Protect all your forms and logins against spam and brute-force attacks. The plugin is invisible and compliant to GDPR (RGPD, DSGVO).
It has a lot of options on the one hand and comes with a well balanced default configuration. Thus it starts working very well, as soon as it is activated.
- Blocks spam on all(!) public forms, comments and logins
- Invisible. No user-input required
- Still receive 100 percent of the real requests
- Compliant to GDPR (respectively DSGVO, RGPD)
- The Plugin is for free
- No tracking, no cookies, no sessions
- No external ressources
- Easy to use
- Only necessary code
- Optionally messages can be flagged instead of blocking them
- Login Form
- Registration Form
- Password Reset Form
- Comments Form
- Login Form
- Registration Form
- Password Reset Form
- Comments form
- Product Evaluation Form
Examples other Plugins
- Thrive Architect & Thrive Apprentice
- Fluent Forms
- Contact Form 7
- Gravity Forms
- Formidable Forms
- Elementor Pro Forms
- Mailchimp for WordPress Forms
- BuddyPress Registration Form
- bbPress Create Topic & Reply Forms
- Ultimate Member Forms
- wpDiscuz Custom Comments Form
I hope you enjoy using the plugin! If you are happy with it, I would be glad to get your review and probably a coffee too.
For developers (Integration of the spam check)
* Get the instance of the plugin
$plugin_instance = \VENDOR\RECAPTCHA_GDPR_COMPLIANT\Stamp::getInstance();
* The fields (just for simulation)
* of the submitted form
$fields = [
‘field1’ => ‘value1’,
‘field2’ => ‘value2’,
‘field3’ => ‘value3’,
* The method to get the information,
* whether the current submission is spam or not
* and holding the corresponding fields from flagging
$filteredValue = $plugin_instance->spam_check( $fields );
* True if spam is identified
$isSpam = $filteredValue[ ‘isSpam’ ];
* True if spam shall be blocked. Alternatively, the
* spam is just flagged with a suffix, or a new field.
* This is, for instance, if spam shall be filtered
* i.e., in a local mail program.
$blockSpam = $filteredValue[ ‘blockSpam’ ];
* If spam is just flagged, the fields corresponding
* from that flagging can be taken from here. There are
* two possibilities to flag spam:
* (1) A suffix can be added to a certain field.
* (2) A new field can be added containing a certain value.
$newFields = $filteredValue[ ‘fields’ ];
- Install and activate the plugin via WordPress Plugins page. Done!
- Optionally: After activation, you can adjust precisely how messages shall be blocked, flagged or saved in plugin’s settings menu.
Submissions are incorrectly treated as spam
Appears in Elementor, if your submission was identified as spam. Look at question “The plugin recognizes submissions incorrectly as spam” for further information.
Neither messages, nore spam is shown in the inbox
First of all: Whereas the blocking, should work for every form and login on the one hand, on the other hand there may exist several reasons why the inbox and the flagging of spam doesn’t work.
The spam-check and the respective blocking of spam happens independently of all your plugins and technical settings for every POST-request.
To flag and to save submissions correctly in your inbox requires your form to use WordPress-standards. Many form-builders define an own standard and therefore manipulate post-variables.
Therefore the initially posted parameters either do not achieve the processing of the plugin, or they achieve it in an unknown form that is not treated correctly.
If you recognize this behaviour, I would be glad if you gave me a notice in the support forum and usually I would ad specific support for your form-builder.
Problems with WooCommerce/ Jetpack activation
If you face problems with the activation of Jetpack this may occur during the handshake-procedure of jetpack. This procedure acts like a bot, when it passes a passphrase from a certain IP adress to an automatically generated form on your site.
In order to get this fixed, you need either to disable the option “Apply on REST-API”, or to whitelist the respective form that is used to exchange the passphrase.
Usually you need to process the following steps for whitelisting:
1. Check the spam folder for the respective message that has been blocked
2. Copy the site-adress “from_site”
3. Paste the site-adress into the option “Site-Whitelist” on the properties site
4. Press save
Usually you need to whitelist two different sites to connect jetpack:
1. To connect the site: your-domnain-without-protocol/?rest_route=/jetpack/v4/verify_registration/
2. To connect your user: your-domnain-without-protocol/?rest_route=/jetpack/v4/remote_authorize/
Problems with activation/ installation of other plugins
If you face problems with other plugins (i.e. during plugin installation/ activation) this may occur during handshake-procedures, or during maintenance of your plugin from the vendor. These procedures usually act like bots, as they pass a code or contents via certain automatically generated forms on your site.
In order to get this fixed you can either disable the option “Apply on REST-API”, or whitelist the IP address of your vendor, or you can whitelist the page which contains the maintenance form. In order to check whether such a problem occurs you can check the spam folder of this plugin. Here you find the site adress that you can use for whitelisting as “from_site” too
Problems with Borlabs Script Blocker
Can’t get my problems fixed
- Important messages could be shown in browser console (F12) on problematic page
- Whenever you post something to the support forum, try to hand over all details
- If the recaptcha doesn’t work on any form, give me a notice and I will try to fix that
How to disable this plugin?
- Use standard WordPress plugins page for deactivation and deletion of the plugin
- When deactivating the plugin you will be asked for the reason. If you face any problems I would be glad if you report to it me as detailed as possible. Usually I will fix them quickly. If you give me contcat details, I may inform you as soon as it is fixed.
Contributors & Developers
“GDPR-compliant ReCaptcha for all forms and logins” is open source software. The following people have contributed to this plugin.Contributors
“GDPR-compliant ReCaptcha for all forms and logins” has been translated into 3 locales. Thank you to the translators for their contributions.
Interested in development?
- Deprecated usage of dynamic options replaced
- Deprecated Filter_Sanitize_String replaced
- Menu position warning fixed
- Option to filter WooCommerce shopping carts adjusted
- Added support for flagging messages for forminator and WPForms
- Added Whitelisting for sites
- Added option to disable/ enable REST API – support / may solve several compatibility issues with other plugins that do handshakes, or are maintained from the plugin vendor via REST API
- Added option to filter WooCommerce shopping carts from beeing saved
- Added a possibility to integrate this plugin into certain form builders via the new method spam_check( $fields )
- Dashboad-widget can be seen only by administrators now
- Support for WP forms added
- Warning-Bug solved
- Dashboard widged for the inbox added (has to be activated in the administration area)
- Style for the administration area renewed
- New option to disable/able the spam protection for logged-in users
- Support for Thrive Apprentice added
- Removed CF7 support-option, as CF7 is supported anyway
- Order auf messages in the inbox changed (now starting with the most current one)
- Bug with blocked entries solved
- Support for Forminator added
- Support for Thrive Architect / Thrive Automation added
- New feature to whitelist IPs, that shall be ignored and not beeing blocked from the plugin
- Errors with PHP version 5.6+ fixed
- Hash-puzzles are saved in the database right now
- Raised efficiency of the server-side spam-check
- Better resilience of the plugin
- Special thanks to the user vptcnt
- Error 500 which appeard due to empty line reading in the stamp-log-file resolved
- Spam-check procedure optimized
- Complete code-rebuild
- Shopping carts and all other elements from Woocommerce are now working with the plugin
- Better integration of Elementor
- Popup-Bug for login-screen solved
- Plugin performance optimized
- The proof-of-work-check now happens before form submission via ajax. Thus collision with other plugins is minimized
- Elementor support added
- Problems with multiple forms on one page solved
- DOM-Integrity problem with non-unique IDs solved
Erroneous behaviour of the inbox with renamed WordPress-table-prefixes fixed
Settings menu beautified
New: GDPR-compliant ReCaptcha for all forms has been released!