Secure your Website with a Simple Google Recaptcha
Adding Google reCaptcha is a simple but powerful way to protect your WordPress sites from brute force attacks and any possible malware.
Hackers are scouring the web 24/7 searching for unsuspecting victims in order to gain control of their websites and spread malicious code. In most cases the hackers are money motivated and want to charge site owners a fee to again safely access their information.
In extreme cases the bad actors have been known to gain control of a hosting providers entire web server bringing several sites down in the process. When things like this happen secure data like payment information, email addresses, and customer data are completely exposed and vulnerable to all types of theft.
What is a Captcha and How does it Work?
A Captcha is basically a computer program that is written to trick machines (bots) with a simple quiz that would be very easy for a human to understand but wouldn’t make any since at all to a robot or “automated script”.
Google acquired the Captcha technology back in 2009 when it was still somewhat in its infancy. At that time they were still using those annoying ass v1 captchas which made for a horrible user experience. Remember it used those random words as a challenge and you had to type it into the input box? I hated that!
So they came up with a solution, and that was the Captchas we use today called “No CAPTCHA reCAPTCHA“. This Captcha version is more stable and its actually powered by artificial intelligence and user generated responses.
I like this approach a little better, the quiz only pops up when A.I. determines the threat level is high enough to afford it.
How to Configure ReCaptcha on your WordPress site
In order to set up reCaptcha on your WordPress site you first need to install and activate a plugin called Simple Goolge reCaptcha. You can Install the plugin from your WordPress dashboard just navigate to Plugins < Add New and upload your .zip file.
Once you have the plugin activated it will automatically redirect you to the Simple Google reCaptcha settings page. You can also reach the settings page from Settings < Advanced NoCaptcha and InvisibleCaptcha from your dashboard.
Now it’s time to setup your Google API keys. To do this you need a “Public Key” as well as a “Secret Key” from Google. You can visit the reCaptcha website and click on the “v3 Admin Console” link to obtain your API keys.
After signing into your google account you’ll be taken to the page above. I recommend using the v2 settings. reCaptcha v3 is still basically a beta version so v2 is the more stable version for now. Be sure to enter you website name in the “Field Label” at the top of the page as well as the domain section. Be sure to enter your domain without the https://www.
Enter your email address in the Owners section. You can add multiple email addresses to this section if their are multiple site owners. After that check the Terms of Service section. You can also check the “Alerts” section to allow for alerts to be sent to your email anytime a threat is detected but that’s optional.
After you have everything filled out click submit and Google will generate your API keys.