Title: reCAPTCHA V3 for Jetpack Author: Schwarttzy Published: May 27, 2025 Last modified: April 1, 2026 --- Search plugins ![](https://ps.w.org/recaptcha-v3-for-jetpack/assets/banner-772x250.jpg?rev=3301791) ![](https://ps.w.org/recaptcha-v3-for-jetpack/assets/icon-256x256.jpg?rev=3301841) # reCAPTCHA V3 for Jetpack By [Schwarttzy](https://profiles.wordpress.org/schwarttzy/) [Download](https://downloads.wordpress.org/plugin/recaptcha-v3-for-jetpack.1.17.zip) * [Details](https://test.wordpress.org/plugins/recaptcha-v3-for-jetpack/#description) * [Reviews](https://test.wordpress.org/plugins/recaptcha-v3-for-jetpack/#reviews) * [Installation](https://test.wordpress.org/plugins/recaptcha-v3-for-jetpack/#installation) * [Development](https://test.wordpress.org/plugins/recaptcha-v3-for-jetpack/#developers) [Support](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/) ## Description reCAPTCHA for Jetpack enhances your WordPress site’s security by integrating Google reCAPTCHA v3—an invisible, score-based spam filter—with Jetpack contact forms, comments, and WooCommerce registration. Designed for block-based themes (e.g., Full Site Editing), it uses behavioral scoring to block bots seamlessly. Key features: * **Invisible Protection**: Analyzes user behavior (e.g., mouse movements, session duration) to assign a score (0.0–1.0) for contact forms, comments, and WooCommerce registration. * **Customizable Threshold**: Set a score threshold (default 0.5) to balance spam blocking and user access for all forms. * **Conditional Loading**: Control where reCAPTCHA loads: on all pages, specific page types (e.g., front page, single posts), or specific slugs. Improves performance by skipping unnecessary pages. * **Debug Mode**: Toggle console.log output for debugging purposes; disable for production to reduce browser console clutter. * **Skip for Logged-in Users** (new in 1.17): New checkbox to bypass reCAPTCHA entirely for any logged-in user (admins, customers, members, etc.). Perfect for membership sites where only guests need protection. * **Automatic Spam Handling**: - Form submissions with scores below the threshold are reliably blocked and moved to the Jetpack Feedback CPT spam folder in the admin interface. - Comments with scores below the threshold are automatically moved to the spam folder without triggering approval emails. - **New in 1.13 / 1.14**: Blocks bot account creation on WooCommerce registration form (including the My Account page). * **Submission Stats**: Tracks total submissions and logs the last 20 submissions( forms, comments, registration) with scores and status (success/spam) in a streamlined manner. * **Jetpack Integration**: Requires Jetpack for contact form and comment protection, fully compatible with block-based forms and Jetpack forums. * **Email Enhancements**: Appends reCAPTCHA scores to form submission emails and comment notification/moderation emails for transparency. * **Admin Feedback**: Displays reCAPTCHA scores to admins on form success pages and logs detailed debug info for failed submissions. Perfect for modern WordPress sites, this plugin provides robust spam prevention with insightful analytics, ensuring a seamless user experience while keeping your forms, comments, and registrations spam-free. ### External Services This plugin uses Google reCAPTCHA v3, a service provided by Google to verify user interactions and prevent spam on contact forms, comments, and WooCommerce registration. * **Purpose**: Google reCAPTCHA v3 analyzes user behavior to assign a score (0.0– 1.0) indicating the likelihood of a user being a bot. This score determines whether form submissions, comments, or registrations are blocked (moved to spam). * **Data Sent**: When a user submits a form, comment, or registers, the plugin sends a reCAPTCHA token to Google’s API (`https://www.google.com/recaptcha/api/ siteverify`). The request includes only the secret key and response token. * **When Data is Sent**: Data is sent to Google’s API on every Jetpack contact form, comment, or WooCommerce registration submission. * **Service Provider**: Google LLC. * **Terms of Service**: https://www.google.com/recaptcha/about/ * **Privacy Policy**: https://policies.google.com/privacy Users must agree to Google’s terms of service when setting up reCAPTCHA keys. No user consent is required for reCAPTCHA v3, as it operates invisibly without challenges. ### License This plugin is licensed under the GPLv2 or later. See https://www.gnu.org/licenses/ gpl-2.0.html for details. ## Screenshots * [[ * **Settings Page**: Configure Site Key, Secret Key, v3 Score Threshold, Debug Mode, Loading Conditions, and the new “Skip reCAPTCHA for logged-in users” option under Settings > reCAPTCHA for Jetpack. * [[ * **Submission Stats**: View total submissions, the last 20 submissions (forms, comments, registration), and spam/success status. * [[ * **Instruction Guide**: Step-by-step help for obtaining reCAPTCHA v3 keys from Google. ## Installation 1. Upload the `recaptcha-v3-for-jetpack` folder to the `/wp-content/plugins/` directory. 2. Activate the plugin through the ‘Plugins’ menu in WordPress. 3. Ensure Jetpack is installed and active (required for contact form and comment protection). 4. Go to `Settings > reCAPTCHA for Jetpack` in your WordPress admin to configure settings. 5. Enter your Google reCAPTCHA v3 Site Key and Secret Key (see “How to Get reCAPTCHA Keys” in settings). 6. Adjust the v3 Score Threshold if needed (0.0–1.0, default 0.5). 7. Configure loading conditions to optimize performance (all pages, specific types, or slugs). 8. Toggle debug mode on for troubleshooting or off for production (default: off). 9. Enable “WooCommerce Registration Protection” to stop bot account creation (including the My Account page). 10. **New in 1.17**: Enable the new “Skip reCAPTCHA for all logged-in users” checkbox if you want logged-in users to bypass reCAPTCHA (useful on membership sites). 11. Test your forms, comments, and registration—view stats, scores, and spam status in the settings page. ## FAQ ### Do I need Jetpack for this plugin? Yes, Jetpack is required for contact form and comment protection. ### How does reCAPTCHA v3 work? reCAPTCHA v3 runs invisibly, analyzing user behavior to assign a score (0.0–1.0). Form submissions, comments, or registrations scoring below the threshold (default 0.5) are reliably blocked, with forms moved to the Jetpack Feedback CPT spam folder and comments flagged as spam. ### Where do blocked form submissions go? Form submissions failing reCAPTCHA verification are saved in the Jetpack Feedback CPT with a ‘spam’ status, visible in Jetpack > Feedback > Spam in the admin interface. ### How do I check my site’s reCAPTCHA scores? Submit a form, comment, or register—then view total submissions, the last 20 submissions( with scores and spam/success status), and debug logs in Settings > reCAPTCHA for Jetpack. Detailed analytics are available in the Google reCAPTCHA Admin Console. ### Why do I see “The reCAPTCHA keys format is invalid” error? This error appears if the Site Key or Secret Key entered in the settings is not 40 characters long or contains invalid characters (only letters, numbers, hyphens, and underscores are allowed). Common causes include: – Copying only part of a key or adding extra spaces. – Using keys from reCAPTCHA v2 or another service. To fix it: 1. Visit [Google reCAPTCHA admin](https://www.google.com/recaptcha/admin/create). 2. Select your reCAPTCHA v3 site or create a new one, ensuring “reCAPTCHA v3” is chosen. 3. Copy the full 40-character Site Key and Secret Key exactly as provided. 4. Paste them into the settings page and save. 5. Test a form or comment to confirm the keys work. For help, see Google’s setup guide: [https://developers.google.com/recaptcha/docs/v3](https://developers.google.com/recaptcha/docs/v3). ### Why do my form or comment submissions fail reCAPTCHA verification? A low reCAPTCHA score (below the threshold, default 0.5) can occur if users auto- fill forms or comments using browser autofill or password managers, as this mimics bot behavior. To improve verification success: – Fill out forms and comments manually, avoiding autofill tools. – Check the score and status in the “Last 20 Submissions” table in Settings > reCAPTCHA for Jetpack. – Adjust the score threshold lower (e. g., 0.3) if legitimate submissions are frequently blocked. For persistent issues, contact support at [schwarttzy.com/contact-me/](https://schwarttzy.com/contact-me/). ### Where do I get help? Contact support at [schwarttzy.com/contact-me/](https://schwarttzy.com/contact-me/) or via the [WordPress.org support forum](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/). ## Reviews ![](https://secure.gravatar.com/avatar/3580c89c6189fc3e3462675c4b62a11bb1fbfd2597243637e4b36d7aefca30e4? s=60&d=retro&r=g) ### 󠀁[Excellent Spam Protection for Jetpack Forms!](https://wordpress.org/support/topic/excellent-spam-protection-for-jetpack-forms/)󠁿 [Schwarttzy](https://profiles.wordpress.org/schwarttzy/) May 27, 2025 reCAPTCHA V3 for Jetpack is a game-changer for my website. It seamlessly integrates Google’s reCAPTCHA V3 with Jetpack contact forms, blocking spam without annoying users with challenges. Setup was straightforward, and the plugin is lightweight with no noticeable performance impact. Highly recommend for anyone using Jetpack! [ Read all 1 review ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/) ## Contributors & Developers “reCAPTCHA V3 for Jetpack” is open source software. The following people have contributed to this plugin. Contributors * [ Schwarttzy ](https://profiles.wordpress.org/schwarttzy/) [Translate “reCAPTCHA V3 for Jetpack” into your language.](https://translate.wordpress.org/projects/wp-plugins/recaptcha-v3-for-jetpack) ### Interested in development? [Browse the code](https://plugins.trac.wordpress.org/browser/recaptcha-v3-for-jetpack/), check out the [SVN repository](https://plugins.svn.wordpress.org/recaptcha-v3-for-jetpack/), or subscribe to the [development log](https://plugins.trac.wordpress.org/log/recaptcha-v3-for-jetpack/) by [RSS](https://plugins.trac.wordpress.org/log/recaptcha-v3-for-jetpack/?limit=100&mode=stop_on_copy&format=rss). ## Changelog #### 1.17 * **New Feature**: Added “Skip reCAPTCHA for all logged-in users” checkbox under Configuration in the settings page. * When enabled, any logged-in user (admins, customers, members, etc.) completely bypasses reCAPTCHA on Jetpack forms, comments, and WooCommerce registration. * Ideal for membership sites where only guests need protection. * The new option is fully documented, sanitized, and uses the standard hidden-input pattern so it can be turned off reliably. * All previous features and fixes from 1.16 remain fully intact and unchanged. #### 1.16 * **Major reliability, performance & security improvements**: - Hardcoded plugin version constant (eliminates unnecessary disk I/O on every page load). - Fixed critical JavaScript submit race condition (preventDefault + dispatchEvent so Jetpack AJAX and WooCommerce validation still run). - Removed WordPress nonces entirely (prevents “Invalid nonce” errors on cached sites). - Fixed Debug Mode and WooCommerce registration checkboxes so they can actually be turned off. - Removed background token refresh interval (prevents quota burn on long-open tabs). - Removed optional remoteip parameter (fixes Cloudflare/proxy false positives and GDPR concerns). - Added server-level error handling for wp_remote_post failures. - Fixed Debug Mode string handling in JavaScript. - Fixed settings sub-options visibility on page reload. - Updated documentation to accurately reflect reCAPTCHA v3 score range (0.0– 1.0) and removed IP mention. * All previous features (conditional loading, WooCommerce My Account protection, stats, etc.) remain fully intact. #### 1.15 * Added safety check for WooCommerce (class_exists(‘WooCommerce’)) to prevent errors on non-Woo sites. * Improved email backward compatibility: Handles both old array and new string formats from Jetpack updates. * Updated table header in settings to include “WooCommerce Registration” for clarity on logged types. * Minor code refinements for robustness and readability. #### 1.14 * Explicit protection for the Register form on the WooCommerce My Account page ([ woocommerce_my_account] shortcode). * Expanded JavaScript selector for 100% reliability on the My Account page. * Updated settings checkbox label and readme to clearly mention My Account protection. * Heavy comments added to js/recaptcha.js so anyone can follow the code. * Tag limit fixed to exactly 5 tags (removed duplicate). #### 1.13 * **New**: Added protection for WooCommerce registration form to stop bot account creation (new checkbox in settings). * Compatibility note: Fully tested with latest Jetpack 15.6 and WordPress 6.9. * Updated description, installation, and changelog to reflect WooCommerce support. * All previous features (conditional loading, admin quick reply fix, debug mode) remain intact and unchanged. #### 1.12 * Added conditional loading: New “Loading Conditions” section in settings to control where reCAPTCHA loads (all pages, specific types like front page/single posts, or specific slugs). * Wrapped submit button in < p class=”submit”> to match core WordPress style. * Made footer version dynamic using RECAPTCHAFORJETPACK_VERSION constant. * Fixed admin quick reply issue: Skip verification for users with moderate_comments capability (e.g., admins replying in wp-admin > Comments). * Updated Tested up to 6.9. * Added more inline comments for readability. #### 1.11 * Added option to toggle console.log debugging on/off via settings page for production use. * Updated plugin version to 1.11. #### 1.10 * Enhanced reCAPTCHA key validation with detailed error messages for invalid key formats, explaining the issue (e.g., incorrect length or characters) and providing steps to fix it with links to Google’s reCAPTCHA admin console and setup guide. * Improved key save success message to detail validation checks and guide users to test forms/comments. * Added warnings about auto-filling forms/comments causing low reCAPTCHA scores, with guidance to use manual input, in the form failure message and settings page. * Removed unreliable API test that falsely warned “keys may be invalid” even for valid keys. * Added advice to test keys via form or comment submission for accurate verification. * Added logging of key save attempts in the settings page for debugging. * Updated plugin version to 1.10. #### 1.9 * Updated setup instructions in the settings page to use the correct Google reCAPTCHA admin URL (`https://www.google.com/recaptcha/admin/create`) and clarified options for registering a new site (selecting “reCAPTCHA v3” and adding domains). * Added action links to the Plugins page for direct access to the settings page, support contact, and rating the plugin on WordPress.org. #### 1.8 * Shortened plugin short description to meet WordPress.org’s 150-character limit. * Added action links to the Plugins page for direct access to the settings page and support contact. #### 1.7 * Fixed comment spam handling: Comments scoring below the reCAPTCHA threshold are now properly marked as spam and no longer send approval emails to administrators. * Enhanced form spam handling: Form submissions failing reCAPTCHA are reliably moved to the Jetpack Feedback CPT spam folder without external dependencies, ensuring consistent admin visibility (Jetpack > Feedback > Spam). * Consolidated submission logging: Streamlined logs to reduce redundancy and improve clarity in the settings page. * Improved code commenting: Added detailed PHPDoc and inline comments for better maintainability and debugging. #### 1.6 * Added reCAPTCHA v3 protection for comments, including Jetpack forum comments. * Automatically moves comments with scores below threshold to spam. * Updated settings page and logs to include comment submission stats. * Fixed text domain to match plugin slug (`recaptcha-v3-for-jetpack`). * Added nonce checks for form and comment submissions. * Documented Google reCAPTCHA v3 usage in readme. #### 1.5 * Added total submissions counter and last 20 submissions log. * Updated settings page with new stats section. #### 1.4 * Enhanced settings page with scoring tip linking to Google reCAPTCHA Admin Console. #### 1.3 * Optimized block-based theme support with raw content checks for Jetpack forms. * Refined settings page styling to match Jetpack. ## Meta * Version **1.17** * Last updated **2 months ago** * Active installations **300+** * WordPress version ** 5.0 or higher ** * Tested up to **6.9.4** * PHP version ** 7.0 or higher ** * Language * [English (US)](https://wordpress.org/plugins/recaptcha-v3-for-jetpack/) * Tags * [contact form](https://test.wordpress.org/plugins/tags/contact-form/)[jetpack](https://test.wordpress.org/plugins/tags/jetpack/) [recaptcha](https://test.wordpress.org/plugins/tags/recaptcha/)[spam](https://test.wordpress.org/plugins/tags/spam/) [woocommerce](https://test.wordpress.org/plugins/tags/woocommerce/) * [Advanced View](https://test.wordpress.org/plugins/recaptcha-v3-for-jetpack/advanced/) ## Ratings 5 out of 5 stars. * [ 1 5-star review ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/?filter=5) * [ 0 4-star reviews ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/?filter=4) * [ 0 3-star reviews ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/?filter=3) * [ 0 2-star reviews ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/?filter=2) * [ 0 1-star reviews ](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/?filter=1) [Your review](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/#new-post) [See all reviews](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/reviews/) ## Contributors * [ Schwarttzy ](https://profiles.wordpress.org/schwarttzy/) ## Support Got something to say? Need help? [View support forum](https://wordpress.org/support/plugin/recaptcha-v3-for-jetpack/)