Now that we have added a contact form to our Professional Services WordPress website we need to add some spam protection.
Contact Form Spam Protection
The problem can be that anybody can come along and fill this out. In fact, spam bots can come along and fill these out and they do. So that’s why we need Google’s Invisible Recaptcha program.
You just need to keep in mind that this doesn’t prevent somebody trying to contact you through the form personally for purposes that you don’t care about. For example, I get offers all the time to get SEO consulting. Somebody will fill this form out and say that they’ve found SEO errors on my site and they’d like to consult with me and show me how to fix that. There is nothing you can do about that kind of email because it’s a real person doing it.
However, this does take care of all the rest of the spam. As I said the plugin is called Invisible Recaptcha. Let’s install it now. Come back over to Plugins and Add New. We’re going to search for Google Invisible Recaptcha. And that’s it, this one. And let’s install it.
Agility Skin Compatibility
Now this plugin doesn’t actually work with all Thesis skins because of the way Thesis does their comment forms. However, Agility has been modified so that you can use this Invisible Recaptcha plugin with it. And I will be releasing a box so that you can you this with any Thesis skin simply by instilling the box. For the time being this is a terrific tool but it only works in Thesis with Agility Skin 3.2.
What’s Special About Invisible Recaptcha
Now the other thing to say about this is this is not the typical recaptcha program. It is an invisible recaptcha which means that after it’s been tuned up a little bit by a handful of people filling out the form it no longer shows up on the site unless it believes that the person filling out the form is a bot.
It’s not like these recaptchas that mess with everybody. It’s a nice simple one and it eventually learns enough about the system that it no longer challenges somebody unless it really believes they are not a live human being.
Get the API Key
So now that we’ve got that installed we actually have to get an API key for it. We need to search for invisible recaptcha api and then you can just get it right here. If this is your first time you would go ahead and sign up here.
It just means that you sign in with your email address. We could do that here. So you’re signing up for the beta and in this case we’ll say this is “tutorial site” and the domain is thesis.byobwebsite.com. I’m enable invisible recaptcha on the site and I’m going to accept the terms of service. I’m going to send alerts to the owner which in this case is me. Hit register.
Site Key and Secret Key
Now I’ve got a site key and a secret key. Copy the site key first and put that in. Then copy the secret key. If you’re not careful you end up copying too much stuff, we don’t want that space, and then the key doesn’t register.
You can let it automatically detect the badge. Bottom right I think is fine in this situation. If you wanted some custom CSS for that badge you could put it there but all we have to do now is hit save changes.
Add the Spam Protection to the Form
Now we can come over here to WordPress and let’s add the protection to the login form, to the registration form, to comments form and to the password. Save that and then come down here to contact forms and we’ll enable Contact Form 7 and hit save.
It can take a few minutes for the recaptcha to actually fire up but there it is. Now that we’ve got that let’s fill out a contact form so we can see it in action. So, let’s fill it out. Subject: test email, test content. Hit please contact me. First it said that there was an error and then this recaptcha thing kicked in and it said “thank you, your message has been sent”. And it didn’t even require a challenge probably because I’m logged in.
In any case that’s how simple it is. And it also works for your comments so that when somebody fills out a comment form the captcha makes sure that it’s a real human being. So between the captcha and that list of comment words that I gave you last time you’ll pretty much knock out every non human attempt to use the form and comment.