Websites that use forms will need to be secured from spamming by “Spam-Bots“. Spam-Bots will visit your site and fill out forms that are not secured. This can result in comment spamming in forums, spam emails being sent from your server, and other spam related activities. Google has what’s called “reCAPTCHA” that allows you to add an image with a special code to your forms. This requires the person filling in and submitting the form to type the code correctly before the form can be submitted.
When setting up web forms in Content Management Systems like Drupal, WordPress, Joomla, Moodle, and others, you will need to have 2 keys created for your reCAPTCHA to work. ReCAPTCHA requires a public and a private key in order for the code to function in your web forms. These are free to get from Google if you have a Gmail account. The following will explain how to get a free reCAPTCHA key from Google.
Generating a Public and Private reCAPTCHA Key
- Log into your Google account.
Important! If you do not have a Google account, you will need to sign up for a Gmail account. You can do this for free here.
To find the reCAPTCHA site, type “Recaptcha” in Google search.
You should see a link that says “reCAPTCHA: Stop Spam, Read Books“. Select that link and you should be directed to the following:
https://www.google.com/recaptcha
On the reCAPTCHA page, click “Use reCAPTCHA ON YOUR SITE“.
Click “Sign up Now!“.
Type your domain you are using the reCAPTCHA for. Select the “Enable this key on all domains (global key)” so you can use the same reCAPTCHA key for all your sites.
Click Create Key.
Google will have 2 keys generated for your site, a public and a private key. These are the reCAPTCHA keys you will use in your Software.
verry good
Thanks, It was very helpful.
1.Open your Gmail
2)https://www.google.com/recaptcha click here
3)Fill-up form, type Name and E-mail type your domion name like ‘example.com’ then ok
4)Take site key and secret key
Thnks.
Yess! Thanks very much 😀 . . Now I have reCaptcha on my Site
update, just found out that someone has used another set of keys, so this problem is at our end.
Although it would be nice to know if it is possilbe to find out whether or not an account has been set up to allow for multiple domains.
thanks.
Thanks for the reply,
But I don’t think I have explained my problem fully, because…I can see the admin list no problem, and can add to this list too.
My problem is that I am not sure if this account allows multiple domains? and not sure how to check whether or not multiple domains is allowed by the same key?
I presume that – because it lets me add multiple domains – multiple domains should be possible with this account?
In Step 5 above it says:
I am not sure if this option was enabled on set up – to allow for multiple domains?
e.g.
on set up we used sypa-upmweb and captcha works for this name.
Now we’ve changed our domain name for the same site and simple added this new domain name under the same key: sypensions.org.uk, but now we get an error which suggests the wrong key is in use. So I am trying to find out if the problem is with Google CAPTCHA set up or at our end.
how can i tell if ‘allow multiple domains ‘was set up on my google captcha account?
we’ve just changed domains to where our captcha was and tried adding the new domain to the list. but it’s not working
Hello mark,
Thank you for contacting us. If you have multiple domains setup, they will be listed on the reCAPTCHA Admin list.
If they are not there, you must add them. If you are having trouble, I recommend checking their Support site for similar reports.
Thank you,
John-Paul
can you help me with this error??? ERROR: Invalid domain for site key,,, I deployed my app in DigitalOcean.
Hello dim,
You may need to https://www.google.com/recaptcha/admin and check your domain is there and ensure have the correct keys.
Kindest Regards,
Scott M
Hi ,
We have implemented nocaptcha-recaptcha using angular Js and java on tomcat on backend. Everything works fine but for the certs.
The problem is , each time the cert is changed at the google end, the code stops working, it doesnot work. Then we have to reload new cert into Tomcat truststore to make it work. In DEV it is ok. But not for PROD, it would break .
Anyone came accross this scenario? Any tips highly appreciated.
Thanks
Hi,
I have multiple domains (several 1000s) where I need to add the recaptcha widget. I cannot possibly register all of them on the recaptca website beforehand.
I tried looking but could not find any APIs to do this programatically.
Thanks,
FI
Hello fi,
We are not aware of any API that can do what you request.
Kindest Regards,
Scott M
Thanks… im using ip really works although your pics and stuff outdated
Now the website is changed. Please check. It is integrated with Google.
I am using reCAPTCHA with the wordpress custom contacts form plug-in and got both of the keys however I am recieving the following error: ERROR: Invalid domain for site key
Hello up2peace,
Thank you for your question. On Google’s Official guide on How to Setup reCAPTCHA, they state: “The keys are unique to your domain and sub-domains and will not work for other domains unless you:
Sign up for multiple keys (one for each site)
Create a global key by checking the box for “Enable this key on all domains (global key)””
I would first check that you are abiding by these rules.
We are happy to help further, but will need some additional information to replicate and troubleshoot the problem.
What version of “Custom Contact Forms” are you using?
What version of WordPress are you using?
Can you provide the specific steps you are taking?
If you have any further questions, feel free to post them below.
Thank you,
John-Paul
Hello Vijay,
Thank you for letting us know. We will update this guide as soon as possible. Let us know of any additional suggestions you may have.
Sincerely,
John-Paul
I was hoping someone more familiar with this would have spotted it somewhere int he documentation. Thanks for the try.
It is a good article 🙂
I’m fully aware of domain privacy w.r.t. anon registration. The domain in question is anonymized, and only the registrar is information is public, the real ownership is hidden by the registrar. No issue there. The issue here is that the google registration for captcha will associate a google id with a domain at google. I’m unable to find a statement on whether google considers that information confidential (subject to court order etc. etc. etc.) or whether it’s freely accessible to everyone.
Hello Fromage,
Thanks for the reply. As far as I know, the information provided by registration of Recaptcha is not information that is available to the general public. If you want to be absolutely clear, you will need to contact Google for that particular information. I looked to see if there was anything explicit on the subject, but the only thing that might be related is the Privacy policy link that Google provides. Apologies that I can’t provide you a more specific answer.
Regards,
Arnel C.
Question: does registration of a web site for recaptcha mean that the registration itself becomes publicly visible? That could be kinda sticky if you’re trying to keep web site ownership anonymous.
Hello Fromage,
Thanks for the question. Registration for recaptcha has nothing to do with domain privacy, so there would be no issue. Also, bear in mind that per ICANN rules, a registrar will maintain a record of the actual owner of the domain. Depending on the privacy service, the actual owner’s name may not be shielded by the domain privacy service. You can tell by looking at a WHOIS query. ICANN is the governing body for internet domain names.
I hope this information helps to clarify the matter. If you have any further questions, please let us know.
Regards,
Arnel C.
@Arn: Since hours I try to find a solution for the same problem: Input error: k: Format of site key was invalid 🙁
I read a lot of descriptions+youtube-videos, but I didn’t find a solution. Maybe you can help me?!
On this site is my code: blackbox030.com
And like this looks my varify.php (without keys, but public is at public and private at private – sure!
<?php
require_once(‘recaptchalib.php’);
$privatekey = “my_private_key_like_acqjhnp9fzqp…”;
$resp = recaptcha_check_answer ($privatekey,
$_SERVER[“REMOTE_ADDR”],
$_POST[“recaptcha_challenge_field”],
$_POST[“recaptcha_response_field”]);
if (!$resp->is_valid) {
// What happens when the CAPTCHA was entered incorrectly
die (“The reCAPTCHA wasn’t entered correctly. Go back and try it again.” .
“(reCAPTCHA said: ” . $resp->error . “)”);
} else {
// Your code here to handle a successful verification
}
?>
PS: I found nearly a solution. I had the reCaptcha already, but it directed me to another page ‘verify.php’ But I don’t want to change my page. Is it possible?
Hello Yoshi,
Sorry for the problem you’re seeing. The error message you’re reporting has been seen by others as well. The best documentation I saw on resolving it can be found here. Please review this post and let us know if it resolves your problem.
Regards,
Arnel C.
I did all these step but captcha is not visible
Hello Zeeshan,
Sorry to hear that you’re having problems with the Captcha. However, we do need more information in order to provide you assistance. Can you please provide your domain name, any error messages, and the steps you’ve taken to set up the recaptcha?
Also, make sure that you have clear your browser cache before reviewing the page. This may help to prevent you from seeing an old cached page.
Otherwise, please send us more information and we would happy to look into the issue further for you.
Regards,
Arnel C.
thanks……….
Is it possible to get keys for an IP address instead of a Domain?
Yes, it is indeed possible. Simply enter the IP instead of the domain.
Thanks for letting us know about the link. It has been corrected.
Thanks… 🙂
Hey come on…. its awesome already.. you are rocking mate… keep going…
PS:
make this as a link ( https://www.google.com/recaptcha ) not a text.. 🙂