Back to Blog

How to Add reCAPTCHA v3 to Contact Form 7 in WordPress

Portrait of the authorDerek Hassan | Last Updated:
Google reCAPTCHA and Contact Form 7 Plugin together

Are you overwhelmed and frustrated with the large number of spam submissions from your website's contact form? Spam can clutter your inbox and potentially expose your website to malicious activities. One effective method to protect your website forms is by integrating Google reCAPTCHA. This guide will walk you through the steps of adding reCAPTCHA to Contact Form 7 in WordPress, ensuring your forms remain secure and spam-free.

What is Google reCAPTCHA?

Google reCAPTCHA is a free service that protects your website from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart. There are currently three different versions of reCAPTCHA:

  • reCAPTCHA v3: This version requires no user interaction and operates in the background to assign a risk score to each interaction.
  • reCAPTCHA v2 (checkbox): This version contains a checkbox asking users to indicate they are not a robot. This will either pass the user or provide a challenge to validate if they are human.
  • reCAPTCHA v2 (Invisible): This version automatically provides a challenge only when the interaction is deemed suspicious.

What is Contact Form 7?

Contact Form 7 is one of the most popular WordPress plugins for creating and managing contact forms. It is user-friendly, highly customizable, and best of all, free to use. With over 10 million active installations, it has become the go-to solution for WordPress users looking to add simple forms to their websites.

Benefits of adding reCAPTCHA v3 to Your Contact Form

Integrating reCAPTCHA with your website forms bring numerous benefits, enhancing both the functionality and security of your website. Here are some key benefits to consider:

  • Adding reCAPTCHA significantly reduces the number of spam submissions by distinguishing between human users and bots.
  • Adding reCAPTCHA enhances your website’s security by protecting your website from various types of malicious abuse, including automated bot attacks and data scraping.
  • reCAPTCHA v3 operates in the background, providing a seamless experience for genuine users without requiring them to complete challenges.

Drawbacks of adding reCAPTCHA v3 to Your Contact Form

Although integrating reCAPTCHA into your website forms brings many benefits, it also brings some potential drawbacks to consider. Here are a few drawbacks to consider:

  • Legitimate users might occasionally be flagged as bots, especially with stricter reCAPTCHA settings.
  • Integrating reCAPTCHA may impact website performance due to additional scripts needing to be loaded on your website and the inclusion of an extra server-side validation step when submitting a form.
  • reCAPTCHA won’t stop spam entries submitted by humans.

Getting Started

Before you start, ensure you have the following:

  • A WordPress installation
  • Contact Form 7 plugin installed and activated
  • A Google account

Setting Up Google reCAPTCHA

You first need to register your site with Google. Here’s how to do that:

  1. Navigate to the Google reCAPTCHA site and click on v3 Admin Console
  2. Register a new site by clicking the "+" button in the top right. This will bring up a registration form to fill out.
    Google reCAPTCHA admin console webpage
  3. Fill in the form with the following information:
    1. Label: Add a name your site for easy identification. This doesn’t enforce any specific naming convention so feel free to pick what makes sense to you.
      reCAPTCHA registration form label input
    2. reCAPTCHA Type: By default reCAPTCHA v3 is selected. This is the value we want, so leave this field as is.
      reCAPTCHA registration form reCAPTCHA type radio selection input
    3. Domains: Enter your domain name in the format of: example.com. Make sure to remove the https:// in front of your domain!
      reCAPTCHA registration form domains input
    4. Google Cloud Platform: If you’ve never used Google Cloud Platform or don’t know what it is, don’t worry! All you have to provide is a project name and Google will automatically create all the required resources for you.
      reCAPTCHA registration form Google Cloud Platform project name input
  4. Once you have filled out the form, click Submit at the bottom to generate your site key and secret key. Hold onto these keys as we will be needing them in the next part.
    reCAPTCHA registration form submit form button

Adding reCAPTCHA to the Contact Form 7 Plugin

Now that you have registered your site with Google, we need to add our generated keys to Contact Form 7. Here’s how to do that:

  1. In your WordPress admin dashboard, on the sidebar, hover over Contact, and click on Integration. Here you’ll see a list of integrations you can add to Contact Form 7. Click the "Setup Integration" button under the reCAPTCHA integration. This will take you to a form that asks for both the site key and secret key.

    WordPress Admin dashboard with Contact Form 7 Integration option selected

  2. Go ahead and paste in both the site key and secret key generated in the Google reCAPTCHA setup process.

  3. Once both keys have been entered, go ahead and save your changes by clicking the "Save Changes" button.

    Contact Form 7 reCAPTCHA integration form filled in with site key and secret key

Verifying the reCAPTCHA Integration

Now that we have integrated the reCAPTCHA keys with Contact Form 7, let’s verify that the integration is working correctly:

  1. Visit the page containing your contact form.
  2. Check if the reCAPTCHA widget appears.
    Contact form page with reCAPTCHA badge showing correctly
  3. Submit a test form to ensure it processes correctly.

If both the reCAPTCHA widget appears and submitting a form is successful, then congrats! Now your Contact Form 7 form is protected with Google reCAPTCHA! 🎉

Checklist

Get a Free Website Audit!

We'll provide you a free personalized website audit detailing clear and actionable areas your website can improve to rank better, load faster, and improve accessibility.