Themology
HomeProductsBlogAboutLogin
reCaptcha for WooCommerce
Get this plugin$29
View Plugin
Introduction
Getting Started
CAPTCHA Providers
Protected Forms
Rate Limiting & IP Control
Compatibility
Settings
Developer Guide
FAQ
All Documentation
Get Plugin
DocsreCaptcha for WooCommerceGetting Started

Getting Started

Getting Started with Captcha for WooCommerce

This guide walks you through installation, getting API keys, and configuring your first protected form.

Requirements

  • WordPress 6.0 or higher
  • WooCommerce 8.0 or higher
  • PHP 7.4 or higher

Installation

From your WordPress admin

  • Go to Plugins > Add New.
  • Search for "Captcha for WooCommerce".
  • Click Install Now, then Activate.

Manual installation

  • Download the plugin ZIP file from Themology.
  • Go to Plugins > Add New > Upload Plugin.
  • Choose the ZIP file and click Install Now.
  • Click Activate.
After activation, a welcome notice appears with a link to the settings page. You can also navigate directly to WooCommerce > Settings > CAPTCHA.

Step 1: Choose a provider

Go to WooCommerce > Settings > CAPTCHA and select your CAPTCHA provider from the dropdown.

ProviderSetup effortUser frictionExternal service
Cloudflare TurnstileAPI keys requiredVery low (usually invisible)Yes
Google reCAPTCHA v3API keys requiredNone (invisible)Yes
Google reCAPTCHA v2API keys requiredMedium (checkbox click)Yes
hCaptchaAPI keys requiredMedium (challenge)Yes
Self-Hosted HoneypotNoneNone (fully invisible)No
Scroll to see all columns →
If you're unsure, start with Cloudflare Turnstile. It's free, privacy-friendly, and invisible to most visitors. If you need zero external dependencies, choose Honeypot.

Step 2: Get your API keys

Skip this step if you chose Honeypot (no keys needed).

Cloudflare Turnstile

  • Go to dash.cloudflare.com/turnstile.
  • Click Add widget.
  • Enter your site name and domain.
  • Select Managed widget mode (recommended).
  • Copy the Site Key and Secret Key.

Google reCAPTCHA v3

  • Go to google.com/recaptcha/admin/create.
  • Enter a label and select reCAPTCHA v3.
  • Add your domain(s).
  • Accept the terms and click Submit.
  • Copy the Site Key and Secret Key.

Google reCAPTCHA v2

  • Go to google.com/recaptcha/admin/create.
  • Enter a label and select reCAPTCHA v2 > "I'm not a robot" Checkbox.
  • Add your domain(s).
  • Accept the terms and click Submit.
  • Copy the Site Key and Secret Key.

hCaptcha

  • Go to dashboard.hcaptcha.com/signup and create an account.
  • Add a new site and enter your domain.
  • Copy the Site Key (UUID format) and your Secret Key from the account settings.

Step 3: Enter keys and test

  • Paste your Site Key and Secret Key into the fields on the CAPTCHA settings page.
  • Click the Test Connection button. A green checkmark confirms valid keys.
  • If the test fails, double-check the keys and make sure the domain matches.

Step 4: Select forms to protect

Scroll to the Protected Forms section. Check the forms you want to protect:

Start with these (recommended):

  • WooCommerce Checkout (Classic)
  • WooCommerce Checkout (Block)
  • WooCommerce My Account Login
  • WooCommerce My Account Registration
You can enable additional forms later. See Protected Forms for the complete list.

Click Save changes.

Step 5: Verify it works

  • Open your store's checkout page in a private/incognito browser window.
  • You should see the CAPTCHA widget (or nothing visible if using an invisible provider).
  • Complete a test order to confirm checkout works normally.
  • Check the dashboard widget at Dashboard > CAPTCHA Protection for verification stats.
  • CAPTCHA Providers: Understand each provider's strengths and configuration options.
  • Compatibility: Important if you use PayPal Payments, Apple Pay, or Block Checkout.
  • Rate Limiting: Add a second layer of protection beyond CAPTCHA.
  • Settings: Full reference of every option.

Need help?

Previous
Introduction
Next
CAPTCHA Providers