This post was originally published on December 17, 2018
The latest update to this post was made 5 years ago.
WordPress Contact Form 7 And ReCAPTCHA v3
I noticed after upgrading all of our websites to all new and improved Google reCaptcha v3 that SPAM started flying in… There were over 20 messages within a 24 hour window, something that is quite abnormal considering on reCaptcha v2 we never got any SPAM.
I went looking and found a few references to others having v3 issues with WordPress and the Contact Form 7 plugin. You must use v3 with the latest versions of the Contact Form 7 plugin. To combat the SPAM issues, you’ll need to modify the recaptcha.php file. This file is located in your WordPress installation folder in the wp-content\plugins\contact-form-7\modules folder. You will need to edit this file with a .PHP editor (or something like notepad/wordpad). Its a plain text file. I used the ‘code writer’ feature on Windows 10 to open it, so I could see line numbers.
You are looking for line #112 – the value of this line must be changed…
- OLD VALUE: return $spam;
- NEW VALUE: return true;
Save the file and the SPAM should stop. You can also revert back to an older version of contact form 7 but this fix is probably easier that reverting to a previous version, at least until the powers that be fix the underlying problem.