Prevent spam on your Advanced Custom Fields (ACF) v5 frontend forms with Google reCAPTCHA.
ACF reCAPTCHA brings Google reCAPTCHA to Advanced Custom Fields, to be used on frontend forms.
- ACF reCAPTCHA Protection ensures that spambots cannot circumvent reCAPTCHA to submit forms on the server-side
- ACF-compliant client-side validation which prompts the user if reCAPTCHA is not clicked or had expired
- Customizable reCAPTCHA options, including theme (light/dark), type (image/audio) and size (normal/compact)
- Compatible with ACF Conditional Logic feature, which allows hiding/showing certain fields until the reCAPTCHA has been passed
For more detailed setup instructions, or to report an issue, please head over to the GitHub repository here.
ACF Frontend Forms
ACF reCAPTCHA is meant to be used only on frontend forms, in order to protect them from spam by spambots.
To create a frontend form programmatically, please view the official documentation on the ACF website here.
ACF reCAPTCHA is currently only compatible with ACF v5 at the moment. If you would like to help to add support for v4, do submit a PR on GitHub.
- Disable plugin on ACF versions which are not supported (e.g. ACF v4)
- Fixed settings page link from the Plugins page
- Removed shorthand array syntax (not supported on PHP < 5.4)
- Added settings page to configure site-wide default reCAPTCHA keys, if not specified
- Better handling of server-side reCAPTCHA verification errors
- Accepted 'true' as a string value when using acf_form() to set the flag directly
- Perform server-side verification of recaptcha fields in form even if recaptcha flag is not set (to catch misconfigurations)
- Fixed an important security bug, which allowed bots to bypass reCAPTCHA. Read more here
- Multiple reCAPTCHA widgets will be able to render on the same page
- Removed AJAX verification of reCAPTCHA values and instead perform it only during form submission
- Expiry of reCAPTCHA value will trigger an ACF validation error on the client side
- Made help text and links available in the Field Group settings page to reference ACF reCAPTCHA Protection easily
- Added an Upgrade Notice box for future important upgrade notices
- Make Google reCAPTCHA API JS load asynchronously to prevent possible race conditions
- Bump to version 1.1 (no changes since 1.0.8), as the plugin was not following semantic versioning earlier. Revamped the README and added a fresh new icon to celebrate! 🙂
- Summary of new features since 1.0:
- Removed requirement for cURL to be used
- Add support for ACF conditional logic
- Numerous other bugfixes
- Fixes bug in not allowing Options Page to save.
- Fix regression caused in 1.0.6.
- Add support for ACF conditional logic.
wp_remote_postmethod for the reCAPTCHA POST request. This removes the need for cURL on your server.
- Fix WSOD errors
- Added fixes for some issues
- Prevent reCAPTCHA from showing up on backend
- Support translation of error messages
- Fix for reCAPTCHA API not being enqueued in certain themes
- Initial version
In order to use ACF reCAPTCHA, you need to generate your reCAPTCHA API keys for your domain at the Google reCAPTCHA Dashboard first.
- In the ACF field group edit page, click Add Field to add a new field.
- Find the reCAPTCHA field type under Custom.
- Enter your site key and secret key that was generated previously.
- (optional) Configure the theme, size and type of the reCAPTCHA widget.
- Important: Scroll down to the bottom of the page, and enable ACF reCAPTCHA Protection for the field group.
ACF reCAPTCHA customization in the ACF backend page. Enter your site and secret keys here.
ACF reCAPTCHA Protection toggle under Field Group Settings. Use this to ensure that your forms are fully protected against spambots.
Example frontend form with ACF reCAPTCHA used with Conditional Logic. The textarea is only displayed when the reCAPTCHA is solved.