April 28, 2020 by Paul G. | Blog, Features, Shield Pro, Updates

How To Use hCaptcha To Protect Against WordPress SPAM Bots

Shield Image

Update: Shield v11+ now comes with an advanced built-in bot detection feature, called the AntiBot Detection Engine, that removes the need to use any CAPTCHA on your WordPress login and comment forms.

If you run a WordPress site that has interaction with visitors, such as comments, or user registrations, you’ll be familiar with CAPTCHA.

CAPTCHA is used in the global fight against SPAM. This can be spam in the form of WordPress comments, user registrations, or anything else that asks a visitor to complete a form on a webpage

CAPTCHA can also be used to mitigate login attacks by ensuring that the user logging into a site is actually a human being. It’s easy to create a script that will perform automated logins to a WordPress site, but far more difficult when there’s a mechanism within the form to detect automated submissions – mechanisms such as CAPTCHA.

Easily the most common type of CAPTCHA in common use throughout the web is Google’s reCAPTCHA. It works quite well in most scenarios, though it isn’t perfect.

ShieldPRO has supported Google reCAPTCHA v2 (+Invisible) for several years now. But Google reCAPTCHA isn’t the only solution. A new service has been made recently available which can be used to replace Google reCAPTCHA altogether.

This new service we’re referring to is called hCaptcha, and is available for all users of Shield Security v9.0 and above.

What is hCaptcha?

In summary, hCaptcha has been designed as a drop-in alternative to Google reCAPTCHA. This means that developers can make a few simple switches and immediately replace their Google implementation with hCaptcha.

There is another interesting angle to hCaptcha, however – you can get paid to use it.

hCaptcha has positioned itself quite differently to reCAPTCHA in terms of what is does and how it handles your data, with privacy at the forefront. In-fact, it’s even GDPR and CCPA-friendly.

How Does ShieldPRO Support hCaptcha for WordPress?

With ShieldPRO 9.0 you have the option of selecting either Google reCAPTCHA v2, or hCaptcha.

In order to use hCaptcha, you’ll need to sign-up for an account with them and register your site URLs in much the same way as for Google reCAPTCHA. You can’t use the keys from 1 service with the other – they’re not interchangeable.

A benefit of choosing hCaptcha instead of Google reCAPTCHA is that you don’t need to register for separate API keys to use its invisible variant. With Google’s reCAPTCHA service, you need to create separate keys for the 2 different types.

It’s really quite simple to get up and running with hCaptcha on your WordPress site:

  • Register an account on the hCaptcha website
  • Ensure you’re running ShieldPRO 9.0 or above.
  • Copy the hCaptcha Secret Key from your Settings page into your ShieldPRO settings.
  • Add a new site to your hCaptcha control panel.
  • Copy-Paste the new site key into your ShieldPRO settings.
  • and save!

It’s really as simple as that.

Once you’ve successfully setup your hCaptcha account and stored your keys with Shield, you can go to your Comment SPAM and Login Guard modules within ShieldPRO and turn on hCaptcha form protection as you desire.

Questions, Comments or Suggestsions

We like to keep ShieldPRO current, and continue to provide you with options in how you implement your WordPress site security.

We hope that the addition of hCaptcha as a tool to enhance your WordPress security meets this criteria.

If you’ve any questions about this new feature, please drop us a message below.

Hey handsome!

If you're curious about ShieldPRO and would like to explore the powerful features for protecting your WordPress sites, click here to get started today. (14-day satisfaction guarantee!)

You'll get all PRO features, including AI Malware Scanning, WP Config File Protection, Plugin and Theme File Guard, import/export, exclusive customer support, and so much more.

Try ShieldPRO Today →

ShieldPRO Testimonials
@olviasystems's Gravatar @olviasystems

excellent plugin

Easy to setup and with minimal hassle

@jacobs5977's Gravatar @jacobs5977

Simple and effective

My clients and I have been very pleased with how easy this has been to set up, customize, and deploy.

@chadjj's Gravatar @chadjj

Great Plugin!

I love this plugin! I am a freelance web designer and I now use it for all of my clients. Perfect for securing the many websites I develop on WordPress! Works with every theme, behind the scenes to secure websites for my clients! Amazing!

@asdiauw's Gravatar @asdiauw

Мне подходит

Отличный инструмент для защиты сайта.

Leave a Comment

Your email address will not be published. Required fields are marked *

Click to access the login or register cheese