How to Stop WordPress Comments Spam with Google reCaptcha

Posted by Kuldeep Singh

The spam that you see in the comments section is one of the most annoying issues when it comes to the WordPress blog platform. There are hundreds of software that exist to crawl the website. Most of them are built on CMS platforms like WordPress and submit spam comments automatically.

There are many ways to stop comments spam with the use of plugins like Akismet. But if you are the type of person who hates to add third party plugins to your WordPress install, then this post is for you. In this article, we will discuss adding Google reCaptcha to the WordPress default comments form.

What is reCaptcha?

reCaptcha is a free service that protects your website from spam and abuse. reCaptcha uses an advanced risk analysis engine and adaptive CAPTCHAs to keep automated software from engaging in abusive activities on your site. It does this while letting your valid users pass through with ease. [Source:]

How to Implement Google reCaptcha, without any plugin?

There is a very quick way to customize WordPress’ default comment form to integrate Google reCaptcha.

Step1: First thing, register your domain name and get your public and private API keys by visiting the reCaptcha website.
Step2: To successfully add the reCaptcha field to your current comment form, you will need to customize your current comment form fields and add a field for captcha. To achieve this, head over to your WordPress install and open the “Comments.php” file in your favorite text editor. This file can be found under current active theme directory.

For example: root/wp-content/themes/twentyfifteen/comments.php

Step3: Update comments.php file with the following code:

<div id="comments" class="comments-area">
<?php if ( have_comments() ) : ?>
<div class="comments-wrapper">
printf( _nx( ‘1 comment on “%2$s”’, ‘%1$s comments on “%2$s”’, get_comments_number(), ‘comments title’, ‘twentyfifteen’ ),
number_format_i18n( get_comments_number() ), get_the_title() );
</h3><?php //twentyfifteen_comment_nav(); ?><ul class=”comment-list”>
wp_list_comments( array(
‘style’ => ‘ul’,
‘short_ping’ => true,
‘avatar_size’ => 0,
) );
</ul><!– .comment-list –><?php //twentyfifteen_comment_nav(); ?>

<?php endif; // have_comments() ?>
// If comments are closed and there are comments, let’s leave a little note, shall we?
if ( ! comments_open() && get_comments_number() ) :
<p class=”no-comments”><?php _e( ‘Comments are closed.’, ‘twentyfifteen’ ); ?></p>

<?php endif;

$fields = array(

‘author’ =>
‘<div class=”col-md-6 nopadleft”><p class=”comment-form-author”><label for=”author”>’ . __( ‘Name’, ‘domainreference’ ) . ‘</label>’ .
( $req ? ‘<span class=”required”>*</span><br />’ : ” ) .
‘<input id=”author” name=”author” type=”text” value=”‘ . esc_attr( $commenter[‘comment_author’] ) .
‘” size=”30″‘ . $aria_req . ‘ /></p></div>’,

’email’ =>
‘<div class=”col-md-6″><p class=”comment-form-email”><label for=”email”>’ . __( ‘Email’, ‘domainreference’ ) . ‘</label>’ .
( $req ? ‘<span class=”required”>*</span><br />’ : ” ) .
‘<input id=”email” name=”email” type=”text” value=”‘ . esc_attr( $commenter[‘comment_author_email’] ) .
‘” size=”30″‘ . $aria_req . ‘ /></p></div><div class=”clearfix”></div>’


$args = array(
‘id_form’ => ‘commentform’,
‘id_submit’ => ‘submit’,
‘title_reply’ => __( ‘Leave a Comment’ ),
‘title_reply_to’ => __( ‘Leave a Reply to %s’ ),
‘cancel_reply_link’ => __( ‘Cancel Reply’ ),
‘label_submit’ => __( ‘Leave Comment’ ),

‘comment_field’ => ‘<div class=”col-md-12 nopadleft”><p class=”comment-form-comment”><label for=”comment”>’ . _x( ‘Comment’, ‘noun’ ) .
‘</label><br /><textarea id=”comment” name=”comment” cols=”45″ rows=”8″ aria-required=”true”>’ .
‘</textarea></p></div><div class=”clearfix”></div>’,

‘must_log_in’ => ‘<p class=”must-log-in”>’ .
__( ‘You must be <a href=”%s”>logged in</a> to post a comment.’ ),
wp_login_url( apply_filters( ‘the_permalink’, get_permalink() ) )
) . ‘</p>’,

‘logged_in_as’ => ‘<p class=”logged-in-as”>’ .
__( ‘Logged in as <a href=”%1$s”>%2$s</a>. <a href=”%3$s” title=”Log out of this account”>Log out?</a>’ ),
admin_url( ‘profile.php’ ),
wp_logout_url( apply_filters( ‘the_permalink’, get_permalink( ) ) )
) . ‘</p>’,

‘comment_notes_before’ => ‘<p class=”comment-notes”>’ .
__( ‘Your email address will not be published.’ ) . ( $req ? $required_text : ” ) .
‘comment_notes_after’ => ‘<div class=”g-recaptcha captcha” data-sitekey=”API KEY HERE“></div><br /> ‘,

‘fields’ => apply_filters( ‘comment_form_default_fields’, $fields ),
<div class=”col-md-9 nopadleft”>
<?php comment_form($args); ?>

Final output: