Newsletters: CAPTCHA Settings

You can configure either Really Simple CAPTCHA or Google reCAPTCHA in the WordPress Newsletter plugin to protect your subscribe forms from bots submitting spam subscriptions.

Newsletters > Configuration > System > CAPTCHA Settings

 

Really Simple CAPTCHA

In order to use Really Simple CAPTCHA, you’ll need the Really Simple CAPTCHA plugin installed.

Install Really Simple CAPTCHA plugin

You can install the Really Simple CAPTCHA plugin under Plugins > Add New just like any other WordPress plugin but the Newsletter plugin comes with an installer utility to quickly and easily install it. See under Newsletters > Configuration > System > CAPTCHA Settings:

Configure Really Simple CAPTCHA plugin in the Newsletter plugin

1. CAPTCHA Type

Choose the type of CAPTCHA you want to use as a security image on subscribe forms. Choose between Google reCAPTCHA and Really Simple CAPTCHA. You can turn it off by choosing None.

2. Background Color

Set a background color for the CAPTCHA image.

3. Text Color

Set the text color for the CAPTCHA image.

4. Image Size

Enter size values for your CAPTCHA image.

5. Number of Characters

Choose the amount of characters that you want to use in your CAPTCHA image.

6. Font Size

Choose a size for your font in the CAPTCHA image.

7. Cleanup Interval

Select an interval at which old CAPTCHA images will be removed from the server.

 

reCAPTCHA

1. CAPTCHA Type

Choose the type of CAPTCHA you want to use as a security image on subscribe forms. Choose between Google reCAPTCHA and Really Simple CAPTCHA. You can turn it off by choosing None.

2. Public Key

In order to use reCAPTCHA, the public key is required. Go to the reCAPTCHA sign up and create a set of keys for this domain.

3. Private Key

In order to use reCAPTCHA, the private key is required. Go to the reCAPTCHA sign up and create a set of keys for this domain.

4. Score Threshold (for reCAPTCHA v3)

reCAPTCHA v3 returns a score (0.0 to 1.0) indicating the likelihood that a user is a bot. Set a threashold to determine when to accept or reject a submission. A lower threshold increases security but may reject more legitimate users.

The score itself doesn’t directly “stop” bots or humans—it’s simply a measure of how likely the user is to be a bot or a human, based on their behavior.

• A score closer to 0.0 means the user behaves more like a bot. If your threshold is set low (e.g., 0.2), you’re being lenient and might let through behaviors that seem more bot-like.
• A score closer to 1.0 means the user behaves more like a human. If your threshold is set high (e.g., 0.8), you’re demanding strong human-like behavior and might block anything that seems suspiciously bot-like—even some humans who exhibit unusual browsing habits.

So, if you set the threshold higher, you make it harder for bots to pass—but risk stopping humans with less conventional behavior. If you set it lower, you let more borderline behavior through, which could include spammers. The score itself is neutral; it’s the threshold you choose that determines who gets stopped.

For example, a score of 0.2 in reCAPTCHA v3 generally indicates that the behavior is more likely to be a bot rather than a human. It’s not definitive proof, but it signals that the interaction exhibited patterns typically associated with automated activity, such as unnatural mouse movements, unusual browsing behavior, or other characteristics.

When the threshold is set lower, it essentially means the website is being more lenient about what behaviors it considers legitimate. For example:

• If the threshold is set at 0.3, even interactions that appear somewhat suspicious (e.g., behaviors that resemble bots) might be treated as acceptable and allowed through.
• This leniency can inadvertently provide an opportunity for more spammers or automated bots to bypass the system because their interactions may still score slightly above the low threshold.

Think of it as widening the gate—lowering the score lets more traffic through, but some of that traffic might include spammers disguised as legitimate users. On the other hand, setting a higher threshold (e.g., 0.5 or 0.7) demands more human-like behavior, making it harder for bots to pass unnoticed.

Balancing the threshold is key. If it’s too strict, it might block genuine users. If it’s too lenient, it might let bots or spammers slip through. Many website owners experiment with thresholds to find the sweet spot for their audience and use case.

5. Language

Set the language in which you want to display the CAPTCHA. Here’s a list of language codes to choose from.

6. Theme and Custom CSS

Select the reCAPTCHA theme that you want to use. You can enter custom CSS to change the theme’s CSS, as needed.

 

Troubleshooting

• If reCAPTCHA is not working with our Newsletter plugin, you may be using WPForms or another reCAPTCHA plugin that interferes with our integration. In the case of WPForms, make sure that No-conflict Mode is turned off in WPForms > Settings > CAPTCHA > reCAPTCHA since it doesn’t allow our plugin’s reCAPTCHA to enqueue the necessary JavaScript file.