Protecting your WordPress contact form from spam using CAPTCHA

Chris Wright
Published: 3 November 2023Last updated: 3 November 2023

Adding a CAPTCHA to your WordPress contact form is a great way to prevent spam submissions and ensure that the messages you receive are from real users. In this guide, we'll walk you through the process of adding a CAPTCHA to your WordPress contact form using the popular Contact Form 7 plugin.

Step 1: Install and Activate Contact Form 7 Plugin

If you haven't already installed the Contact Form 7 plugin, follow these steps:

  1. Log in to your WordPress admin dashboard.
  2. Go to "Plugins" in the left-hand menu.
  3. Click on "Add New."
  4. In the search bar, type "Contact Form 7."
  5. Locate the Contact Form 7 plugin and click "Install Now."
  6. After installation, click "Activate."

Step 2: Create or Edit a Contact Form

Now that you have Contact Form 7 installed and activated, you need to create a contact form or edit an existing one. Follow these steps:

  1. In your WordPress dashboard, go to "Contact" in the left-hand menu (usually under the "Contact" or "Contact Form 7" section).
  2. You will see the default contact form (usually named "Contact form 1"). You can either use this form or create a new one by clicking "Add New" at the top.
  3. Give your form a name and configure the form fields as per your requirements. Customize the fields, labels, and messages as needed.

Step 3: Add Google reCAPTCHA Integration

Now, you'll integrate Google reCAPTCHA with your Contact Form 7 form. Google reCAPTCHA helps verify that the form submissions are made by humans, not bots.

In your WordPress dashboard, go to "Contact" or "Contact Forms."

Click on the form you want to add reCAPTCHA to or create a new one.

In the form editor, click on the "reCAPTCHA" tab.

Site Key and Secret Key: You will need to obtain these keys from the Google reCAPTCHA website if you don't already have them. Visit the Google reCAPTCHA website and sign in with your Google account. Follow the instructions to create a new reCAPTCHA site.

reCAPTCHA Version: Choose the appropriate version (v2 Checkbox or v3) based on your preference. The v2 Checkbox requires users to check a box to confirm they are not a robot, while v3 works in the background without user interaction.

Enter the Site Key and Secret Key in the respective fields.

Configure additional reCAPTCHA settings as needed.

Save your changes.

Step 4: Add the CAPTCHA Field to Your Form

To add the CAPTCHA field to your Contact Form 7 form, you'll need to insert a shortcode.

  1. In the form editor, place your cursor where you want to add the CAPTCHA field.
  2. Click the "reCAPTCHA" button above the editor. This will insert a shortcode like [recaptcha] into your form.
  3. Save your changes.

Step 5: Update Your Contact Form

After adding the CAPTCHA field, remember to update or save your Contact Form 7 form to apply the changes.

Step 6: Display the Contact Form on Your Website

Now that your form includes the CAPTCHA field, you need to display it on your website where users can access it.

  1. Create a new page or edit an existing one where you want to display the contact form.
  2. Use the Contact Form 7 shortcode to add your form to the page. The shortcode looks like [contact-form-7 id="your-form-id"], where "your-form-id" should be replaced with the actual ID of your contact form.
  3. Save or update the page.

Step 7: Test Your Contact Form

Before making it live on your website, it's essential to test your contact form to ensure that the CAPTCHA is working correctly and that the form submissions are being processed as expected. Make a test submission to ensure everything functions as intended.

Step 8: Publish Your Page

Once you're satisfied with the test submission and the CAPTCHA is working correctly, publish or update the page where your contact form is displayed.

Congratulations! You've successfully added a CAPTCHA to your WordPress contact form using the Contact Form 7 plugin, helping protect your website from spam submissions.