In this article:
As we stated when covering WP Cerber Security hardening options, the plugin can replace other WordPress security plugins. In that article, we discussed replacing the maintenance page as an example. This time we replace the WordPress Heartbeat API and reCAPTCHA plugins.
WP Cerber Security has an antispam engine to protect your website forms from spam comments. Below we cover how to enable antispam engine and reCAPTCHA features.
Warning: After you enable these settings, you should test your forms to ensure they still work.
- Log in to WordPress.
- On the left, hover over WP Cerber Security and click Antispam.
- Enable antispam protection on the different form types: Comment form, Registration form, and Other forms.
- Toggle Safe mode if necessary to allow AJAX. This may negate the need for the WordPress Heartbeat API plugin.
- Toggle Logged in users if you’d like to disable bot detection for logged in users.
- Fill the Query whitelist to allow POST request queries.
- If a spam comment detected – Deny it completely or Mark it as spam for review.
- Trash spam comments after a set number of days automatically.
- Save Changes.
If you have a Google account, you can set up reCAPTCHA for your WordPress forms.
- Click the reCAPTCHA tab at the top.
- Register the website for the site and secret keys at Google.com/reCAPTCHA.
- Insert your Site key and Secret key in their respective text field.
- Toggle Invisible reCAPTCHA if applicable.
- Toggle reCAPTCHA for the Registration form, Lost password form, Login form, and Antispam options for WordPress and the WooCommerce e-commerce plugin (if installed) to your preference.
- Limit attempts for IP addresses for # minutes after # failed logins within # minutes.
- Save Changes.
See the steps in action below: