Installing a captcha plugin on your WordPress site is something you can’t overlook otherwise spammers will turn your blogging experience into a nightmare.

In this tutorial, we will see how to protect your blog from spam comments with BestWebSoft captcha WordPress plugin.

wordpress captcha securityHere are the topics we will discuss:

  1. What is Captcha anyway?
  2. WordPress Captcha Plugin
  3. General Settings
  4. Google Captcha Shortcode

What is Captcha anyway?

Captcha is a utility or code which tests “human activity” by showing math logic, distorted letters to fill in exactly or a combination of pictures. It keeps automated programs or spam bots away from your website to make comments and ruin your website by other means.





Here are some captcha examples from around the web:

captcha example 1

captcha example 2

captcha example 3

WordPress Captcha Plugin

WordPress doesn’t come with a captcha pre-installed. You have to implement a captcha plugin yourself to protect your forms which are exposed to visitors or even subscribed users.

The best captcha plugin we have found for WordPress is by BestWebSoft. Its free, easy to configure and work out of the box. The plugin implements Google reCAPTCHA technology which is a nightmare for spammers and hard to bypass.

It will show the popular I’m not a robot captcha box to let users proceed after filling out forms on your website.

Let’s see a step-by-step process:

1. From your backend admin dashboard, install and activate BestWebSoft captcha plugin. See how to install a plugin in WordPress for more details.

bestwebsoft captcha plugin wordpress

2. Once installed, settings will be available under Google Captcha main menu.

wordpress captcha settings

3. To activate captcha box, you need to register your website with Google reCAPTCHA service. In return, Google will provide you two API keys, a Site Key and a Secret Key which you have to fill in back here in the plugin settings.

google recaptcha api keys

4. Click Get the API Keys link under Authentication and get your keys by filling in the form on Google reCAPTCHA website.

google captcha form

5. Once you get the API keys, enter them back in the plugin settings and click Save Changes button at the bottom.

Amazingly you are done. You don’t have to touch any other settings.

Save Google reCAPTCHA API keys on your local computer also for later use.

Woopoo's Tip

General Settings

Under General settings, you can see that the captcha has already been enabled for the login form, registration form, reset password form and comments form.

captcha plugin settings

External plugins are also supported however you have to upgrade to Pro version.

More settings include hiding captcha for the administrator, editor or other accounts.

Under reCAPTCHA Version settings, keep the value at Version 2 which is simply an I’m not a robot checkbox unlike Version 1 where visitors will be shown distorted letters to fill in a text field.

Keep reCAPTCHA settings at Version 2 which is an easy captcha method for better user engagement.

Woopoo's Good Practice

Here is how your website login page looks like after installing captcha:

login page captcha in wordpress

Adding captcha in WordPress login page will implement an extra layer of security.

Google Captcha Shortcode

One nice feature of this plugin is to add captcha to your posts or pages using a shortcode [bws_google_captcha]. It is also applicable to those posts and pages where you are taking any input from your visitors.

Additional Reading


We hope the article would be helpful to install and enable captcha plugin in your WordPress blog to protect it from spamming. Installing captcha will not take more than five minutes but save you many hours required to delete spam comments.

Last thing, please don’t forget to share this article and follow us on Twitter and Facebook

Gimme a Share pleeeaase!

Pin It on Pinterest

Share This