If your website uses ReCaptcha V1 you’ll need to upgrade it before March 31st 2018 to ensure your contact forms continue to function correctly.


WordPress reCAPTCHA v1 Upgrade - Impact Media

What Is ReCaptcha and why do websites use it?

reCAPTCHA is a free service that protects your website from spam and abuse. It is usually implemented at the end of contact and enquiry forms to prevent automated bogus, bot (non human) enquiries you receive. You may have also seen it implemented within login forms, as this is predominantly where automated bots are aiming to gain access. The reCAPTCHA provides an additional layer of security to prevent unauthorised access.

Shown below is reCAPTCHA V1

WordPress reCAPTCHA v1 Upgrade

Undoubtedly you’ve seen and used this before and I am sure that this is heavily frustrated you at some point, trying to read the letters, entering them correctly, only to be told that the text didn’t match?!

Well there’s 2 types of frustration that this causes.

  1. Frustration for your customers / users, visiting your website.
    If they struggled a few times to complete, they may just give up and leave your website. 🙁
  2. Frustration for you the website owner.
    Without the reCAPTCHA your contact forms maybe receiving hundreds of SPAM emails, which means you may miss that vital enquiry that’s hiding within them all.

Which creates a bit of a predicament.

  1. Keep your users happy by making it easy for you to be contacted, but be inundated with SPAM enquiries or
  2. Have a reCAPTCHA and risk your customer not being able to contact you.

There’s Good News

Version 1 of the reCAPTCHA service shown above is now being retired.

No more typing, guessing and being frustrated.

Google (who owns and runs the CAPTCHA service) have rolled out a few iterations in the past few years, and most recently just launched the invisible CAPTCHA service.

You may have seen the ‘i’m not a robot’ or the challenges screen which asked you to select all the road signs?

They have now taken this one step further, so once implemented your users won’t need to select anything; it will automatically determine whether it believes the user is a human or a bot using cookies.

If it believes you maybe a bot, then it will display the usual ‘Select a Road Sign’ style challenge.

Identifying The Different Versions

WordPress reCAPTCHA v1 Upgrade - Impact Media

If your website is asking you to type in letters, then most likely enough your website has the retiring version 1.

WordPress reCAPTCHA v1 Upgrade - Impact Media

If it displays the “I’m not a robot” text. Then you have version 2. This is also the version that will provide the ‘Road Sign’ style challenges like displayed below if it believes you maybe a spam bot.

You could also have the Invisible CAPTCHA, which if you view your website in Private browsing or Incognito mode, and hit your send button a few times, it should activate the ‘ROAD SIGN’ challenge.

If it doesn’t, then your website might not have a CAPTCHA at all. Which if you’re not receiving spam emails; could be because your website is using other types of security, such as a web application firewall (WAF) or a separate plugin which has its own security features like Gravity Forms.

What will happen if I Don’t Update To Version 2?

If your website is running version 1 after March 31st 2018, any forms that it is associated with will no longer be protected, and may not allow users to complete enquiry, contact, signup, registration forms.

What Happens If I already have Version 2?

If your website is already displaying the “I’m not a robot” option, then your website forms will continue to function as per normal.

However knowing that the new Invisible CAPTCHA is being rolled out, it may only be a limited time until Google decide to retire version 2. Just food for thought, if you wanted to improve the user experience on your website, you could implement Invisible Captcha now.

Is this a big update and what are the costs likely to be?

Information and instructions on upgrading to either Version 2 or the new Invisible Captcha can be found on the following link. If you choose to carry out this update yourself, follow the guides that Google provides, there is no cost for upgrading.

If you’re pressed for time or this is not your area of expertise, then Impact are charging a flat fee of £150+vat* for the replacement of reCAPTCHA and upgrade you to either version 2 or the new invisible CAPTCHA; whichever you prefer.

(Please note if implementing into more than one position throughout your website, a further quotation will be provided)

Don’t Have a CAPTCHA or Want to remove it completely?

If you have a WordPress website then there are a couple of alternatives.

Securi – Web Application Firewall (WAF)

Our Support Unlimited customers are screened through a web application firewall which as well as protecting your forms from bot attacks which will reduce bot form completions whilst also screening and protecting from brute force attacks, DDos attacks, hack attempts and security exploits.

For non Support customers, you can purchase Securi for your WordPress website from $19.98 per month.

You can learn more about Securi here or speak to us about our Support Unlimited plans where Sucuri and many other features are incorporated for a fixed monthly fee.

Gravity Forms

Gravity Forms is a premium plugin for WordPress that allows you to generate custom forms within your website, capturing and storing lead data and providing marketing teams the ability to drop in new subscription and signup forms within their content of the site themselves, without paying for maintenance updates to your web team.

The form plugin also has a feature called Anti-Spam Honeypot. This feature when enabled displays a hidden box which is designed to tricks bots, who will automatically place text within the box to forcibly complete the form. In most cases this box is hidden to users as it’s placed within the code area, which only bots would crawl. (If the box does display, it can be hidden using HTML).

This feature when applied stops bots from completing forms, and provides a very similar solution to the invisible CAPTCHA service.

Gravity Forms Implementation

We recommend and install the Gravity Forms plugin on every website we build. We utilise our developer license and via our Support Unlimited plans we incorporate the yearly renewal fees – meaning that our customers don’t have to manage or pay for renewals.

You can learn more about Gravity Forms and the many benefits here.

Cost

Gravity Form plugin implementation into a WordPress website £300+vat

A yearly license for Gravity forms is $59 (Included free with Support Unlimited customers)

Conclusion

Whether you choose to upgrade reCAPTCHA or replace it; we’d recommend using both Securi & the Gravity Forms plugin for absolute peace of mind and security if you’re running a WordPress website.

Hopefully you have everything you need to know about the reCAPTCHA change and of course if you need help implementing, then please get in touch.

Resource links will all be above, but feel free to tweet us @impactmedia if you need us to send you any links of documentation.

*Prices correct at time of publication

Need help updating reCAPTCHA in your website?

Whether reCAPTCHA only or Gravity Forms plugin implementation.
Call Martin, our new business maestro on 01268 858292.

Request A Call Back