December 13, 2018 at 6:21 am #1044713
Yesterday my hosting service alerted me that the contact us form that I’m using was under bot attack. Even though I had captcha activated (the one that has you complete a math equation), the bots still got through to the point where it overwhelmed my service.
Is there another captcha or security plugin I can use on Enfold forms? I seem to remember that Google’s re-captcha does not configure to your theme?
Please advise if will. Thanks.December 13, 2018 at 6:51 am #1044736
I believe that the Google recaptcha does or was working with this code
MikeDecember 13, 2018 at 8:14 am #1044747December 14, 2018 at 2:51 pm #1045293
Thanks for the login, I added the recaptcha shortcode to your contact form to show the element, but you are getting this jQuery error:
Uncaught ReferenceError: jQuery is not defined at createCaptcha ((index):279) at (index):287
I can’t see your functions.php because the editor is hidden.
While researching any additional steps needed to get it to work I found this post from Ismael who wrote the script:
We can’t recommend the same script before because of DSGVO or GDPR. Please try Sucuri or Wordfence to protect your site from third party scripts or spams ~ How Sucuri Helped us Block 450,000 WordPress Attacks in 3 Months
I see that you already have Sucuri installed, perhaps the article has some tips for using it more effectively?
I’m not sure that you will want to continue with the recaptcha.
Have you considered Contact Form 7, I found that there is a addon Contact Form 7 Honeypot which looks like it would be very effective.
MikeDecember 14, 2018 at 5:36 pm #1045349December 15, 2018 at 4:59 am #1045522
It was Google Captcha (reCAPTCHA) by BestWebSoft, but it doesn’t seem to work anymore
MikeDecember 15, 2018 at 6:50 pm #1045690
I stand corrected, Ismael has created a plugin from his original code, no other plugins are needed for it to work.
Please download from here:
and install as a plugin.
Then go to the Enfold > Google Services panel and put your public and site key in the respective fields, and save.
It will automatic show on your contact form, the submit button will be hidden until the Google Captcha is checked.
MikeDecember 15, 2018 at 7:02 pm #1045694
Nice of you(?) to zip up the plugin, as the Github repository does not make it easy to get just an install package.
However, the spam I’m seeing is still bypassing the captcha. The form itself appears to be leaky.
I’ve moved to Contact Form 7 with their math quiz, along with Akismet’s junk filter, as Google Captcha itself is problematic. We’ll see how it goes…
A blog post from the theme developers on this topic, once they get things sorted out, would be nice. It’s obviously important to their customers.December 16, 2018 at 12:09 am #1045757
Yes, I did zip the plugin from Github, as you said it’s not easy to get it from there :)
Google Captcha is crackable, with many services available to spam bots.
Contact Form 7 is a very good product that focuses on contact forms, and I like the Honeypot addon
MikeDecember 16, 2018 at 1:37 am #1045768
And yet I don’t have spam problems with any of my sites that use Google but don’t use Enfold.December 16, 2018 at 5:19 am #1045785December 16, 2018 at 4:14 pm #1045942
@laptophobo thanks for the update, perhaps you could let us know in a week if this has make a big difference for you.
MikeDecember 17, 2018 at 4:52 am #1046138
Will do. I’ll keep this thread open.
Though, I think that the bot attack was an individual hit.January 4, 2019 at 5:19 pm #1050055
Hello, I have the same problem. I installed the plugin but once I click the submit button the entire form disapears.
Any ideas on how to sort this part?January 5, 2019 at 2:17 am #1050151
@jorgepelaez you have a error that the “reCAPTCHA has already been rendered in this element”
so it seems that you are calling the reCAPTCHA twice, so perhaps you also have a reCAPTCHA plugin installed? We would need a admin login to investigate further, but Please open a new thread so we can assist, as this is not your thread, so your login info will not be private here.
Please include the admin login in the Private Content area, of the new thread.
MikeJanuary 5, 2019 at 8:24 am #1050263
As mentioned above, I’ve gone the path of Contact Form 7 with the Honeypot. So far (3 weeks), I’ve not had a bot attack. This may be worth the try.January 5, 2019 at 4:58 pm #1050350
You must be logged in to reply to this topic.