install Now button changes to Installing.

When the installation is complete, the button displays Activate. Click Activate.

The plugin is now active and appears in the Installed Plugins list in your WordPress Dashboard.

Choosing your CAPTCHA settings

Now that the plugin is active, you can choose the types of forms that will be protected by CAPTCHA. You can also change the messages that are displayed with your CAPTCHA.

In your WordPress Dashboard, click Plugins Installed Plugins SI Captcha Options.

After you install CAPTCHA, it is automatically enabled on comment, registration, and lost password forms. Because these are the types of forms most often targeted by automated bots, we recommend that you leave these default settings in place.

There are two other default settings that you may want to change:

  • Login form – CAPTCHA protection is not automatically enabled on the login form. Because login forms require a valid username and password, they are not usually targeted by spambots and don’t need CAPTCHA protection. However, if you are concerned about brute force attacks on the login page or suspect that your site users’ usernames and passwords have been compromised, you can enable CAPTCHA on login forms for additional protection.
  • No comment form CAPTCHA for logged in users – This setting is automatically enabled and means that registered site users who are currently logged in, and therefore have already successfully entered their usernames and passwords, do not see a CAPTCHA on the comment form. To maximize protection on your comment forms and require CAPTCHA for currently logged in users, disable this setting.

Changing settings

When you’re finished choosing your form types and making any changes in the Options and Error Messages sections, click Save Changes.

For more information about a setting, click help.

That’s it! CAPTCHA is now protecting your WordPress site from spambots.

(1 vote(s))
Not helpful

Comments (0)
Copyright © 1998 - 2021 Shinjiru International Inc. All Rights Reserved.