Adds a Google No Captcha ReCaptcha checkbox to your Wordpress and Woocommerce login, forgot password, and user registration pages.
Adds a Google No Captcha ReCaptcha checkbox to your WordPress and Woocommerce login, forgot password, and user registration pages. Denies access to automated scripts while making it easy on humans to log in by checking a box. As Google says, it is “Tough on bots, easy on humans.”
Install as normal for WordPress plugins.
Many Worpdress sites are bombarded by automated scripts trying to log in to the admin over and over.
The No Captcha is a very simple, Google-supported test to quickly deny access to automated scripts. It is great by itself to instantly make your WordPress site more secure, or can be used with other plugins (like Google Authenticator, Limit Login Attempts, etc.) as part of a defense-in-depth strategy.
I’ve gone to great lengths to try to make sure this plugin is easy to use and install, that it is compatible with different WordPress configurations, supports multiple languages, and that you won’t accidentally lock yourself out of the admin by using it. I use it myself on my own sites as well. So far, it just works.
Probably not. Many custom login form plugins do not call the standard login_form action hook from their login forms, making it impossible to correctly render the captcha after the password prompt. For this reason, this plugin only supports the default wp-login.php and WooCommerce forms. Many such plugins do offer captcha fields (sometimes as a paid upgrade). This plugin tries to do just a few things well.
No. This plugin is designed to thwart automated hacking attempts, not prevent comment spam. Most good comment plugins have their own spam prevention methods. This plugin tries to do just a few things well.
No. This plugin is designed to thwart automated hacking attempts, not prevent spam from custom forms. Most good custom form plugins have their own spam prevention methods. Many of them support a CAPTCHA field already. This plugin tries to do just a few things well.
Yes, please. Submit pull requests on github.
Please see this page for help from Google.
The reCAPTCHA plugin will not prevent the attempt of brute force attacks, rather it will simply ensure that they do not succeed. That is, scripts may still attempt direct POST attacks against /wp-login.php, but without the correct reCAPTCHA data, they will not go through (even if they have guessed the login and password correctly). To prevent repeat attempts against /wp-login.php, consider using a plugin that limits login attempts in conjunction with this one. Other approaches, such as a web application firewall should also form a part of your complete defense-in-depth strategy.
https://www.google.com/recaptcha/intro/index.html
This plugin is not affiliated with or endorsed by Google in any way. Google is a registered trademark of Google, Inc. By using reCAPTCHA you agree the terms of service set out by Google. The author provides no warranty as to the suitability to any purpose of this software. You agree to use it entirely at your own risk.
1.7.2 =
1.7.1 =
1.7 =
– Display information about the security implications of using the whitelist feature