Beginner's Guide for WordPress / Start your WordPress Blog in minutes

How to Easily Add reCAPTCHA to WordPress Comment Form

Are you looking to add reCAPTCHA to your WordPress comment form?

Spam comments have gotten out of control on many WordPress websites. Instead of turning off the comments, you can add CAPTCHA to the comment form to practically eliminate spam.

In this tutorial, we will show you how to easily add reCAPTCHA to the comment form of your WordPress website.

How to Add reCAPTCHA to WordPress Comment Form

What Is Google reCAPTCHA?

Comment spam is a problem on many WordPress websites. Akismet, the popular spam filtering service for WordPress, blocks about 7.5 million spam comments every hour.

reCAPTCHA is one of the best ways to fight it. reCAPTCHA is an advanced form of CAPTCHA that can distinguish between robots and human users. In fact, CAPTCHA is an acronym for ‘Completely Automated Public Turing Test to Tell Computers and Humans Apart’.

Google acquired CAPTCHA technology in 2009 and then later rebranded it as reCAPTCHA. They also made it easier for human users to easily pass the test.

To pass the test, users are required to click a checkbox indicating they are not a robot. They will either pass right away or be presented with a set of multiple images where they will need to click on matching objects.

New recaptcha

Google has made reCAPTCHA publicly available so that website owners can use it on contact forms, login pages, and comment forms to reduce spam.

It is also super easy to set up and add to WordPress comment forms.

With that said, let’s see how to easily add reCAPTCHA to a WordPress comment form with step-by-step instructions.

Installing a WordPress reCAPTCHA Plugin

The first thing you need to do is install and activate the Advanced Google reCAPTCHA plugin. You can see our step-by-step guide on how to install a WordPress plugin for detailed instructions.

Upon activation, you need to visit the Advanced Google reCAPTCHA page to configure the plugin’s settings.

The Advanced Google reCAPTCHA Settings Page

The plugin will ask you to provide Google reCAPTCHA API keys. You can create these keys for free from the official reCAPTCHA website by clicking the ‘register your domain’ link at the top of the screen.

Registering Your Website to Get reCAPTCHA API Keys

The ‘register your domain’ link will take you to the Google reCAPTCHA website, where you can register your site to work with reCAPTCHA.

You will be asked to sign in with your Google account. After that, you’ll see the ‘Register a new site’ page, where you need to provide some basic information to register your site.

First, you need to type your website name or any name of your choice in the ‘Label’ field. This will help you easily identify your site in the future.

Adding a New Site to Google reCAPTCHA

Next, you need to select the ‘Challenge (v2)’ radio button. This will open up 2 new options.

Since you want to add the reCAPTCHA checkbox to your site, you need to select the first option, ‘I’m not a robot Checkbox’.

When you scroll down, you will see the ‘Domains’ textbox. This allows you to add the domain name of your website where you would like to add the reCAPTCHA checkbox.

You can also add multiple domains or subdomains by clicking on the plus (+) icon. This will allow you to use the same API keys on different websites.

Add Domain and Email to reCAPTCHA Site

Once you have filled out the form, you can click on the ‘Submit’ button to register your site.

Google reCAPTCHA will now show you a success message along with the site key and the secret key on this page.

Copy Site and Secret Keys

You can now use these API keys in the plugin settings on your WordPress website.

Adding reCAPTCHA to a WordPress Comment Form

Now, you need to head back to the Advanced Google reCAPTCHA page in your WordPress admin area.

On the settings page, you need to paste the site key and the secret key.

Paste the Site Key and the Secret Key

Next, make sure that the ‘Enable for Comment Form’ box is checked.

By default, reCAPTCHA will be used on the login page, registration page, lost password page, and comment form. You can check or uncheck the boxes to enable the options you need.

Once you are done, don’t forget to click the ‘Save Changes’ button at the bottom of the page to store the API keys and enable reCAPTCHA.

Congratulations, you have successfully added reCAPTCHA to your WordPress comment form. You can now check the comment section of your blog posts to confirm that it’s working.

Comment reCAPTCHA Preview

Note: The reCAPTCHA checkbox will be displayed only to logged-out users. To preview reCAPTCHA, you will need to either log out of WordPress or open your website in an Incognito window in your browser.

More Ways to Combat Comment Spam in WordPress

reCAPTCHA is just one way to combat comment spam on your website. Here are a few more.

Your first step should be to turn on comment moderation. This will give you the opportunity to view and approve comments before they are displayed on your website.

Comment Must Be Manually Approved

You can also use the Akismet plugin to automatically catch the most common types of spam comments by checking a global spam database. Akismet comes preinstalled with WordPress, but it is not activated by default.

Better still, the premium Sucuri plugin allows you to block suspicious requests before they even reach your website. This prevents automated bots and scripts from submitting comments at all. We use it on all our websites.

You can also block spam comments using the Antispam Bee plugin. It lets you set rules about which users to trust, such as approved commenters or commenters with a Gravatar. You can also create rules that mark comments immediately as spam, such as when they contain code.

You can learn about these methods and many more in our expert pick of tips and tools to combat comment spam in WordPress.

We hope this tutorial helped you learn how to add reCAPTCHA to the WordPress comment form of your website. You may also want to see our guide on how to add reCAPTCHA to WordPress login and registration forms or our expert pick of the must-have plugins to grow your website.

If you liked this article, then please subscribe to our YouTube Channel for WordPress video tutorials. You can also find us on Twitter and Facebook.

Disclosure: Our content is reader-supported. This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded, why it matters, and how you can support us. Here's our editorial process.

The Ultimate WordPress Toolkit

Get FREE access to our toolkit - a collection of WordPress related products and resources that every professional should have!

Reader Interactions

26 CommentsLeave a Reply

    • We are trying other tools on our site, there’s nothing wrong with using CAPTCHA but it is personal preference if you use it.


  1. The plugin you recommend looks like it’s not supported anymore. Are there any others?

    • We will be sure to take a look and update our suggestion should we find an alternative we would recommend.


  2. re the reCAPTCHA section when you visit the plugin it says at the top: This plugin hasn’t been tested…

    Is this still the best Plugin to use? Is it safe? Or is there now a better one out there?

    Cheers, Duncan.

  3. I followed the instructions exactly and the reCaptcha button will not appear on my site at all. Signed out of WP. Incognito window. nothing.

    • Please reach out to the plugin’s specific support to see if this could be due to a conflict between your specific theme and the plugin itself.


    • You would want to reach out to the plugin’s support and let them know to help remove the issue.


  4. FYI… The new v3CAPTCHA does not provide a clickable “I am not a Robot” conformation. The only way to tell if it’s running on the site is a CAPTCHA icon floating in the lower right hand side of the screen on the site you’re on.

  5. Hello

    If I am using Akismet antispam plugin still I need to use reCaptcha technology?


    • That would be a personal preference question, both are tools to help prevent spam and will work together.


    • You may want to check your site in an incognito browser where you’re not logged into your site to make sure it isn’t hiding for your admin user.


  6. Help! I clicked on save api keys button like tutorial said and now my site isn’t working at all.

  7. Does this mean if I use this, I don’t really need to moderate all comments? I don’t like that comments don’t show up as soon as they are posted, it has to wait until I get around to reviewing comments.

    • You would still need to moderate comments, reCAPTCHA is a way to prevent spam from bots but there can be other comments you don’t want on your site :)


Leave A Reply

Thanks for choosing to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and your email address will NOT be published. Please Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.