=== ThinkCaptcha – Login Captcha, Register Captcha & Checkout reCAPTCHA === Contributors: thinkplugin Tags: login captcha, register captcha, woocommerce captcha, google recaptcha, security Requires at least: 5.5 Tested up to: 6.8 Stable tag: 1.1.5 License: GPLv2 or later License URI: https://www.gnu.org/licenses/gpl-2.0.html Secure WordPress & WooCommerce forms with Google reCAPTCHA. Stop spam, bots, and brute-force attacks effectively. == Description == **Enhance Your Website's Login Security with the Power of Google reCAPTCHA** Are you tired of spam registrations, brute-force login attacks, and junk form submissions? ThinkCaptcha is the definitive **Google reCAPTCHA** plugin for WordPress, designed to provide maximum **login security** with a simple and modern interface. ThinkCaptcha allows you to easily add a **login captcha**, **register captcha**, and password reset captcha to your most vulnerable forms using Google's user-friendly "I'm not a robot" checkbox (reCAPTCHA v2). This is the ultimate **spam protection** and **bot protection** your site needs. **Free Features for Essential Security:** * [cite_start]**WordPress Login Captcha**: Implement a secure **login captcha** on your `/wp-login.php` page to stop brute-force attacks and enhance **login security**[cite: 7]. * [cite_start]**WooCommerce Login Captcha**: Protect your customer accounts by adding a **WooCommerce captcha** to the login form[cite: 8]. * [cite_start]**WooCommerce Register Captcha**: Stop fake user sign-ups with a robust **register captcha** on your WooCommerce registration form[cite: 9]. * [cite_start]**Password Reset Captcha**: Secure both WordPress and WooCommerce password reset forms from bot abuse[cite: 10]. * [cite_start]**Optimized for Performance**: The Google reCAPTCHA script loads asynchronously and only on pages where it is needed[cite: 11]. **🚀 Upgrade to ThinkCaptcha Pro for Ultimate Form Security!** Spammers target every form on your site. [cite_start]ThinkCaptcha Pro extends this powerful **reCAPTCHA** protection to create a comprehensive security shield[cite: 13]. * **WooCommerce Checkout Captcha**: The best way to prevent fraudulent orders and spam. [cite_start]Add a **checkout captcha** to your WooCommerce checkout page[cite: 15]. * **Contact Form 7 reCAPTCHA**: Our most requested feature! [cite_start]Add a **Contact Form 7 reCAPTCHA** to every contact form and eliminate junk mail forever[cite: 17]. * [cite_start]**WPForms Captcha**: Secure all forms created with WPForms with a powerful **WPForms captcha**[cite: 18]. * [cite_start]**WordPress Register Captcha**: Block spambots from creating user accounts on your main WordPress registration form with a secure **register captcha**[cite: 19]. * [Secure your entire website today. [cite_start]Get ThinkCaptcha Pro Now!](https://thinkplugin.com/thinkcaptcha-pro/) [cite: 20] == Third-Party Service Disclosure == [cite_start]This plugin connects to the Google reCAPTCHA service to protect forms from bots and spam[cite: 20]. * [cite_start]**Service Used:** Google reCAPTCHA (a service provided by Google LLC)[cite: 21]. * [cite_start]**What Data is Sent:** To verify if a user is human, this service collects and sends hardware and software information, such as device and application data, to Google[cite: 22]. [cite_start]The user's IP address is also collected[cite: 23]. * [cite_start]**When Data is Sent:** This data is sent whenever a form protected by this plugin is displayed and submitted[cite: 23]. * [cite_start]**Links to Policies:** The use of the Google reCAPTCHA service is subject to Google's [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms)[cite: 24]. == Installation == 1. [cite_start]Upload the `thinkcaptcha` folder to the `/wp-content/plugins/` directory[cite: 25]. 2. [cite_start]Activate the plugin through the 'Plugins' menu in WordPress[cite: 26]. 3. [cite_start]Go to the "ThinkCaptcha" menu in your WordPress admin dashboard[cite: 27]. 4. [cite_start]Visit the [Google reCAPTCHA admin console](https://www.google.com/recaptcha/admin/create) to get your Site Key and Secret Key for reCAPTCHA v2 ("I'm not a robot" Checkbox)[cite: 28]. 5. [cite_start]Copy and paste your keys into the plugin's settings page to begin protecting your forms with reCAPTCHA[cite: 29]. 6. [cite_start]Use the simple toggles to enable the **login captcha**, **register captcha**, or other forms[cite: 30]. 7. [cite_start]Save changes, and your **form security** is active! [cite: 31] == Frequently Asked Questions == = How do I add a login captcha for WordPress login security? = ThinkCaptcha makes it easy. [cite_start]After installing and adding your Google reCAPTCHA keys, simply go to the ThinkCaptcha settings page and toggle on "WordPress - Login Form"[cite: 33]. [cite_start]A secure **login captcha** will automatically be added to your login page, dramatically improving your site's **login security** against brute-force attacks[cite: 34]. = How can I add Google reCAPTCHA to my WooCommerce forms? = [cite_start]Our plugin offers deep integration with WooCommerce[cite: 35]. [cite_start]You can add a **WooCommerce captcha** to the login, registration, and password reset forms directly from our settings panel with a single click[cite: 36]. [cite_start]The Pro version also allows you to add a **checkout captcha**[cite: 37]. = Does this plugin work as a Contact Form 7 reCAPTCHA solution? = Yes! [cite_start]The Pro version is the perfect **Contact Form 7 reCAPTCHA** plugin[cite: 39]. [cite_start]It automatically integrates with all your CF7 forms to block spam submissions effectively[cite: 40]. = What is the difference between a captcha and reCAPTCHA? = [cite_start]"Captcha" is the general term for a test to tell humans and bots apart[cite: 42]. [cite_start]"reCAPTCHA" is Google's specific, advanced version of a captcha, which uses sophisticated risk analysis to provide a better user experience[cite: 43]. [cite_start]ThinkCaptcha uses Google's secure and user-friendly reCAPTCHA v2[cite: 44]. = Does this plugin slow down my site? = [cite_start]No. The plugin is lightweight, and the Google reCAPTCHA script is loaded asynchronously using WordPress best practices, meaning it doesn't block your page from loading[cite: 45]. [cite_start]It only loads on pages where the captcha is active[cite: 46]. == Screenshots == 1. [cite_start]The modern and clean settings panel, showing the Pro upgrade hero section[cite: 47]. 2. [cite_start]The General Settings section for entering Site and Secret keys[cite: 48]. 3. [cite_start]The Integrations section, showing free features enabled and Pro features locked with an "Upgrade" button[cite: 49]. 4. [cite_start]Example of the reCAPTCHA box on the WordPress login form[cite: 50]. 5. [cite_start]Example of the reCAPTCHA box on a WooCommerce form[cite: 51]. == Changelog == = 1.1.5 = * FIX: Resolved "Short Description" length warning in readme.txt. * FIX: Resolved "Tested up to" tag validation error by correcting version format. * FIX: Resolved translation loading notice by optimizing text domain calls. * FIX: Added missing translator comments to settings file for better I18n compliance. * TWEAK: Removed Google Fonts dependency to improve GDPR compliance; switched to native WordPress admin fonts. * TWEAK: Enhanced IP detection for sites behind Cloudflare or Proxy. = 1.1.4 = * [cite_start]TWEAK: Optimized plugin name, description, and tags for better SEO and discovery on WordPress.org[cite: 52]. = 1.1.3 = * [cite_start]TWEAK: Added tags to plugin header file for better search discovery[cite: 53]. = 1.1.2 = * [cite_start]FIX: Implemented `wp_enqueue_script` for loading external JavaScript to adhere to WordPress.org standards[cite: 54]. * [cite_start]FIX: Added nonce checks to all form submissions for improved security against CSRF attacks[cite: 55]. * [cite_start]FIX: Implemented sanitization and unslashing for all `$_POST` and `$_SERVER` inputs[cite: 56]. * [cite_start]FIX: Added versioning to all enqueued scripts and styles to prevent caching issues[cite: 57]. * [cite_start]FIX: Corrected readme.txt to match plugin version, tag count, and description length requirements[cite: 58]. * [cite_start]FIX: Added `isset` check for `$_SERVER` variables to prevent potential notices[cite: 59]. = 1.1.1 = * [cite_start]FIX: Bundled Font Awesome library locally to comply with WordPress.org guidelines and remove external dependencies[cite: 60]. * TWEAK: Updated version number. = 1.1.0 = * [cite_start]Initial public release[cite: 61]. == Upgrade Notice == = 1.1.5 = This update includes critical fixes for translation loading, improves GDPR compliance by removing external Google Fonts, and fixes validator warnings.