Joomla! Help Support Warrington Cheshire Manchester Merseyside UK

The following two extensions were removed from the Core Joomla! CMS when the Joomla! 5 Series was launched:

+ Google reCAPTCHA Plugin, and

+ Google Invisible reCAPTCHA Plugin.

The Google reCAPTCHA Plugin was removed during the upgrade process from Joomla! 4 to Joomla! 5.

The Invisible reCAPTCHA Plugin was not removed during the upgrade process, but is excluded from fresh installations of Joomla! 5.

Neither de-coupled extensions are listed in the JED Official Extensions Category at the above link.

No official explanation seems to have been published by The Joomla! Project.

There is however the following reference in the following Official Publication.

Read more: Planning to upgrade from Joomla! 4 to Joomla! 5

"If you are using Google reCAPTCHA in J4, you should replace it with Invisible reCAPTCHA prior to upgrading to Joomla 5 (or a third-party solution). J5 will not include Google Recaptcha any longer. The Recaptcha plugin will be uninstalled upon upgrade to J5. The Invisible reCAPTCHA plugin still exists if you’ve upgraded from 4.4.x. You can enable it and set it up with new keys so you can use Invisible reCAPTCHA instead. Or you may use another third-party solution. Fresh installations of Joomla 5.x do not include any reCAPTCHA plugins in the core. Fresh installations of Joomla 5.x will need to use a third-party plugin/solution."

Source: Official Joomla! Documentation.

There is some consternation expressed in the Joomla! Support Forums about this de-coupling.

And confusion expressed about why Invisible reCAPTCHA was not dropped at the same time as reCAPTCHA and yet exluded from new installations of the Joomla! 5 CMS.

Perhaps the reason for its exclusion from the Core Joomla! 5 CMS is related to GDPR.

If memory serves, instances when we have enabled Google reCAPTCHA in websites in the past resulted in the loading of Third Party Cookies.

Joomla! 5 CMS users will find several free and paid for Third Party Captcha Plugins in the JED to help keep spambots out of their website's:

  • user registration (if enabled) and
  • contact form (if published).

Read more: JED Captcha Extensions

Example GDPR Friendly Third Party Captcha Plugin.

Read more: Aimy Captcha-Less Form Guard

 

Ways of working without having to rely on Captcha Plugins

We are not big fans of adding more and more third party extensions to Joomla! websites.

If your website does not have user registration enabled, and you can get by without publishing interactive forms (example: contact form) then you should not have to worry about spambots.

Here are some things you can do to protect your website when you opt not to use a Captcha plugin.

  1. Disable user registration.
  2. Hide the Contact Form.
  3. Unpublish the Login Module in the Front End.
  4. Toggle the setting in a WYNCHCO Template to hide the Password Reset and Password Reminder fields.
  5. Publish an email contact address instead of a contact form.

Note: the Joomla! CMS by default protects published email addresses from bots using javascript.

Items 1-4 are the default settings in a WYNCHCO Website Design.

The best way to protect Front End and Dashboard Login from bots is to install and configure a Web Application Firewall.

Read more: Web Application Firewall.

 

Getting started

If you want to use the core Captcha - Invisible reCaptcha Plugin (assuming it is available to you) then you will first need to acquire some Google Captcha Keys.

To do so visit: https://www.google.com/recaptcha/about/

and select Get Started with Enterprise.

Remember to read the small print about pricing.

Next, in your website's Dashboard, add the Keys to the plugin (see below).

Enable the plugin.

And finally, select a Default Captcha in the Global Configuration screen of your website's Dashboard.

You will also need to check and change (if necessary) the Captcha settings in the:

  • Users > Options (to protect user registration), and
  • Contacts > Options screen (to protect the contact form).

See below.

When configured and enabled, the Captcha - Invisible reCaptcha Plugin requires no user interaction in the Front End unless the Captcha algorithm identifies a suspect bot.

The plugin places an icon with a slider at the bottom left or bottom right of the screen, or an icon with an open slider directly in the form.

captcha invisible recaptcha v3 button

A dodgy response will trigger a puzzle to be solved.

 

Contents include:

Enable the plugin.
Captcha with the Contact Form.
Captcha with User Registration.

Subscribers: sign in to read full article