Stop Spam From Contact Forms On WordPress
If you haven’t noticed yet, I usually write about these things when I’m doing them. My employer asked me to stop spam from contact forms on WordPress, so of course I used reCAPTCHA.
So today was another amazing day of working really hard to grow in my career. On the daily I have many tasks I must try to complete. Some of them more easy to do than others, and I prioritize many of them by importance. However, every once in a while I get a task that may be seemingly unimportant to the overall goal (advancing the business online) but is still really necessary. Anyone who has ever dealt with spam, can attest that it isn’t something you want to deal with in bulk.
One of the downsides to your website growing (yes it isn’t all just peaches & cream) is the influx of spam. Sometimes stopping spam is not that easy! Bots are getting better at tricking a lot of methods like honeypots, math questions, etc. However, Google’s reCAPTCHA service is a modern, more user friendly way to start combating the spam. According to Google:
It uses advanced risk analysis techniques to tell humans and bots apart. With the new API, a significant number of your valid human users will pass the reCAPTCHA challenge without having to solve a CAPTCHA.
Sounds pretty fancy to me 🙂 So everyone knows I love Google products and I love things that are new so it was a no brainer that this would be my go-to. Here are the steps that I took for my employer (duplicated on my own site) to stop spam from contact forms on WordPress.
Get Contact Form 7
I hope that you have been using Contact Form 7 as your form plugin. I simply love this plugin for forms! At first glance you may find it too light-weight for what you need, but really it can get the job done and be extended like any of the other plugins. I use this form plugin for almost every website I build unless the form needs to be ultra complicated, then I may consider something else. With Contact Form 7 you can integrate Googles reCAPTCHA in like literally 2 minutes.
The First Minute of Integration: Getting an API Key
From your WP Admin head to Contact then to Integration.
WP Admin > Contact > Integration
From there you will get a message saying you need to get an API key from Google to use reCAPTCHA. So head over to our friends at Google. Then hit the blue button that says “Get reCAPTCHA.”
Next you will see this set of options:
Label: Can be anything you want it to be, but try to make it descriptive so you remember what it is linked to if need be.
Then enter in all the domains that will be used for this reCAPTCHA API and accept the terms and hit register. There are 2 pieces of information that you need to retrieve in order to integrate with Contact Form 7: The site key and the secret key.
The Second Minute of Integration: Add Keys to CF7
From your WP Admin head to Contact then to Integration, again. This time hit the button that says “Configure Keys.”
WP Admin > Contact > Integration > Configure Keys
Enter in both your keys and hit save. Then navigate to the contact form that you want to add reCAPTCHA to.
WP Admin >
Contact > Contact Forms > Edit > Form
Select to add the reCAPTCHA shortcode to your form.
Configure a few options, and hit insert tag. Save your forms and you now have reCAPTCHA installed.
Only took you 2 minutes to stop spam from contact forms on WordPress
Well that was easy enough right? If you have any questions feel free to contact me, but unfortunately I must be going now. I have a lot of work to do tonight, including optimizing a YouTube channel. I am very excited about this actually and I am sure that my next blog post will be on how did it.