Combine reCAPTCHA with Cerber WP Plugin to successfully protect against bots
Using reCAPTCHA for WordPress login form is a bad practice and does not protect WordPress from being hacked by bots and hackers
What is reCAPTCHA, anyway?
reCAPTCHA is a human verification mechanism that created and maintained by Google as a free web service. WP Cerber supports reCAPTCHA for WooCommerce and WordPress forms as antispam feature.
Why does reCAPTCHA not protect WordPress from bots and brute-force attacks?
Because WordPress has three authorization methods that enabled by default. That means hackers have access to three entrances on any WordPress powered website. The first one is being used when you are using ordinary WordPress login form. Two other methods are invisible for you but known for hackers and specialized software that hackers use. Hackers use them to probing a website and to obtain correct user password or to get access to the WordPress Dashboard with admin privileges.
How to bypass reCAPTCHA
Is it possible that bots can solve reCAPTCHA without a human? Sounds unbelievable but they can in some way. The method is based on using voice captcha called Audio Challenge and one of those online speech recognition services like Google Speech Recognition API. A hacker takes an audio file with voice captcha generated by reCAPTCHA and then recognize it with a speech recognition service. Is not it brilliant?
How to fix? User Cerber WP Plugin – CERBER SECURITY & ANTISPAM with reCaptcha
Install the 2 plugins (via WordPress – plugins – search)
You can easily set up reCAPTCHA on a website having the WP Cerber Security plugin installed. Before you can start using reCAPTCHA on any website, you have to obtain a Site key and a Secret key on the Google website for the website.
Register your website and get both keys here: https://www.google.com/recaptcha/admin
Note: If you are going to use an invisible version, you must get and use Site key and a Secret key for the invisible version only.
- After keys have been created for you, go to the reCAPTCHA settings page of the WP Cerber plugin. It’s located under the Anti-spam menu.
- Copy keys to the appropriate fields in the reCAPTCHA settings.
- Check checkboxes for all forms you want to be protected with reCAPTCHA.
- Make sure that the reCAPTCHA widget is displayed correctly.
- Done!
Good luck!
Source:
