Trusted WordPress tutorials, when you need them most.
Beginner’s Guide to WordPress
WPB Cup
25 Million+
Websites using our plugins
16+
Years of WordPress experience
3000+
WordPress tutorials
by experts

How to Easily Add reCAPTCHA to WordPress Comment Form

Spam comments are the worst. They are like having uninvited guests scribble nonsense all over your beautiful website.

But don’t worry, you don’t have to turn off comments entirely and miss out on genuine user engagement. There’s a way to keep those spammers at bay: reCAPTCHA.

You can think of reCAPTCHA as a security guard for your comment section. It uses clever puzzles and challenges to make sure that only real people, not bots, can leave comments on your posts.

In this guide, we’ll show you how to easily add reCAPTCHA protection to your WordPress comment form, so you can get back to enjoying real conversations with your readers.

How to Add reCAPTCHA to WordPress Comment Form

What Is Google reCAPTCHA?

Comment spam is a problem on many WordPress websites. Akismet, the popular spam filtering service for WordPress, blocks about 7.5 million spam comments every hour.

reCAPTCHA is one of the best ways to fight it. reCAPTCHA is an advanced form of CAPTCHA that can distinguish between robots and human users. In fact, CAPTCHA is an acronym for ‘Completely Automated Public Turing Test to Tell Computers and Humans Apart’.

Google acquired CAPTCHA technology in 2009 and then later rebranded it as reCAPTCHA. They also made it easier for human users to easily pass the test.

To pass the test, users are required to click a checkbox indicating they are not a robot. They will either pass right away or be presented with a set of multiple images where they will need to click on matching objects.

New recaptcha

Google has made reCAPTCHA publicly available so that website owners can use it on contact forms, login pages, and comment forms to reduce spam.

It is also super easy to set up and add to WordPress comment forms.

With that said, let’s see how to easily add reCAPTCHA to a WordPress comment form with step-by-step instructions.

Installing a WordPress reCAPTCHA Plugin

The first thing you need to do is install and activate the Advanced Google reCAPTCHA plugin. You can see our step-by-step guide on how to install a WordPress plugin for detailed instructions.

Upon activation, you need to visit the Advanced Google reCAPTCHA page to configure the plugin’s settings.

The Advanced Google reCAPTCHA Settings Page

The plugin will ask you to provide Google reCAPTCHA API keys. You can create these keys for free from the official reCAPTCHA website by clicking the ‘register your domain’ link at the top of the screen.

Registering Your Website to Get reCAPTCHA API Keys

The ‘register your domain’ link will take you to the Google reCAPTCHA website, where you can register your site to work with reCAPTCHA.

You will be asked to sign in with your Google account. After that, you’ll see the ‘Register a new site’ page, where you need to provide some basic information to register your site.

First, you need to type your website name or any name of your choice in the ‘Label’ field. This will help you easily identify your site in the future.

Adding a New Site to Google reCAPTCHA

Next, you need to select the ‘Challenge (v2)’ radio button. This will open up 2 new options.

Since you want to add the reCAPTCHA checkbox to your site, you need to select the first option, ‘I’m not a robot Checkbox’.

When you scroll down, you will see the ‘Domains’ textbox. This allows you to add the domain name of your website where you would like to add the reCAPTCHA checkbox.

You can also add multiple domains or subdomains by clicking on the plus (+) icon. This will allow you to use the same API keys on different websites.

Add Domain and Email to reCAPTCHA Site

Once you have filled out the form, you can click on the ‘Submit’ button to register your site.

Google reCAPTCHA will now show you a success message along with the site key and the secret key on this page.

Copy Site and Secret Keys

You can now use these API keys in the plugin settings on your WordPress website.

Adding reCAPTCHA to a WordPress Comment Form

Now, you need to head back to the Advanced Google reCAPTCHA page in your WordPress admin area.

On the settings page, you need to paste the site key and the secret key.

Paste the Site Key and the Secret Key

Next, make sure that the ‘Enable for Comment Form’ box is checked.

By default, reCAPTCHA will be used on the login page, registration page, lost password page, and comment form. You can check or uncheck the boxes to enable the options you need.

Once you are done, don’t forget to click the ‘Save Changes’ button at the bottom of the page to store the API keys and enable reCAPTCHA.

Congratulations, you have successfully added reCAPTCHA to your WordPress comment form. You can now check the comment section of your blog posts to confirm that it’s working.

Comment reCAPTCHA Preview

Note: The reCAPTCHA checkbox will be displayed only to logged-out users. To preview reCAPTCHA, you will need to either log out of WordPress or open your website in an Incognito window in your browser.

More Ways to Combat Comment Spam in WordPress

reCAPTCHA is just one way to combat comment spam on your website. Here are a few more.

Your first step should be to turn on comment moderation. This will give you the opportunity to view and approve comments before they are displayed on your website.

Comment Must Be Manually Approved

You can also use the Akismet plugin to automatically catch the most common types of spam comments by checking a global spam database. Akismet comes preinstalled with WordPress, but it is not activated by default.

Better still, the premium Sucuri plugin allows you to block suspicious requests before they even reach your website. This prevents automated bots and scripts from submitting comments at all. We use it on all our websites.

You can also block spam comments using the Antispam Bee plugin. It lets you set rules about which users to trust, such as approved commenters or commenters with a Gravatar. You can also create rules that mark comments immediately as spam, such as when they contain code.

You can learn about these methods and many more in our expert pick of tips and tools to combat comment spam in WordPress.

Expert Guides on Improving the Comment Experience in WordPress

We hope this tutorial helped you learn how to add reCAPTCHA to the WordPress comment form of your website. You may also want to see some other articles related to improving the comment experience in WordPress:

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

Editorial Staff

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi with over 16 years of experience in WordPress, Web Hosting, eCommerce, SEO, and Marketing. Started in 2009, WPBeginner is now the largest free WordPress resource site in the industry and is often referred to as the Wikipedia for WordPress.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

34 CommentsLeave a Reply

  1. Jiří Vaněk

    I used to use WP Armour before, but unfortunately, some spams started getting through which I had to delete. So, I also set up reCAPTCHA following your instructions. However, I would like to ask: Will it cause any problems on the website if I use two anti-spam solutions? One was insufficient and occasional spams got through. The situation improved after implementing reCAPTCHA, but I’m concerned it might block legitimate comments or forum discussions.

    • WPBeginner Comments

      It shouldn’t conflict, but it may be a good idea to test this kind of setup on you site to make sure it works properly.

      • Jiří Vaněk

        Thank you for your response. I tested everything and also consulted with the plugin support, and it seems to have worked. Both solutions are cooperating and have mutually strengthened the website’s security against spam. I feel that after several months, regular comments are coming through fine, and the spam has stopped. So, for me, the functionality is great. Thank you for your time, response, and answer.

  2. THANKGOD JONATHAN

    Easy setup and it just works! reCAPTCHA has significantly reduced spam on my blog.
    Spam comments are a thing of the past thanks to reCAPTCHA! My comment section is finally clean and engaging.

  3. Ahmed Omar

    it is really an important point in site protection against spam comments and subscription.
    I faced this problem few days ago, and the only solution was to put recaptcha.
    Thank you

    • WPBeginner Support

      You’re welcome, glad our guide could help include it!

      Admin

  4. Ralph

    I have Akismet plugin and it is great. Over 5 years of blogging on current blog and over 2200 comments i have little to no spam. And even if, it always go to the spam folder, so i don’t have to worry about it, as noone can see it.

    reCAPTCHA can be annoying for readers as it sometimes lag and doesn’t work. I prefer tip you provided with content must be manually approved. I must aprove first comment from particular e-mail and then it accepts that person every time. Never had problems with that.

    • WPBeginner Support

      It is always a question of personal preference but as long as you have found the way that works for you :)

      Admin

  5. afdhal

    thanks for the tips! no more bot in my comment.

    • WPBeginner Support

      Glad you found this recommendation helpful :)

      Admin

  6. Moh

    Why don’t you have CAPTCHA here on your website?

    • WPBeginner Support

      We are trying other tools on our site, there’s nothing wrong with using CAPTCHA but it is personal preference if you use it.

      Admin

  7. Simon Griffiths

    The plugin you recommend looks like it’s not supported anymore. Are there any others?

    • WPBeginner Support

      We will be sure to take a look and update our suggestion should we find an alternative we would recommend.

      Admin

  8. Jack

    Perfect! One huge WordPress annoyance will be gone!

    • WPBeginner Support

      Glad our guide was helpful :)

      Admin

  9. jodarove

    Thank you! very helpful!

    • WPBeginner Support

      You’re welcome :)

      Admin

  10. Duncan McCormack

    re the reCAPTCHA section when you visit the plugin it says at the top: This plugin hasn’t been tested…

    Is this still the best Plugin to use? Is it safe? Or is there now a better one out there?

    Cheers, Duncan.

  11. Steve

    I followed the instructions exactly and the reCaptcha button will not appear on my site at all. Signed out of WP. Incognito window. nothing.

    • WPBeginner Support

      Please reach out to the plugin’s specific support to see if this could be due to a conflict between your specific theme and the plugin itself.

      Admin

  12. Desi

    This plugin is no longer working. I have installed it and none of the buttons will toggle.

    • WPBeginner Support

      You would want to reach out to the plugin’s support and let them know to help remove the issue.

      Admin

  13. DonDee

    FYI… The new v3CAPTCHA does not provide a clickable “I am not a Robot” conformation. The only way to tell if it’s running on the site is a CAPTCHA icon floating in the lower right hand side of the screen on the site you’re on.

    • WPBeginner Support

      Thanks for sharing this for anyone using v3 :)

      Admin

  14. Pradeep Singh

    Hello

    If I am using Akismet antispam plugin still I need to use reCaptcha technology?

    Thanks

    • WPBeginner Support

      That would be a personal preference question, both are tools to help prevent spam and will work together.

      Admin

  15. pepe

    The recaptcha is not showing! :( help!

    • WPBeginner Support

      You may want to check your site in an incognito browser where you’re not logged into your site to make sure it isn’t hiding for your admin user.

      Admin

  16. bob martin

    Help! I clicked on save api keys button like tutorial said and now my site isn’t working at all.

  17. Eva Live

    Does this mean if I use this, I don’t really need to moderate all comments? I don’t like that comments don’t show up as soon as they are posted, it has to wait until I get around to reviewing comments.

    • WPBeginner Support

      You would still need to moderate comments, reCAPTCHA is a way to prevent spam from bots but there can be other comments you don’t want on your site :)

      Admin

Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.