Register Google reCAPTCHA V2 for WP Ghost | Guide

Table of Contents

This guide shows how to register a Google reCAPTCHA V2 site and connect it to WP Ghost’s Brute Force Protection. reCAPTCHA V2 displays the “I’m not a robot” checkbox on your login page. You’ll need to create a reCAPTCHA V2 key in the Google reCAPTCHA Admin Console and enter the Site Key and Secret Key in WP Ghost.

Consider Google reCAPTCHA Enterprise instead. Google announced that all Classic reCAPTCHA (V2 and V3) will transition to Google Cloud Platform. WP Ghost supports reCAPTCHA Enterprise natively with advanced features like Account Defender, Password Leak Detection, and more granular risk scoring. If you’re setting up reCAPTCHA for the first time, Enterprise is the recommended option. V2 continues to work for now, but Enterprise is the future-proof choice.

Google reCAPTCHA Options in WP Ghost

Google reCAPTCHA options available in WP Ghost Brute Force Protection

WP Ghost supports four reCAPTCHA types in Brute Force Protection: Math reCAPTCHA (built-in, no API keys needed), Google reCAPTCHA V2 (visible “I’m not a robot” checkbox), Google reCAPTCHA V3 (invisible scoring, no user friction), and Google reCAPTCHA Enterprise (advanced risk analysis via Google Cloud). This guide covers V2 registration. For V3, the process is similar but you select “reCAPTCHA v3” instead. For Enterprise, see the dedicated Enterprise setup guide.

Register a Google reCAPTCHA V2 Site

  1. Go to the Google reCAPTCHA Admin Console and log in with your Google account.
  2. Click the + (Create) button to register a new site.
  3. Fill in the form: Label: Enter a name to identify this site (for example, your domain name). reCAPTCHA type: Select reCAPTCHA v2 and choose “I’m not a robot” Checkbox. Domains: Enter your domain without http:// or https:// (for example, yourdomain.com). Owners: Add additional email addresses if needed.
  4. Accept the reCAPTCHA Terms of Service.
  5. Click Submit.
  6. Google displays your Site Key and Secret Key. Copy both keys.
Google reCAPTCHA Admin Console registration form showing reCAPTCHA V2 selected with domain entry field

Add the Keys to WP Ghost

  1. Go to WP Ghost > Brute Force > Settings.
  2. Select Google reCAPTCHA V2 as the reCAPTCHA type.
  3. Paste the Site Key and Secret Key into the corresponding fields.
  4. Optionally, set the reCAPTCHA theme (Light or Dark) and language.
  5. Click Save.
  6. Use the reCaptcha Test button to verify the configuration works.

Test before logging out. After saving, use the reCaptcha Test button in WP Ghost to confirm the reCAPTCHA loads correctly. If the keys are wrong, you could lock yourself out of the login page. If you do get locked out, wait for the ban duration to expire, use the Safe URL parameter, or follow the emergency disable guide.

Frequently Asked Questions

Should I use V2 or V3?

V2 shows a visible “I’m not a robot” checkbox. V3 is invisible and scores requests based on user behavior. V3 provides a frictionless experience for legitimate users but requires more configuration. For simplicity, V2 works well. For no user friction, choose V3. For the most advanced protection, consider reCAPTCHA Enterprise.

Is V2 being discontinued?

Google announced that Classic reCAPTCHA (V2 and V3) will transition to Google Cloud Platform. V2 continues to work for now, but you’ll eventually need to migrate. If you’re setting up reCAPTCHA for the first time, reCAPTCHA Enterprise is the future-proof choice. WP Ghost supports Enterprise natively.

reCAPTCHA shows “ERROR for site owner.” What’s wrong?

The Site Key or Secret Key is incorrect, or your domain isn’t registered for the key. Double-check both keys in the Google reCAPTCHA Admin Console. Make sure the domain matches exactly (including or excluding www). If you use a staging domain, add it as a separate domain in the console.

Does this protect WooCommerce login?

Yes. Enable WooCommerce Support in WP Ghost > Brute Force > WooCommerce to add reCAPTCHA to the WooCommerce login form. See the Brute Force Protection guide for all protected form options.

Does WP Ghost modify WordPress core files?

No. reCAPTCHA integration is handled through WordPress hooks and the Google reCAPTCHA JavaScript API. No core files are modified.

reCAPTCHA and brute force protection:

Tagged: