Google ReCAPTCHA used to be the golden standard for bot and spam protection for the web. Over the past couple of month we have noticed an increasing number of card attacks on WooCommerce websites that were using Google reCAPTCHA and paying for the reCAPTCHA for WooCommerce plugin. The hackers have found a way to bypass the reCAPTCHA which makes it ineffective protection for your website.
Thankfully, there is good news. Cloudflare offers a better reCAPTCHA solution – Cloudflare Turnstile. This solution is free and available to all Cloudflare customers, even those with free accounts.
How to set up Cloudflare Turnstile
- Create a Cloudflare account for your website.
- Install the Simple Cloudflare Turnstile Plugin from WordPress repository.
- Activate the plugin and follow the configuration link back to Cloudflare.
- Create a new widget and copy the keys created by Cloudflare in the WordPress website.
- Test the connection
- Enable the Turnstile on your WooCommerce, login and form pages.
- Disable the ReCAPTCHA for WooCommerce plugin.
- Remove the auto-renewal on the plugin payment.
Although the above steps seem simple enough, there are a lot of moving parts and we generally do not recommend installing plugins on your website unless you are an experienced developer. If you need help with the above process, feel free to reach out and our team of developers will be happy to assist you.