Back to Top

Better WordPress reCAPTCHA (support Akismet and Contact Form 7)

Better WordPress reCAPTCHA (support Akismet and Contact Form 7)

This plugin utilizes the popular anti-spam library, reCAPTCHA, to help your blog stay clear of spams. This plugin can also integrate with Akismet.

In the 21th century, spamming could be one of the most annoying problems for a website. Especially if you use some publishing platforms like WordPress, your blog WILL be spammed and no default methods will save you from such nightmare. This plugin utilizes the popular anti-spam library, reCAPTCHA, to help your blog stay clear of spams (especially when you integrate it with Akismet). Unlike the current WP-reCAPTCHA plugin, this one has a different approach and allows you to customize how the captcha looks using CSS.

Plugin Features

  • Add reCAPTCHA to comment form, login form and user/blog registration pages (especially useful for a Multi-site installation)
  • Add reCAPTCHA to Contact Form 7′s forms intuitively.
  • Hide reCAPTCHA for qualified visitors
    • Registered Users (even with no capabilities needed)
    • Authorized Users (users who have some capabilities, you can extend the default list)
    • Visitors who have at least a required number of approved comments
  • Choose how the plugin reacts when an answer is wrong or empty
  • Choose between 4 default themes or create your own (sample CSS and images provided)
  • Choose a language you prefer, possibility to add more language if needed
  • Option to load media files (CSS, JS, etc.) only when needed
  • Possibility to integrate with Akismet, allowing better protection against spam and better end-users experience, i.e. “only force a CAPTCHA when a comment looks like spam”.
  • WordPress Multi-site compatible (you can set different key pair for each site or use a single key pair for all sites).
  • WordPress 3.8 compatible
  • And more…

Plugin Usage

Add reCAPTCHA to your comment form

Depending on your theme, there are two ways you can add reCAPTCHA to your comment form.

Themes that use comment_form() function

The comment_form() function1 that comes with WordPress 3.0.0 is a neat function that outputs a comment form for a theme hassle-free. If you have updated to WordPress 3.0.0, you should see this function in action in Twenty Ten theme’s comments.php.

For themes that use this function, you do not have to do anything, after plugin activation the reCAPTCHA will show when and where appropriate. The only limitation is, with the default comment_form() function, you can not add the CAPTCHA below the comment textarea; the reason is there is no default hook there for this plugin to use. Well, in fact, there is one, but it is not suitable for displaying complicated HTML output needed by the custom theme.

As of 1.0.1, you will be able to put reCAPTCHA below the comment textarea, but you will have to replace the default comment_form() template function with this (in comments.php):

  1. if (function_exists('bwp_capt_comment_form')) {bwp_capt_comment_form();}
if (function_exists('bwp_capt_comment_form')) {bwp_capt_comment_form();}

bwp_capt_comment_form() will happily accept the same arguments that comment_form() would accept, namely $args and $post_id.

Themes that do not use comment_form() function

Although this might seem a little more work for you, it is actually better. You are given more freedom to create your comment form, instead of relying on a whole bunch of filters and such. Not many themes have comment_form() added by default anyway, or if you are using a custom theme of your own, adding one more line should not trouble you, should it ;)?

All you have to do is to add this line: <?php do_action('bwp_recaptcha_add_markups'); ?> to comments.php, at the position where you want the CAPTCHA to appear. You should position it at least before the submit button, otherwise it wouldn’t make any sense. Note that you should position the above line outside of any if tag that checks if the user is logged in, this is to ensure the CAPTCHA will be shown even for registered users. Simply put, just put it right before or right after the comment textarea and you are fine.

Add reCAPTCHA to other WordPress forms

reCAPTCHA can also be added to WordPress Login Form (disabled by default), User Registration Form and User/Blog Registration Form (Multi-site installation). Simply go to BWP reCAPT > General Options and enable appropriate settings.

Customization

Custom styling

This plugin comes with 4 default themes provided by reCAPTCHA itself and a custom theme you can customize. By default, the custom theme will look like this:

Custom Theme Demo

Custom Theme Demo

If you don’t like such design, you can change its look by disabling the CSS provided by this plugin (option in configuration page) or using filters to override or replace it:

1. For comment form: enqueue your additional CSS with bwp-capt as its parent, like so: wp_enqueue_style('your-handle', 'url-to-your-css', array('bwp-capt'));

2. For registration page: replace the default CSS by placing this in your theme’s functions.php or any file you find suitable:

  1. add_filter('bwp_capt_reg_css', 'your_function_that_returns_css_url');
  2.  
  3. function your_function_that_returns_css_url($theme)
  4. {
  5.     return $url;
  6. }
add_filter('bwp_capt_reg_css', 'your_function_that_returns_css_url');

function your_function_that_returns_css_url($theme)
{
	return $url;
}

Note the $theme variable added as a parameter for the callback function, it lets you know what theme you are using, allowing to style the registration box correctly for each theme. For example the “clean” theme is very wide so your login box should be styled wider, too. Possible values of the $theme variable are ‘clean’, ‘red’, ‘white’, ‘blackglass’, and ‘custom’.

Now what if you don’t even like the HTML markup I provide? Simply override this function bwp_capt_custom_theme_widget() (to locate the function, open this plugin’s folder and find the file includes/class-bwp-recaptcha.php, that function should be right at the top) . You are free to add any markup, but refer to this documentation (section Custom Theming) to know what is required. Even though this is called custom theme, you can of course change the theme property of RecaptchaOptions object to any default theme, and then add any other necessary markups if you need.

Custom language (updated)

By default, this plugin only provides 8 languages (which are the default languages of reCAPTCHA anyway) but you have the option to add more than that.

You can use custom languages for both default themes and custom theme, refer to this dedicated tip for more details.

Custom Capabilities

If you choose to hide reCAPTCHA for authorized visitors, you must choose which capability allowed to bypass reCAPTCHA. By default you can choose between users who can Read profile (subscriber) or users who can Manage Options (admin). To extend those capabilities, you just need to add a filter, like so:

  1. add_filter('bwp_capt_bypass_caps', 'bwp_add_custom_caps');
  2.  
  3. function bwp_add_custom_caps()
  4. {
  5.     $custom_caps = array(
  6.         'Capability title' => 'capability'
  7.     );
  8.     return $custom_caps;
  9. }
add_filter('bwp_capt_bypass_caps', 'bwp_add_custom_caps');

function bwp_add_custom_caps()
{
	$custom_caps = array(
		'Capability title' => 'capability'
	);
	return $custom_caps;
}

Capability title can be anything you see fit, but capability should be identical to capabilities provided by WordPress. You can find a list of capabilities here: Roles and Capabilities.

Contact Form 7 Integration

As of BWP reCAPTCHA 1.1.0, you can add a BWP reCAPTCHA tag to any Contact Form 7′s forms easily without the need of an integration plugin.

Please refer to this dedicated how-to for more details.

Akismet Integration

One of the feature that distinguishes this plugin is the ability to integrate with Akismet, i.e. only show reCAPTCHA when the user has posted something considered spam by Akismet. I try to design this plugin in a way that considered spam comments would never be added to the database unless the user successfully completes the CAPTCHA. The benefit is you don’t have to examine a long queue of spam comments to identify which one is a false positive. You also got to choose what type of action you would like to take when CAPTCHA response is correct:

  • Approve the comment immediately
  • Hold the comment in the moderation queue
  • Put the comment in the spam queue

The benefit of the third option is Akismet can learn from the mistake if you approve the comment. Although reCAPTCHA is a very powerful CAPTCHA, there is no guarantee that it will protect you from 100% of spam (with the recent rumor saying that reCAPTCHA has been cracked, this option could be in great consideration, don’t you think ;)?)

The integration is disabled by default and when you enable it, be sure to activate Akismet as well for the integration to work. Akismet is one of the plugins that are included within the core WordPress package, all you need is an API key, which you can signup for free here: Akismet API key.

Important Notes

- According to some reports by reCAPTCHA users, it appears that reCAPTCHA has been cracked (I do notice spam registrations on one of my forums recently.) If you have used reCAPTCHA before, you should notice some changes in their image captcha (probably to fight the new spam bots?). Although such incident may affect this plugin, you can choose to integrate with Akismet, and hopefully your blog will still be clear of spam! I may update this if there’s something new from Google (FYI, Google is the company that owns reCAPTCHA).

- No MailHide facility. This plugin does not provide MailHide’s functionality, simply because I want to keep code size to a minimum for the first release. It will be added in future versions, if enough requests are received.

To-do List

  • Add https option (1.1.1)
  • Add support for other 3rd-plugins such as BuddyPress (1.2.0)
  • (planned) Add more built-in capabilities (if requested)
  • (planned) Allow more message control
  • (idea) Allow hiding a part of post content using reCAPTCHA
  • (This section is open for feature request)

Hook References

  • bwp_capt_bypass_caps – Used to replace the default capabilities (filter)
  • bwp_capt_reg_css – Used to replace CSS file for registration page (filter)
  • bwp_capt_before_add_captcha – Used to add custom markups before the CAPTCHA is shown (action)

Contribute to this Plugin

This plugin is licensed under GPL version 3, and it needs contributions from the community.

Buy me some special coffees!

My plugins and support for them are free. If you like my work and could buy me some (special) coffees, I would be much appreciated! They might help with some overnight times debugging my plugins, you know.

Support, Feedback, and Code Improvement

i18n (Translate the plugin)

If you are a translator, please help translating this plugin. Even if you aren't, you can become one, it is very easy and fun! If you want to know how, please read here: Create a .pot or .po File using Poedit.

References

  1. http://codex.wordpress.org/Function_Reference/comment_f ... mment_form []
Elegant Themes - Designed with Modest Elegance
Print Article Watch Log