Overview
If you do require user registration, one of the easiest fixes is to ensure your site has a CAPTCHA enabled to detect if the form is being filled out by a human or via a script. This will then limit WordPress and WooCommerce Registration Spam and also help prevent brute force login attempts on your website.
One way to do this is to integrate Google’s reCAPTCHA v3 for your site, which is detailed below.
Instructions
- Firstly, follow our guide on how to Create a reCAPTCHA API Key.
- Next, login to your WordPress website.
- Go to Plugins -> Add New:
- In the right-hand search box, search for “reCaptcha by BestWebSoft“. You should see the following result:
- Install the plugin then click Activate.
- Once it’s been activated, it’ll return you to the WordPress plugin page. Find the reCapcha by BestWebSoft and select settings:
- Select Version 3 for the reCaptcha version:
- Next, paste in the Site Key and Secret Key generated in step 1:
- Then, ensure it’s enabled for the Registration Form:
(We also recommend for login as well) - Click Save Changes at the bottom of the page.
- If required, you can also use the Test reCaptcha button to verify that the credentials work. This will display a green tick beside the Site Key and Secret Key.
- To test that the reCAPTCHA is working, open a different browser (or incognito window) and go to your user registration page. This will be your usual website URL with /wp-login.php?action=register at the end. In the bottom right-hand corner, you should see the Google reCAPTCHA logo: