Blog

Brute Force Attack Block Tip – Google reCaptcha Plugin by BestWebSoft

One plugin I always use when my security buddy Wordfence tells me there have been many attempts to recover a lost password or too many failed attempts to login with existing or non existing users is Google Captcha (reCAPTCHA) by BestWebSoft . A great brute force attack block tip for you right there. Let me explain in detail how it works.

Google Captcha (reCAPTCHA) by BestWebSoft

Google reCaptcha plugin is a plugin that ads Google’s latest reCaptcha “I am not a Robot” checkbox to your login, recover password screen, registration form and even comment forms.

recaptcha at login

It will help you get rid of brute password attacks from multiple ips and also blocks automated spam in comment forms. If you only need either one of these you can configure that.

Installation

Just like any other plugin that is available in the WordPress repository this one can be searched for under plugins > new plugin and than added to your WordPress site. Just go to plugins in the Dashboard sidebar and there on hover you have to click on new. Then you see a search box with the most populair plugins loaded below it. Paste “Google Captcha (reCAPTCHA) by BestWebSoft” in the search box and hit enter. You will then see that plugin popping up. Install it by adding it and do not forget to activate the plugin.

Configuration

Configuration of the plugin can be found under settings  > BWS Plugins > Google Captcha.

Googlec Captcha Settings

Besides the fact that you can decide where the reCaptcha check is done:

  • login form or
  • registration form or
  • comment form or
  • password recovery form

or all, you will have to add the reCaptcha public and secret key which can be generated at Google reCaptcha central . There you will have to enter a name for the site, the domain and an email address associated with the reCaptcha keys. Once you you have taken care of that and saved the public key and private key will be shown and can be copied over into the the plugin’s configuration page.

Once that is done and saved the plugin will work.

Other Configuration Options

There are a few other configuration options like version 1 reCaptcha or 2 and would leave it at the 2 default which is the latest best looking and working one if you ask me. As for the theme, well light goes well with most modern websites.

Pro Version

There is a Pro version for $17.95 a year which I have not tried yet. The extra features you will get are:

  • Compatible with Contact Form 7 (since version 3.4)  – which is nice as I do use Contact Form 7 quite a bit
  • Select manually Google Captcha (reCAPTCHA) language – nice, but not something I need immediately as most my clients can work with English being loaded when need be.
  • Use the current site language for Google Captcha (reCAPTCHA) (Using Multilanguage by BestWebSoft)
  • Select Google Captcha (reCAPTCHA) size (normal or compact)
  • The answer to the question from support within one business day (More info) – useful, but needed yet

So overall not really what I need, but perhaps good for some people reading this post.

Tagged in : Tagged in : , ,
Jasper Frumau

Jasper has been working with web frameworks and applications such as Laravel, Magento and his favorite CMS WordPress including Roots Trellis and Sage for more than a decade. He helps customers with web design and online marketing. Services provided are web design, ecommerce, SEO, content marketing. When Jasper is not coding, marketing a website, reading about the web or dreaming the internet of things he plays with his son, travels or run a few blocks.

Related Articles

XML RPC Attacks

Block XML RPC Attacks
NextGen Gallery Custom Field Rotating Images

NextGen Gallery Custom Field Rotating Images
Chrome will push secure websites even further starting January 2017

Chrome will push secure websites even further starting January 2017