Cornerstone Forms Captcha
Nobody likes spam (at least the data kind). Let's see how we can use Captcha to curb bots and bad actors.
Cornerstone Forms comes with a number of different captcha options.
Cloudflare Turnstile
CloudFlare turnstile is a great free option for sites. Login to CloudFlare and grab your site key and secret key to get started.
Google reCAPTCHA
V2
Google reCAPTCHA V2 is similar to the other captcha options. It has a button on the screen with the possibility of a popup showing up, prompting the user to select or solve a puzzle.
V3
V3 is entirely in the background. You will see a small badge in the bottom right of your screen.
HCaptcha
HCaptcha is a popular solution for GDPR countries. It is meant to be a drop in replacement for Google reCAPTCHA V2.
Nonce / CSRF prevention
In WordPress, a nonce is a security token used to protect against cross-site request forgery (CSRF) attacks. It's generated and validated by WordPress to ensure that actions like form submissions or plugin operations come from legitimate, trusted sources — not from malicious scripts.
In Cornerstone Forms there is a prefab called Nonce. It will auto setup everything needed to check a Nonce on your form. It might not look like anything is on the page, but that is because the input is a hidden on the page.
See something inaccurate? Let us know