Contact Form 7 Google Captcha V3 Spam

by | Dec 14, 2018 | 0 comments

Contact Form 7 Google Captcha V3 Spam

by | Dec 14, 2018 | Dieno Digital, Digital Strategy Blog, Wordpress | 0 comments

This one is for the developers and geeks out there reading our my blog!

It’s been a really busy couple weeks for anyone who manages multiple wordpress sites or who build’s wordpress websites. Notifications of PHP versions reaching their end of life, WordPress 5.0, and major plugin updates have been keeping everyone busy!

That being said, many of us use Contact Form 7, a plugin that has had it’s ups and downs, has some irony to using it, but overall performs quite well. There was a recent release of a new version of Contact Form 7 that fored you to move from any previous versions of Google’s Recaptcha service to version 3. With that came a headache.

WordPress websites that were updated and running Contact Form 7 suddenly saw an increase in spam. The [recaptcha] shortcode in the form was no longer doing anything (or invisible) and some mailboxes were getting hammered by spam bots and companies trying to sell their services.

The first thing to note is that you will need to go into Google’s Recaptcha and make sure you’ve set the site up with Version 3 (v3). If you are running a previous version of recaptcha, I suggest you delete the site and recreate it, then generating new secret and site ID’s.

The next time is then re-entering those keys into the Contact Form 7 plugin’s “integration” modules section.

Here’s the tricky part, and hopefully one of the Contact Form 7’s developers will update their code and release a new version soon; you will need to manually update the plugin’s PHP file to actually prevent spam from coming in. Shout out to PeterUpfold for posting the solution on the WordPress Support Forum.

He wrote:

It looks like there is a logic issue where failing to provide the g-recaptcha-response allows the submission through.

This is a _very_ unofficial change on my part, but it seems to work for me.
Edit line 114 of modules/recaptcha.php (version 5.1)
It reads:
return $spam;
Change it to:
return true;
This will change it so that any submission that does not attempt the Recaptcha V3 validation will be rejected.

So far my testing has proven that this is a trusted fix and it will correct the issue.

Depending on how your wordpress instance has been implemented, this could be a quick fix or something that requires you FTPing into your server and manually updating the file.

If you don’t have FTP access, but have full Administrator access to your wordpress site – check out the plugin “WP File Manager” which allows you to browse the files on your host and edit them on the fly.

NOTE: BE CAREFUL IF YOU ARE UPDATING THE CODE ON YOUR SITE MANUALLY, and of course we\I are not liable if you break something 🙂

 

UPDATE: The above process only reduced the spam by roughly 50% on a few sites we manage, so we quickly shifted to WPForms.

 

0 Comments

Submit a Comment

What Our Clients Are Saying

North Burnaby Boxing Club

Thanks so much for all the great work you have done in developing our website Leland!

Manny, North Burnaby Boxing Club

Dieno Digital Marketing Services
5
2018-04-27T01:06:02+00:00

Manny, North Burnaby Boxing Club

Thanks so much for all the great work you have done in developing our website Leland!

JB Consulting

Leland built us a great site at a great price. We can’t say enough about how pleasant it was dealing...

Dave, JB Consulting

Dieno Digital Marketing Services
5
2018-04-27T01:06:57+00:00

Dave, JB Consulting

Leland built us a great site at a great price. We can’t say enough about how pleasant it was dealing with him!

Kelicor Logistics

Leland created my website for my new venture. I found his service to be excellent,was always available to answer my...

Colin, Kelicor Logistics Solutions

Dieno Digital Marketing Services
5
2018-04-27T01:07:34+00:00

Colin, Kelicor Logistics Solutions

Leland created my website for my new venture. I found his service to be excellent,was always available to answer my questions and was always prepared to go the extra mile, in order to ensure my website conveyed it's intended message,, And the cherry on top was it was most affordable. Would definitely recommend. Thanks Leland !

McNeney McNeney Spieker LLP

Dieno Digital has been providing our firm with what we like to call the Royal Package in customer service for...

M, McNeney McNeney Spieker LLP

Dieno Digital Marketing Services
5
2018-04-27T01:08:19+00:00

M, McNeney McNeney Spieker LLP

Dieno Digital has been providing our firm with what we like to call the Royal Package in customer service for over 3 years now. The knowledge and skills Leland brings to the table has increased our business and streamlined our social media platform. Our requests are always dealt with in a timely manner and we are always given options and alternatives to better reach potential new clients. We highly recommend Dieno Digital to increase your life social media presence.
5
4
Dieno Digital Marketing Services