Adding Google’s reCAPTCHA to your WordPress to prevent comment SPAM

Before we get into adding reCAPTCHA, let’s cover some background first in case CAPTCHA and reCAPTCHA isn’t something you’re completely familiar with. If you are already familiar with CAPTCHA and reCAPTCH you can skip to the good stuff at the heading below “How To Add reCAPTCHA To Your WordPress Site”.

So, you’ve got your shiny new website that you created with WordPress. Awesome! Now it’s time to start interacting with your audience and a great way to do so is by allowing comments on your posts. The problem is allowing comments opens you up to all that nasty spam (aka automated garbage) that interweb baddies want to leave all over your beautiful creation. So how to do you stop that? You require a CAPTCHA to post comments.  CAPTCHA stands for “Completely Automated Public Turing test to tell Computers and Humans Apart”.

In the earlier days of CAPTCHA it would require one to read some extremely distorted almost impossible to see characters from an image and put them into a field. This implementation of CAPTCHA  is ridiculously annoying. Another CAPTCHA method is to ask one to perform basic math and enter the answer into the field. Not so much annoying, but old school. Now, we can thank Google for a better method called reCAPTCHA.

reCAPTCHA on our comment form looks like this. We why included a screen shot when we could have just told you to scroll down to our comments section to see it live, who knows, but here it is for your viewing pleasure.

When you click in the box next to “I’m not a robot” you’re asked to perform the simple task of selecting images of (fill in the blank).

And that’s reCAPTCHA.


How To Add reCAPTCHA To Your WordPress Site

For the purpose of this post we’re going to assume you’re already familiar with how to use WordPress and have some understanding of plugins. If someone else set up your site for you and you’re trying to add reCAPTCHA on your own we suggest reviewing some basic WordPress tutorials first or getting the assistance of the person that set up your website.

For our reCAPTCHA we are using the plugin “Google Captcha (reCAPTCHA) by BestWebSoft”

Go to your Plugins, Add New, then enter the plugin title in the search box and install.

Adding reCAPTCHA

In our case, it’s already installed so the button in the top right reads “Active”. You should see “Install Now”.

Next you’ll want to go to your Installed Plugins and “Activate”.

Active reCAPTCHA

As you can see our screenshot says “Deactivate” because it’s already activated.

Now you’ll need to go to the settings, and this part is key. Speaking of key, the next step is registering to get your site key and secret key. (See what I did there? Yea, horrible humor.. can’t help myself.. sorry).

You’ll need to log into your Google account for this step. Click where it says “here” and log into your Google account if you haven’t already. I was already logged into Google so it took me straight to this page. My suggestion is log into Google within the same web browser on another tab before you click here. Make sure you’re using the Google account that you want associated with your website and Google Analytics (if you plan to use Google Analytics).

Here’s what you should see when you click “here” on the Google Captcha Settings page for the plugin.

Google reCAPTCHA

Copy and paste the site key and secret key into the respective fields on the settings page. Scroll down on the settings page and “Save Changes”

That’s it. At this point you should be able to see the reCAPTCHA in the comments form on your posts.

If the reCAPTCHA isn’t showing up you’ll need to do some troubleshooting.  Here is the link to the developer’s guide on what to do if the reCAPTCHA is not displayed in your comments form. Note this is more advanced and requires editing your WordPress theme’s source code. If you make an error you could, for lack of a better word, break your website.

We did need to do some troubleshooting for our website. Per the instructions at the link above, we ended up adding the following to our comments.php file to get the reCAPTCHA to show up.

<?php do_action(‘comment_form’, $post->ID); ?>

If you are comfortable doing this yourself go to Appearance then Editor. We take no responsibility if you destroy your website. Do at your own risk.

Appearance Editor

On the right side of your screen you’ll see “Comments”. Click on it.

Here’s where we added the above line to the comments.php file.

* If the current post is protected by a password and
* the visitor has not yet entered the password we will
* return early without loading the comments.
if ( post_password_required() ) {

<?php do_action(‘comment_form’, $post->ID); ?>

<div id=”comments” class=”comments-area”>

Again, perform at your own risk. Click “Update File”. If that was the issue you should now see the reCAPTCHA as part of your comments form.

Leave a Reply

Your email address will not be published. Required fields are marked *