Google reCAPTCHA Enterprise Protection

Upgrade WordPress Security with Google reCAPTCHA Enterprise

As part of our hack prevention solutions and keeping WordPress sites secure, WP Ghost has introduced support for Google reCAPTCHA Enterprise. This new feature ensures the website remains protected from spam and bot-driven attacks while aligning with Google’s latest security advancements.

Why This Update Matters

Google recently announced that all Classic reCAPTCHA users will transition to Google Cloud Platform (GCP) by the end of 2025. This change integrates reCAPTCHA with Google Cloud, granting users access to powerful security enhancements, including:

• Account Defender for detecting compromised credentials.
• Multi-Factor Authentication for improved verification.
• Password Leak Detection to prevent credential stuffing attacks.
• Payment and SMS Fraud Prevention to enhance transaction security.
• Cloud Armor and WAF Integration for advanced web security.
• Custom dashboards with Looker and Google Cloud Monitoring for real-time insights.

With these updates, WP Ghost ensures compatibility with the new Google Cloud reCAPTCHA, allowing website owners to transition smoothly and take full advantage of the latest security features.

How to Activate Google reCAPTCHA Enterprise

Enabling Google reCAPTCHA Enterprise Protection in WP Ghost is easy. Follow these steps:

1. Select the WP Ghost > Brute Force > Settings > Google reCAPTCHA Enterprise option from the sidebar.

2. Select the WP Ghost > Brute Force > Settings > Google reCAPTCHA option.

3. Activate reCaptcha on your Google Cloud and Create a Google reCaptcha Enterprise Key on your Google Cloud account https://console.cloud.google.com/security/recaptcha.

4. If you want the reCaptcha to load a challenge box with “I’m not a robot” option, open the extra options from behind the Domain list and switch off the option Use checkbox challenge.

Note! Make sure you select the same option in WP Ghost to avoid any functionality error.

5. Click on the Create Key buttons to create the new reCaptcha key for your domain.
6. Copy and paste the Site Key ID from Google reCaptcha settings into the WP Ghost > Brute Force > Settings > Google reCaptcha > Site Key fields.

7. Now, copy the project ID from Google Cloud into your Google reCaptcha Project ID.

8. And the last thing, create a Google Cloud API Key and copy the API Key into WP Ghost settings. You can create a new API key from https://console.cloud.google.com/apis/credentials.

9. Next, you will see the same default options that were also available in the Math reCAPTCHA:

• The maximum number of failed login attempts is set to: 5
• The ban duration is set to: one hour
• The Lockout Message that will show instead of the login form is: Your IP has been flagged for potential security violations. Please try again in a little while.

10. Click the Save button to apply the changes and activate Google reCaptcha Enterprise.

11. After saving the settings, the reCaptcha Test button will appear. Click the reCaptcha Test button to test the Google reCaptcha Enterprise configuration and ensure the correct settings.

If the settings are correct, you can log in and see the Google reCaptcha widget (right corner) in the login popup.

Note! You can customize the default brute force settings as you like.

Future-Proof Your Website Security

By integrating Google reCAPTCHA Enterprise, WP Ghost users can ensure their sites remain secure amid Google’s transition to Cloud-based reCAPTCHA. With access to cutting-edge security tools and analytics, website owners can better protect their WordPress sites from spam, fraud, and unauthorized access.

Don’t wait until Google phases out Classic reCAPTCHA—upgrade your WP Ghost settings today and stay ahead of security threats!