TrustCaptcha – Bot protection

WordPress CAPTCHA Plugin

Secure WordPress forms, comments, logins, and WooCommerce checkout against spam and bot abuse—without annoying image puzzles. Works with popular plugins like Elementor Forms, Contact Form 7, Gravity Forms, Ninja Forms, and WPForms. EU-hosted and GDPR-ready.

Quickstart

How the integration works

1. Create a CAPTCHA

Create a user account or log in with an existing one. Then create a new CAPTCHA or select an existing one. If you’re unsure whether TrustCaptcha is right for you, try our CAPTCHA service risk-free for 14 days at no cost.

On the CAPTCHA overview page, you will find all the important information, such as the site key, secret key and licence key. Allow your websites to access your CAPTCHA by simply adding them to the access authorised domain list in the CAPTCHA security rules.

CAPTCHA security rules of a demo CAPTCHA.

2. Integrate the CAPTCHA Plugin

Install the TrustCaptcha Wordpress plugin via the Wordpress Plugin Store (recommended) or download our plugin here and install ist manually. For precise, detailed instructions, please read the CAPTCHA integration guide for WordPress in our documentation.

Read the documentation

Currently, our WordPress CAPTCHA plugin for TrustCaptcha is compatible with the following WordPress plugins:

Other frontend technology instead of WordPress?
If you do not want to use WordPress or have several websites or applications, you can select a different framework or platform here. If there is no pre-built integration from us for your preferred frontend technology, your software developers can integrate the CAPTCHA themselves using our documentation or ask our support-team for a pre-built integration solution.

3. Configure the TrustCaptcha Plugin

Go to the plugin settings and set your site-key, secret-key and if necessary the license key. Activate the TrustCaptcha plugin for all relevant Wordpress plugins you use. You can find more information about the installation in our WordPress documentation.

4. Congratulations 🎉

You are now protected by TrustCaptcha - congratulations!

FAQs

Which WordPress and PHP versions are supported?

The plugin works with WordPress 4.0+ (tested up to WordPress 6.8.x) and requires PHP 7.0 or newer.

What do I need to set up TrustCaptcha in WordPress?

You need a TrustCaptcha account and a CAPTCHA to get your site key and secret key. Then install the WordPress plugin, enter your keys under Settings → TrustCaptcha, and enable TrustCaptcha for the plugins/features you use.

Where does TrustCaptcha appear in WordPress?

You can protect core WordPress areas like login, registration, lost password and comments, plus popular form plugins and WooCommerce flows (e.g., checkout), depending on what you enable in the plugin settings.

Do I need a separate CAPTCHA for every form or page?

No. One configured CAPTCHA (one site key + one secret key) can protect many forms and areas in the same WordPress site. You enable protection per supported plugin/feature inside the plugin settings.

Can I use the same CAPTCHA on multiple domains (e.g., staging and production)?

Yes, if your plan allows multiple domains. You can authorize additional domains (including staging subdomains) in your TrustCaptcha security rules. Localhost and IP-based entries are also possible; wildcard domains can be enabled on request.

What is the “threshold” setting, and what value should I use?

Threshold is the cut-off for the bot risk score (0 to 1). The recommended default is 0.5. Lower values are stricter (block more), higher values are more lenient (block less).

TrustCaptcha does not show up in my form — what should I check first?

Check that the plugin is activated, your site key/secret key are saved, and TrustCaptcha is enabled for the specific WordPress feature or form plugin you’re using. Also make sure your website/domain is authorized in the TrustCaptcha security rules.

My users are getting blocked too often — how can I reduce false positives?

Try increasing the threshold (more lenient) and review your TrustCaptcha security rules (e.g., allowlists/blocklists and geo rules). If you use advanced protection settings, start simple and tighten step by step.

Do I have to add TrustCaptcha manually to my forms?

In many supported plugins, TrustCaptcha is inserted automatically once enabled. In some form builders, you may need to add a TrustCaptcha element/field in the form editor if it doesn’t appear automatically.

Losing leads to CAPTCHAs?

TrustCaptcha blocks spam and bots, not customers. No puzzles, GDPR-ready, EU-hosted.

Puzzle-free UX

Runs in the background while visitors type — so more people finish your forms and fewer drop off.

GDPR-ready

EU-hosted and privacy-first: no cookies, encrypted transmission, automatic cleanup — with ready-to-use legal resources.

Multi-layer Security

Adaptive protection plus intelligent risk scoring stops abuse early — even when attack traffic spikes.

Full Control

Fine-tune sensitivity, set allow/block lists, and use geoblocking — you decide how strict verification should be.

Protect your WordPress application with TrustCaptcha in just a few steps!

EU-hosted & GDPR-ready
No puzzles
Try free for 14 days

Get started Contact sales