Automatic application of Google reCAPTCHA keys on CMS sites with gravity forms

We have written previously about the importance of protecting your publicly accessible web forms from spammers by using tools like Google reCAPTCHA. It has come to our attention that there are unfortunately still a number of sites on CMS that haven’t been through the process of securing their forms (and inbox) from spam. As such, there was a spam attack against several sites on CMS over the past week which caused thousands of emails to be sent across our network.

Thanks to a very recent change in the reCAPTCHA service, we have been able to implement a set of site-wide reCAPTCHA keys on all sites on CMS that have a gravity form enabled (and currently don’t have valid keys). This may mean that the google reCAPTCHA logo now appears on your site when perhaps it didn’t before. If you wish to remove this logo from your site then you can do so from Forms > Settings > reCAPTCHA v3 > Disable google reCAPTCHA badge. However, please ensure that you adhere to the google reCAPTCHA terms of service when doing so.

We still encourage you to generate and add your own keys to your own sites and we have detailed instructions on how you can add keys to protect your site.