IQComputing

@cmd4400 In our settings via Contact > reCaptcha version you’re able to select the Default (v3) or v2, but again I don’t think you can run both at the same time.

One mistake I see many websites make is that they’ll have a Contact Form, but then also in the body of their content, header, or footer they will display their contact email address. Spam bots will usually scrape website content and parse out the email addresses to spam.

It’s also worth noting that because of how ReCaptcha v3 works it does need to be functioning on the website for a certain amount of time before it can “hone in” on spam/bot like behavior.

Finally, you could also give hCaptcha a try as an alternative to Google ReCaptcha.

Hopefully, you’re able to find a solution to your spam issues, best of luck!

@cmd4400 This is true, you cannot run both v2 and v3 versions of ReCaptcha at the same time. If I recall correctly, the scripts Google needs to run for the 2 reCaptcha versions conflict.

Hello @joaopcos

Whenever you edit a Contact Form, there’s a Messages tab. Toward the bottom of this list should be a couple “reCaptcha” inputs to change the error messages. If you’re developer-savvy, you could use the wpcf7_messages hook to update these messages throughout.

You can view the codebase to see how we implement these messages via the same filter hook. These are the messages Contact Form 7 uses in the validation $_POST callback.

Hopefully, using the above you’re able to resolve your issue. If not, please reply back and we can investigate this issue further.

Hello,

We do see on your website that the validation message is not translating correctly. That specific string is used 3 times throughout the system (1, 2, 3) – each time it’s sent through the translation functions and has the correct domain passed. We’ll have to investigate this further to see what exactly is going on. Possibly reaching out to the core Polyglots team for assistance.

Once we have more information we’ll reply back to this thread and let you know.

Hello,

Looking at your posted URL and the Browser JavaScript Console, it looks like the API keys may be incorrect. Please review the Installation Guide and verify that your website domain is listed under the API key, that the Site Key and Secret Key are correct, and that you’ve set the ReCpatcha to be v2 under Contact > ReCaptcha Version. If you’ve verified all these settings and are still running into issues, try to change the ReCaptcha Source from google to recaptcha.net. This can be done under Contact > ReCaptcha Version.

Hopefully with the above instructions you’re able to resolve your issue. Otherwise, you may reply back to this thread and we can assist further. Have a wonderful rest of your week!

Could this be some kind of localized caching going on?

We see the ReCaptcha in an Incognito (Private Browsing Window) in all 3 browsers (Chrome, Firefox, Edge) using the provided troubleshooting URL: /help/contact-us-recaptcha-troubleshooting-version/

Hello,

We have looked at your troubleshooting page and don’t see any issues. We didn’t run into any validation issues when running a test submission. You maybe could lower the Security Preferences on the keys API settings.

If you’re able to replicate the issue, please reply back to this email with instructions and we can investigate further. Have a wonderful rest of your week!

Hello,

Looking at the website source it’s not clear which plugin is concatenating your scripts but some kind of optimization plugin is doing so. We saw instances or wprocket in the source which is a usual culprit for these kind of things.

You may have to go through manual debugging to find out which specific plugin is optimizing your website code. On way to do this is by using the Health Check & Troubleshooting Plugin. We do recommend taking a backup of your website and understanding how to restore this back up in case anything goes wrong during the troubleshooting process. We also recommend referring to their documentation regarding troubleshooting.

Alternatively, you could skip using plugin entirely and use ReCaptcha v3 built into Contact Form 7. Please refer to their documentation for more information. You may need to uninstall this plugin for ReCaptcha v3 to take place.

Finally, there are a couple other ReCaptcha plugins we could recommend trying as well such as Contact Form 7 Captcha or hCaptcha for WordPress.

Hopefully using one of the above solutions you’re able to have ReCaptcha on your Contact Form 7 form.

@nielk Unfortunately, WP Rocket is a premium plugin so we will be unable to give you precise instructions on where to find the exclude settings page. We have linked their documentation in our previous reply and recommend reaching out to their support for further assistance regarding their plugin.

Hello,

This is likely a WP Rocket issue where the WP Rocket plugin defers loading the reCpatcha script. You may try adding the script to WP Rockets exclusion list to see if that helps:

https://docs.wp-rocket.me/article/976-exclude-files-from-defer-js

You’ll want to add the following:

wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js

Make sure when you add the above there are no <pre> tags included in the copy/paste. If you’ve done the above and continue to run into issues please reply back to this email and we can try to assist further.

Hello,

Thank you for bringing this to our attention! The latest version of the plugin should work with the current 6.5 branch of WordPress. If you run into any issues in the meantime feel free to reply back to this thread and we can assist further. Have a wonderful rest of your week!

Hello,

It could have something to do with WP Rocket lazy loading the ReCaptcha Callback script.

The ReCaptcha callback is in the plugin script wpcf7-recaptcha-controls and looking at the page source we see that WP Rocket is lazy loading the script. We would recommend excluding wpcf7-recaptcha-controls from being lazy loading.

https://docs.wp-rocket.me/article/976-exclude-files-from-defer-js

It looks like you may be able to add wpcf7-recaptcha-controls.js to the area linked above in the WP Rocket docs.

Hello,

It looks like something in your CSS is overriding it with display: block !important it looks like it might be some kind of plugin cf7-styler-inline-css – maybe a Contact Form 7 styling plugin targeting textareas.

Maybe try this:

#cf7cstmzr-form #g-recaptcha-response {
    display: none !important;
}

The ID specific targeting may be able to override this. You could put this CSS in your customizer. Hopefully that helps, but if not you’ll need to make your CSS more specific.

Hello,

We do see that you have a ReCaptcha on your Contact Form which is a good start. We have also verified that the ReCaptcha is working as expected.

We suspect that it’s not the form submissions causing issues but the plaintext email addresses displayed throughout your website (Homepage and Contact Page). Unfortunately we are at a point of the internet where it’s rudimentary to parse a websites text and pull any found email addresses. We recommend as an alternative to direct users to your contact form instead of displaying your email address.

If you believe that the above is not the case in most spam submissions, you could increase the Security Preference on the API Key itself, but that may make it more frustrating for actual users trying to submit your forms. See the documentation from Google for more information. If you’re still having spam issues with the form you could try switching over to v3 of ReCapthca (which Contact Form 7 natively supports). This is supposed to be a better version since it monitors how the user interacts with the entire website and not just a specific page. See the Contact Form 7 documentation for more information (and you could uninstall this plugin).

Hello,

Looking at the provided website it appears that you’re running ReCaptcha v3. Unfortunately, Google will not allow you to run both versions of ReCaptcha on your website, you’ll need to pick one to stick with. When you run ReCaptcha v3 you won’t need to enable our plugin, or add the [recaptcha] tag to your forms.

If you’re looking to run ReCaptcha v2 you will first need to figure out and disable reCaptcha v3 altogether.