| 开发者 | empexdigital |
|---|---|
| 更新时间 | 2026年6月29日 02:37 |
| PHP版本: | 7.4 及以上 |
| WordPress版本: | 7.0 |
| 版权: | GPLv2 or later |
| 版权网址: | 版权信息 |
https://challenges.cloudflare.com/turnstile/v0/siteverifyhttps://challenges.cloudflare.com/turnstile/v0/api.jsempex-cloudflare-turnstile folder to /wp-content/plugins/, or install directly from the WordPress plugin directory.wp-config.php to prevent exposure via the database:
define( 'EMPEX_CT_SITE_KEY', 'your-site-key-here' );
define( 'EMPEX_CT_SECRET_KEY', 'your-secret-key-here' );Yes. You need a free Cloudflare account to obtain Turnstile API keys. Turnstile itself is free for unlimited use.
No. The Cloudflare Turnstile script is loaded asynchronously and only on pages with protected forms. The plugin adds less than 5ms to server-side processing.
You can configure "Soft-Fail" mode in Settings → Behaviour. In soft-fail mode, form submissions are allowed through (and logged) when Cloudflare is unreachable. In block mode (default), submissions are rejected.
Yes. The Turnstile widget renders fresh on each page visit regardless of HTML caching. We recommend excluding /wp-admin/admin-ajax.php?action=empex_* from your cache rules.
The widget won't render and no token will be generated. The server treats this as a missing token and applies your configured fail mode (block or soft-fail).
The plugin itself collects no personal data by default. Cloudflare Turnstile is documented as GDPR-compliant by Cloudflare. IP address logging in the plugin is opt-in. See our privacy policy suggestion in Settings → Privacy.
Yes. Use the [empex_ct_turnstile] shortcode to add a widget to any form. Developers can verify tokens server-side using the empex_ct_verify_shortcode filter.
Yes. The plugin supports both network-wide and per-site activation. Settings are stored per-site.