plugin-icon

Invisible Anti-Spam & CAPTCHA — reCAPTCHA Alternative for All Forms

Invisible spam protection for every form, login and checkout. No puzzles, no checkboxes, no lost visitors — a CAPTCHA your users never see.
Évaluations
4.9
Version
5.0
Installations actives
4K
Mis à jour récemment
Jul 16, 2026
Invisible Anti-Spam & CAPTCHA — reCAPTCHA Alternative for All Forms

Spam protection your visitors never see. No image grids, no « I’m not a robot » checkbox, no puzzles, nothing to click. Your visitors just hit Send — while their browser silently solves a tiny cryptographic challenge (proof-of-work) in a few milliseconds. Real humans never notice. Mass-spam bots either fail the challenge or have to burn so much computing power per message that spamming your site stops being worth it.

Every form, out of the box. WordPress logins, registrations and comments, WooCommerce checkout and reviews, and virtually every form plugin — Contact Form 7, Elementor Pro Forms, WPForms, Gravity Forms, Ninja Forms, Fluent Forms, Formidable and dozens more (full list below). One plugin protects all of them, and the most popular builders are detected and configured automatically on activation.

Truly universal — not a list of integrations

Most anti-spam tools protect only the form plugins they ship an integration for. If your builder is not on their list — or you use a hand-coded form, a theme’s built-in form, or three different builders on one site — you are on your own.

This plugin works differently: it recognizes submissions by their signature — the characteristic fields and actions of the request itself — instead of hooking into specific form plugins. That is why it covers any form:

  • Popular builders are recognized automatically: their signatures ship with the plugin and are pre-configured on activation.
  • Everything else — custom-coded forms, exotic builders, legacy themes — you teach the spam check yourself in under a minute: turn on direct analysis mode, submit the form once, click save. Done. No code, no waiting for the developer to add your builder.

And because no integration code is involved, nothing breaks when your form builder updates.

In practice that solves two everyday problems:

  • Real sites mix. A typical site has comments, a contact form from one builder, a newsletter signup from another, WooCommerce reviews — protecting each with its own anti-spam solution means more plugins, more settings pages, more things that can conflict. Here, one plugin covers the whole site.
  • Designers and agencies standardize. If you build sites for clients, you can install the same proven plugin on every project — no matter which form stack the client uses (or switches to later). One tool to know, one place to look when something needs attention.

Why « invisible » wins

Every CAPTCHA interaction costs you real visitors: an extra click here, an unreadable image there, « select all traffic lights » on a phone screen — and the contact request or sale is gone. This plugin flips the deal: instead of making humans prove themselves, it makes the device pay. The visitor’s browser proves it is a real, JavaScript-running client by doing a moment of invisible computation. Zero friction for people, real costs for bots.

Self-contained and featherweight

Everything runs on your own web server — there is no external service in the loop. That is not just a privacy nicety, it is an operational one:

  • Nothing external can fail. No third-party API whose outage, rate limit or latency silently breaks your forms. Your spam protection is exactly as available as your site.
  • Nothing external slows you down. No remote scripts, no extra DNS lookups or connections — your PageSpeed and Core Web Vitals stay untouched.
  • Tiny footprint. A few kilobytes of JavaScript and lean server code; runs fine on shared hosting, staging environments and even intranets without internet access.

Why not just use …

  • Google reCAPTCHA, hCaptcha or Turnstile? They require an account and API keys, load scripts from external servers (hello, consent banners) and still challenge real users when in doubt. This plugin needs no keys, makes no external requests and never challenges anyone.
  • Akismet? Sends the content of every submission to an external service for analysis, and commercial sites need a subscription. Here, everything stays on your own server.
  • Honeypot fields and time checks? Modern bots skip honeypots routinely, and browser autofill loves to fill them by accident. Proof-of-work attacks the economics of spam instead of playing hide-and-seek.

And they all share one structural limit: they protect the forms they ship an integration for. This plugin protects the forms you actually have (see « Truly universal » above).

Key features

  • Invisible — zero user interaction, ever
  • Protects everything: logins, registrations, comments, WooCommerce, every form builder — even hand-coded custom forms
  • No account, no API keys, no external services — install and you are done
  • Brute-force protection for logins, with optional Fail2Ban log support
  • Adaptive under-attack mode: the challenge automatically gets harder for everyone while a spam wave is running, and relaxes afterwards
  • Your choice per site: block spam, deliver it flagged, or just collect it in a spam inbox and watch
  • Teach it live: unrecognized custom form? Direct analysis mode adds it with one click, straight from the live page
  • Lightweight: a few KB of JavaScript, no render-blocking, no layout shift
  • Privacy-friendly by design: no cookies, no sessions, no tracking, no data leaves your server, IP addresses are only stored as hashes — GDPR/DSGVO/RGPD-friendly without a consent banner
  • Free

Setup Guide

Works with

WordPress: Login, Registration, Password Reset, Comments

WooCommerce: Checkout, Login, Registration, Password Reset, Comments, Product Reviews

Form and page builders: Elementor Pro Forms, Contact Form 7, Fluent Forms, Jetpack Forms, Divi Forms, WPForms, Forminator, Thrive Architect & Thrive Apprentice, Gravity Forms, Formidable Forms, Mailchimp for WordPress Forms, BuddyPress Registration Form, bbPress Create Topic & Reply Forms, Ultimate Member Forms, wpDiscuz Custom Comments Form, Easy Digital Downloads Forms, Paid Memberships Pro Forms, MemberPress Forms, WP-Members Forms, WP User Frontend Forms, CheckoutWC & Flux Checkout, Ninja Forms, Everest Forms, WS Forms, Quform, Otter Blocks, Typeform, NEX-Forms, Bit Form, Form Maker, Funnelforms, Mailjet, Jotform, Page Builder, Metform, Calculated Fields Form, JetFormBuilder, weForms, Responsive Contact Form Builder, Zoho Forms, Smart Forms, Kali Forms, Happyforms, ApplyOnline, Subscribe Forms, FormCraft, Advanced Forms, CRM Perks Forms, Tripetto, Formstack, BuddyForms, vcita, Easy Form Builder, SimpleForm

Anything not on the list can be added in minutes with the built-in analysis modes — no code required.

Gratuitsur les plans payants
En procédant à l’installation, vous acceptez les Conditions d’utilisation de WordPress.com ainsi que les Conditions de l’extension tierce.
Testé jusqu’à version
WordPress 7.0.2
Cette extension est disponible en téléchargement pour votre site .