Linux 软件免费装
Banner图

Fast Secure reCAPTCHA

开发者 fastsecure
更新时间 2017年6月20日 22:54
捐献地址: 去捐款
PHP版本: 3.6.0 及以上
WordPress版本: 4.8
版权: GPLv2 or later
版权网址: 版权信息

标签

comments recaptcha captcha spam security login buddypress woocommerce multisite jetpack anti-spam comment register bbpress wpforo

下载

1.0.0 1.0.1 1.0.10 1.0.11 1.0.12 1.0.13 1.0.14 1.0.15 1.0.16 1.0.17 1.0.18 1.0.19 1.0.2 1.0.20 1.0.3 1.0.4 1.0.5 1.0.6 1.0.7 1.0.8 1.0.9

详情介绍:

Adds No CAPTCHA reCAPTCHA V2 anti-spam to WordPress pages for comments, login, registration, lost password, BuddyPress register, bbPress register, wpForo register, bbPress New Topic and Reply to Topic Forms, Jetpack Contact Form, and WooCommerce checkout. In order to post comments, login, or register, users will have to pass the reCAPTCHA V2 "I'm not a robot" test. This prevents spam from automated bots, adds security, and is even compatible Akismet. Compatible with Multisite Network Activate. Help Keep This Plugin Free If you find this plugin useful to you, please consider making a small donation to help contribute to my time invested and to further development. Thanks for your kind support! - Mike Challis Features:

安装:

How to Install on WordPress
  1. Install automatically through the Plugins, Add New menu in WordPress, find in the Plugins directory, click Install, or upload the fast-secure-recaptcha.zip file.
  2. Activate the plugin through the Plugins menu in WordPress.
  3. Enter your reCAPTCHA site keys on the settings page, be sure to select all the forms you want to protect.
  4. Updates are automatic. Click on "Upgrade Automatically" if prompted from the admin menu. If you ever have to manually upgrade, simply deactivate, uninstall, and repeat the installation steps with the new version.
How to install on WordPress Multisite with Network Activate and Main site control of the settings
  1. Install the plugin from Network Admin menu then click Network Activate.
  2. Go to the Main site dashboard and click on settings for this new plugin.
  3. Enter your reCAPTCHA site keys on the settings page, be sure to select all the forms you want to protect. All the settings configured here will be applied to all the sites. Other site admins cannot see or change the settings.
How to install on WordPress Multisite with Network Activate and individual site control of the settings
  1. Install the plugin from Network Admin menu then click Network Activate.
  2. Go to the Main site dashboard and click on settings for this new plugin. Enter your reCAPTCHA site keys on the settings page, be sure to select all the forms you want to protect.
  3. Check the setting: "Allow Multisite network activated sites to have individual Fast Secure reCAPTCHA settings." Now each site admin will have to enter reCAPTCHA site keys on their dashboard Fast Secure reCAPTCHA settings page, and be sure to select all the forms to protect.
  4. Optionally check the setting: "Allow Multisite network activated main site to copy main site reCAPTCHA API keys to all other sites." This will automatically copy main site API keys to all other sites.

屏幕截图:

  • screenshot-1.png is the reCAPTCHA on the comment form.
  • screenshot-2.png is the reCAPTCHA on the login form.
  • screenshot-3.png is the `Settings` page.

升级注意事项:

There is no need to upgrade just yet.

常见问题:

How does it work?

In the No CAPTCHA reCAPTCHA V2 system, users are asked to click on a "I'm not a robot" checkbox (the system will verify if the user is a human or not, for example, with some clues such as already-known ip addresses, cookies, or mouse movements within the ReCAPTCHA frame) or, if it fails, select one or more images from a selection of nine images.

What are spammers doing anyway?

Human spammers

They actually visit your form and fill it out including the CAPTCHA.

Human or Spambot probes

Sometimes contain content that does not make any sense (jibberish). Humans or Spam bots will try to target any forms that they discover. They first attempt an email header injection attack to use your web form to relay spam emails. This form is to prevent relaying email to other addresses. After failing that, they simply submit the form with a spammy URL or black hat SEO text with embedded HTML, hoping someone will be phished or click the link.

Blackhat SEO spammers

Spamming blog comment forms, contact forms, Wikis, etc. By using randomly generated unique "words", they can then do a Google search to find websites where their content has been posted un-moderated. Then they can go back to these websites, identify if the links have been posted without the rel="nofollow" attribute (which would prevent them contributing to Google's algorithm), and if not they can post whatever spam links they like on those websites, in an effort to boost Google rankings for certain sites. Or worse, use it to post whatever content they want onto those websites, even embedded malware.

Human-powered CAPTCHA solvers

It is easy and cheap for someone to hire a person to enter this spam. Usually it can be done for about $0.75 for 1,000 or so form submissions. The spammer gives their employee a list of sites and what to paste in and they go at it. Not all of your spam (and other trash) will be computer generated - using CAPTCHA proxy or farm the bad guys can have real people spamming you. A CAPTCHA farm has many cheap laborers (India, far east, etc) solving them. CAPTCHA proxy is when they use a bot to fetch and serve your image to users of other sites, e.g. porn, games, etc. After the CAPTCHA is solved, they post spam to your form.

Will this plugin be updated to use Google Invisible reCAPTCHA or can it use Invisible reCAPTCHA already?

Invisible reCAPTCHA needs totally different keys and all different coding for the javascript. I am not going to try changing it right now. I already have reCAPTCHA V2 working just fine and it's also compatible with my Fast Secure Contact Form plugin. I don’t see any any advantage for the Invisible version. The checkbox is really not that much effort anyway. There are no security advantages to it. Invisible ReCAPTCHA isn’t really invisible anyway because you still have to display the Google badge and it will even fully come up with “click the images with signs” if they fail the robot test. Nothing invisible about it. Maybe I will add it someday if the invisible version takes over in popularity or security.

Spammers have been able to bypass my reCAPTCHA, what can I do?

Make sure you have entered your site keys and enabled the reCAPTCHA on your forms. The reCAPTCHA will not show to logged in users posting comments if you have enabled this setting: 'No comment form reCAPTCHA for logged in users'. Maybe a logged in user is the spammer. Check for a plugin conflict. A plugin conflict can break the validation test so that the reCAPTCHA is never checked. Be sure to always test all the comments, login, registration, and lost password reCAPTCHA forms after installing or updating themes or plugins. Troubleshoot plugin conflicts, see troubleshooting below. Sometimes your site becomes targeted by a human spammer or a spam bot and human captcha solver. Google reCAPTCHA is usually very good at blocking this, but if the issue persists, try the following suggestions: Try allowing only Registered users to post, and or moderating comments. Read more about Combating Comment Spam Filter Spam with Akismet – The Akismet plugin filters spam comments. Akismet should able to block most of or all spam that comes in.

Troubleshooting the reCAPTCHA does not display, or it does not block the form properly

This plugin automatically puts the google api JavaScript in the footer and loads it async defer. This plugin automatically loads all necessary HTML and JavaScript needed for the reCAPTCHA. Make sure you did not put any google reCAPTCHA javascript or HTML in your theme or it will for sure will break things. Another plugin could be causing a conflict. You may have a conflict with another reCAPTCHA plugin. Do you have any other plugins that load a reCAPTCHA? Temporarily deactivate other plugins to see if the reCAPTCHA starts working. Most reCAPTCHA plugins are not compatible with each other because of javascript onload conflicts but I know how to make my plugins compatible with each other. This plugin is compatible with the reCAPTCHA you can enable on my other plugin Fast Secure Contact Form. Your theme could be missing the wp_head or wp_footer PHP tag. Your theme should be considered broken if the wp_head or wp_footer PHP tag is missing. Do this as a test: In Admin, click on Appearance, Themes. Temporarily activate your theme to one of the default default themes. It does not cause any harm to temporarily change the theme, test and then change back. Does it work properly with the default theme? If it does then the theme you are using is the cause.

The reCAPTCHA does not display on JetPack comments form

If you have JetPack comments module enabled then captcha/recaptca/anti-spam plugins will not work on your comments form because the comments are then loaded in an iFrame from WordPress.com The solution is to disable the comments module in JetPack, then the reCAPTCHA plugin will work correctly on your comments form.

The reCAPTCHA does not display on the comments form

Make sure that the theme comments.php file contains at least one of the standard hooks: do_action ( 'comment_form_logged_in_after' ); do_action ( 'comment_form_after_fields' ); do_action ( 'comment_form' ); If you didn't find one of these hooks, then put this string in the comment form: <?php do_action( 'comment_form', $post->ID ); ?>

The reCAPTCHA is not working and I cannot login at my login page

This failure could have been caused by another plugin conflict with this one. If you enabled reCAPTCHA on the login form and are locked out due to reCAPTCHA is broken, here is how to get back in: FTP to your WordPress directory /wp-content/plugins/ then delete this folder: fast-secure-recaptcha This manually removes the plugin so you should be able to login again.

My reCAPTCHA has error for site owner: Invalid site key

The google reCAPTCHA keys are domain specific, make sure to get keys for each web site domain you install it on. On the plugin settings page, enter your two Google reCAPTCHA keys for the domain of your site. Included right there is a link to get free keys. Finally click the Save button.

更新日志:

1.0.20 1.0.19 1.0.18 1.0.17 1.0.16 1.0.15 1.0.14 1.0.13 1.0.12 1.0.11 1.0.10 1.0.9 1.0.8 1.0.7 1.0.6 1.0.5 1.0.4 1.0.3 1.0.2 1.0.1 1.0.0