We have already gone through a few ways of making your WordPress website more secure, but if you want to make your WordPress login even more secure, and specifically try and avoid bots from attempting to login to your site, then you can do this by adding a Google reCAPTCHA to your login page.
The Google reCAPTCHA is designed to stop bots from filling in forms. Having it on your contact form will help reduce the spam messages you receive, so if you are getting a lot of spam from your website contact form you may want to implement it there as well. Adding the Google reCAPTCHA to your WordPress login page should effectively stop the bots from attempting to login to your Website which they may be trying to do using a brute force attack by guessing your username and password.
Site security is very important and is one of the factors which we always analyse when providing our SEO services. Even though it is not directly related to SEO, if your site is attacked and goes down for days or even weeks this can have a huge effect on your SERP ranking and user experience.
Step-by-step Guide To Add Google reCAPTCHA
In order to add the Google reCAPTCHA to your WordPress website login you can follow a few steps which we have outlined below:
Install Login No Captcha reCAPTCHA plugin and activate it.
Click on the “Login NoCaptcha” option that will now appear under the Settings tab within your WordPress admin panel.
You will arrive at a screen where it asks for your “Site Key” and your “Secret Key” which you will need a Google account to create.
Click on the link to to create or view keys for Google NoCaptcha and you will be taken to the Google admin page for reCAPTCHA (you may need to create an account). Look for a plus icon in the top right of the page and click it to add your website.
Enter a label, check “reCAPTCHA V2” and “I’m not a robot” checkbox. Finally, add your domain name and then scroll to bottom of the page and click the “submit” button.
Click on your newly created site, and look for the settings icon i the top right.
Click on reCAPTCHA keys and this will display both your site key and secret key
Copy and paste the site key and the secret key into your “Login NoCaptcha” page in WordPress and save changes.
If you don’t get an error message then the next step is to check it is working properly by opening a completely different browser than the one you are in and going to your login page.
The reCAPTCHA should now display on your login page. Login to test that it all works. If you have any problems or errors go back to your original browser window and delete the keys and deactivate the plugin, otherwise sit back and enjoy the new found security layer to your WordPress login page.