Wondering how to add CAPTCHA to a contact form in WordPress? CAPTCHA fields are a great way to fight form spam, so this is a smart idea.
There are several tools that can help. Google’s reCAPTCHA might be better known, but hCaptcha and WPForms’ Custom Captcha, are leading CAPTCHA tools that work just as well or better in some cases. The great thing is that you can use all three in WordPress, using WPForms.
In this article, we’ll focus on hCaptcha, showing you how to add hCaptcha fields to a contact form in WordPress. It’s easy and straightforward!
What Is hCaptcha and Why Should You Use It?
hCaptcha is one of the leading alternatives to Google’s reCAPTCHA for fighting form spam. Another tool to consider using, as we’ve mentioned, is WPForms’ Custom Captcha which allows you to add CAPTCHA to your forms using math questions or custom questions.
There are a number of reasons why you might want to use hCaptcha over reCAPTCHA. Depending on the version, reCAPTCHA sometimes requires too many steps or simply disqualifies real human users outright. It also collects more user data than you might be comfortable with.
hCaptcha is more privacy-friendly and also provides you with some additional income-making opportunities by offering a reward each time a user solves a CAPTCHA correctly.
Now that we’re all clear on what hCaptcha is and why you might want to use it, let’s get into how!
How to Add CAPTCHA to a Contact Form in WordPress
1. Install WPForms
WPForms Pro is the leading WordPress contact form plugin, so that’s what we’ll be using in this guide. If you aren’t yet sure which WordPress form plugin you want to use, this guide on the top WPForms alternatives can help you find the right options.
There is also a free WPForms plugin called WPForms Lite, which offers full form functionality including a powerful form builder and several free templates.
WPForms Lite can be used to add both reCAPTCHA and hCaptcha to a WordPress form, but you’ll need a WPForms Pro license to unlock the Custom Captcha feature.
If a free form plugin is what you’re after, check out our guide to the best free WordPress form plugins.
The great thing is that the WPForms Pro plans start at a budget-friendly $39.50 annually.
So we’ll get started by downloading and installing WPForms Pro. This guide to installing a WordPress plugin is an excellent resource if you aren’t quite sure how to do it.
Once the plugin is installed and activated, we can dive into next step, which is signing up with hCaptcha.
2. Sign Up With hCaptcha
Now that you have WPForms set up on your website, the next bit is getting things set up with hCaptcha. Fortunately, this is really easy to do.
To begin, log on to hCaptcha.com to create a new account. Click on Signup and follow the prompts to create your new account.
First, you’ll be prompted to choose a free or paid hCaptcha plan. We’d recommend choosing the free option by clicking on the button labeled Add hCaptcha for Publishers to my website or app.
Once this step is done, it’ll be time to get your sitekey and secret key.
3. Generate Sitekey and Secret Key
Fortunately, you won’t need to do too much to get started. hCaptcha will automatically generate your first sitekey as well as the secret key for your account.
You’ll need to copy both of these but don’t get them mixed up, as they do different things. In later steps, we’ll cover how to add them to your website.
Scroll down and click Continue to move on to the next few configuration steps.
From the menu at the top of the next page, click on Sites.
This will take you to a new page where you’ll see all the sitekeys you’ve created. Since you’re just getting started, you’ll have just the one sitekey that was automatically generated by hCaptcha when you created your account.
Your next step will be adding your website to this sitekey. To do this, click on the Settings button for the sitekey.
In the new page, scroll down to General Information. You’ll be prompted to enter your hostname, which in this case is just your website’s domain name.
Enter your domain name without the “www.https://” and click Add new domain.
As a final, optional step, you can scroll down to Passing Threshold and change the difficulty level if you want.
The passing threshold is set to moderate by default, which we’d say is ideal.
Click Save, and you’ll be ready to get back into WordPress to set things up there. You’re going to need both your sitekey and secret key so have them handy.
4. Enter Your Site Key and Secret Key in WordPress
In the WordPress dashboard, click on WPForms » Settings » CAPTCHA.
Next, you’ll be prompted to choose the type of CAPTCHA you want to use. Select hCaptcha.
On the new page, enter both your sitekey and secret key, and click Save Settings.
You’re almost done at this point, and there’s just one more thing to do, which is adding hCaptcha to a WordPress contact form.
5. Add CAPTCHA to a Contact Form
You can add hCaptcha to a new WPForms form or to an existing one using the form builder. It’s really easy!
In the WordPress dashboard, click on WPForms » Add New.
Enter a form name and choose from the 400+ templates provided, or select Blank Form to build an entirely new form.
Both options will open up in the form builder. Here, you’ll find the hCaptcha field in the Standard Fields section on the left-hand panel. Click on it to enable it.
On the top right corner of the page, you should now see a notice showing that hCaptcha has been enabled.
Your new CAPTCHA-enabled form will be ready to embed in any page of your choosing. In embedding the form, you’ll have two options: you can embed the form in an existing page or create a new one.
But first, click Save and then, click Embed.
WPForms will now ask if you’d like to add your form to a new page or include it on an existing page. In this example, we’ll embed the form on a new page.
Now, name your new page and click Let’s Go.
This will automatically create a new page and take you to the WordPress editor with the form already added as a block inside. You can make changes like you normally would for any other WordPress page and press Publish when you’re ready.
You can now check your newly published form from the frontend of your site. This is what it should look like:
You can also check out our guide on adding a contact form to a page in WordPress for more details.
And that’s all there is to it! Now you’ll be able to add CAPTCHA to a page in WordPress using hCaptcha, whenever you’d like.
Next, Check Out These reCAPTCHA Alternatives
We’ve covered protecting your forms from spam using hCaptcha. While this method works well, there are a few more alternatives to consider. Take a look at the best ones in our guide to the top reCAPTCHA alternatives.
One additional anti-spam method we particularly recommend for WordPress sites is the WPForms Akismet integration. Using Akismet on your forms is an excellent way to filter contact form spam in WordPress.
Ready to fix your emails? Get started today with the best WordPress SMTP plugin. WP Mail SMTP Elite includes full White Glove Setup and offers a 14-day money-back guarantee.
If this article helped you out, please follow us on Facebook and Twitter for more WordPress tips and tutorials.
It seems like spam is attacking through our “Contact us” button. Would adding hRecapta help with this?
Hi Lou,
The WP Mail SMTP plugin does not have an inbuilt feature to identify and block spam submissions.
In that case, you can implement any captcha service available for your form plugin. hCaptcha is one of the recommended options.
Thanks!
hCaptcha detects the language automatically based on the domain.
I need to set it to English.
Where can I include the language code for hCaptcha?
Hi Jan,
You should be able to set your preferred language using hCaptcha language codes.
Here’s an example that you can follow, or you need to get in touch with WPForms support for additional assistance.
Thanks!
Hello, I added reCAPTCHA to the form and the box appears in preview but not on the live site. What could be the problem?
Hi Maria,
It looks like you have experienced a conflict between the forms and the site theme or another plugin. To troubleshoot this issue, please try the steps described in this detailed guide.
Or else, you need to get in touch with plugin support.
I hope this helps. Thanks!