All In One Security Captcha Settings shows you how to protect the login page, the registration page and more by adding captcha.
Last Updated: August 16, 2023
Latest News: Updated the documentation.
It is important to add good security to your website login form. Enabling captcha to the login form will increase your security and peace of mind.
The following documentation shows you how to enable captcha security to the login form, registration form, comment form including WooCommerce plugin if it is installed in your site. This is another effective way to add “Brute Force” prevention technique to your site.
If you enable Google reCAPTCHA the reCAPTCHA widget will be displayed for all the forms the captcha is enabled in the settings below. If Google reCAPTCHA is disabled the simple maths captcha form will apply instead and users will need to enter the answer to a simple mathematical question.
Note: Currently you have the option of using Cloudflare Turnstile, Google reCAPTCHA V2 or a plain maths captcha.
What you need:
All In One Security Captcha Settings
Step 1 ) Go to WP Security -> Brute Force -> CAPTCHA Settings tab to set up the login captcha as illustrated in the following image.
CAPTCHA Settings Options
- No CAPTCHA
- Cloudflare Turnstile
- Google reCAPTCHA V2
- Simple Math CAPTCHA
===============================
Cloudflare Tunstile and Google reCAPTCHA V2 Settings
Step 2 ) The following image shows you the settings that apply to Cloudflare Turnstile and Google reCAPTCHA V2.
Cloudflare Turnstile and Google reCAPTCHA V2 Settings
- Select Cloudflare Turnstile or Google reCAPTCHA V2 as default:
- Site Key:
- Secret Key:
===============================
Login Form Captcha Settings
Step 3 ) The following image Login Form Captcha Settings allows you to set up the following option.
Login Form Captcha Settings
- Enable Captcha On Login Page:
Registration page CAPTCHA settings
Step 4 ) The following image Registration page CAPTCHA settings allows you to set up the following option.
Registration page CAPTCHA settings
- Enable CAPTCHA on registration page:
Lost Password Form Captcha Settings
Step 5 ) The following image Lost Password Form Captcha Settings allows you to set up the following option.
Lost Password Form Captcha Settings
- Enable Captcha On Lost Password Page:
Custom Login Form Captcha Settings
Step 6 ) The following image Custom Login Form Captcha Settings allows you to set up the following option.
Custom Login Form Captcha Settings
- Enable Captcha On Custom Login Form:
Add CAPTCHA to comments form
Step 7 ) The following image Add CAPTCHA to comments form allows you to set up the following option.
Add CAPTCHA to comments form
- Enable CAPTCHA on comments forms:
- Click on Save settings button once you have completed your settings.
WooCommerce Forms Captcha Settings
Note: Check the following URL AIOWPS And WooCommerce Captcha Settings to learn more about setting up captcha in WooCommerce plugin.
Troubleshooting Captcha
Q1 There was a question/ issue posted in the forum about adding captcha to the sidebar using a widget/plugin.
Solution: You can read more about the solution from the following URL sidebar-login-captcha-not-working provided by one of the developers.
====================
Q2 How do I change captcha background and letters colours?
Solution One: The following is an example:
.aiowps-captcha-equation{
background-color:white;
color: black;
}Insert the above code using either a custom css plugin or put it in your theme’s css file. (Change the colours to suit your needs) (Solution provided by wpsolutions.)
====================
Q3 The database is full of transient data entries when the Captcha feature is enabled in the login page. How do I clear all transient data accumulated in the database?
Solution One: AIOWPS plugin has a code which will automatically clean up the old transient entries created by captcha feature. The code is triggered once daily via a wp cron event. You can try a simple test if you wish to confirm whether cleanup code is working. The cron job name is aiowps_hourly_cron_event.
- First log into you DB via phpMyAdmin in an Apache server and observe how many transient entries you have in the wp options table with the following “aiowps_captcha” in the option name.
- Next, from your wp admin panel deactivate and reactivate the AIOWPS plugin. (this will trigger the daily cron job which will run the transient cleanup code) Note: The following plugin WP Control allows you to run and manage cron jobs in your site. This is useful if you don’t have access to your server.
- Then check your DB again to see if the old captcha transients were deleted. (If they are then you now that the cron job is working correctly in your site.)
- I recommend that you hide your login page via one of the brute force features. This should limit the amount of transient entries produced by the captcha feature.
====================
Q4 The captcha answer is always incorrect. So when you deactivate the plugin by renaming the folder and then logging into the WP admin panel, you get logged out of the WP admin panel immediately after re-activating the AIOWPS plugin again?
Solution One: PLEASE follow the instructions below carefully.
- login to your DB using PHPMyAdmin
- Go to the wp_options table
- Look for the entry which has option_name equal to “aio_wp_security_configs”
- Copy the option_value and paste it in a text document in case you need to restore this if something goes wrong.
- Then inside the option_value search for the following string: s:27:”aiowps_enable_login_captcha”;s:1:”1″
- Change the above to look like this: s:27:”aiowps_enable_login_captcha”;s:0:””, Note: s:1 was changed to s:0 and “1” was changed to “”.
- Save your table row.
The above will deactivate the login captcha. If you run into issues simply paste the string you saved before you made any changes and save the DB row and then you will at least restore the aiowps settings back to the original state
Note: If you enable the other captcha options and run into similar issues, you can use the above steps for troubleshooting.
Does your host provider do automatic page caching on the server side?
If they do, then this may be the reason why you are having captcha issues for your login forms. You will need to ask your host support guys to NOT cache the login page. (Solution provided by wpsolutions in the forum)
====================
Q5 Someone reported an issue they were having when enabling captcha in the comments form.
Solution: Just remember that in most cases it will be a conflict with your theme. You should test one of WordPress default themes like Twenty Sixteen or Seventeen. This test will let you know if it is your theme causing this issue. Click on the following URL add-captcha-to-comments-form-is-not-working to read the reply by one of the developers.
====================
Q6 I regularly get feedback from people that the captcha is not working correctly and blocking their ability to comment on posts. I just enabled “Enable Captcha On Comment Forms”. Is there anything else I can to do? Is this a known issue?
Solution: There is no issue with captcha in the comment form. However there are times that you might run into a conflict between plugins and or the theme. Someone provided a solution in the forum post.
===============================
That is how simple it is to set up and add captcha security to your login form, registration form, comment form in your site including WooCommerce plugin.
If you have any questions please let me know.
Enjoy.
All In One WP Security & Firewall Plugin Tutorial List
I have been working in IT since 1999 and I enjoy the challenges it brings me. I love developing websites with WordPress. I spend a lot of time helping out in wordpress.org forums. I have been writing tutorials since 2011. Now I am learning how to manage my own VPS "Virtual Private Server.