Not long after I moved my websites to my new hosting provider, I began getting alerts from my security plugin on The Social Historian website warning me of multiple failed login attempts on the website. The alerts were coming at the rate of about five every hour and they all seemed to come from different IP addresses in the 192.0.x.x range. I was, of course, somewhat alarmed and assumed that I was under some type of brute force login attack 1)A brute force login attack is when a hacker attempts to gain access to your website by trying usernames and passwords over and over again, until they get in.. A little investigation into the various IP addresses however told me that the ‘hacker’ was actually my Jetpack plugin trying to contact my website.
Read more about Jetpack.
I reached out to Automattic, the people who run the Jetpack plugin and their response was
The obvious thing to do would have been to white-list that IP range as suggested, but when I stopped and thought about it, I decided that I did not actually use any of the Jetpack features on The Social Historian so instead, I just uninstalled it. Problem solved. Except for one thing…
Contact Form Broken
It wasn’t until a few weeks later that I realised that there was actually one feature I was using from Jetpack after all. I was using their contact form on my About page. So directly underneath my banner that said Contact The Social Historian was some ugly error messages rather than the neat contact form that had been there before. I needed to fix it. I could have reinstalled Jetpack and white-listed their IP addresses but that seemed like a lot of trouble just to have a contact form on my website when there are so many plugins that can do that instead. Today I went looking for a simple easy to use plugin that let me use a simple CAPTCHA so my inbox would not be flooded with spam.
What is a CAPTCHA?
That is the little form that shows on websites that asks you to prove that you are human and not some spam-bot. There are various types but the one below is the one I am using.
There are many contact form plugins to choose from in the WordPress plugin gallery, all with different features and benefits but my needs were simple so I chose one that looked as though it would be easy to install and setup.
Contact Form Fixed
The WCP Contact Form was last updated 2 weeks ago, had 10,000+ active installs and came with the CAPTCHA I was looking for. The screenshots confirmed that it should be easy to install, configure and place in my page. It also had some basic formatting options that would let me customize the colours to match my website and that saves having to figure out any custom CSS required. Setting up the CAPTCHA was as simple as clicking a link and filling in basic information over at Google to get an API key. The contact form looks great with just the out of the box settings but you can customize it according to your needs.
Go ahead, try it out on The Social Historian and send me a message and while you are there, subscribe to the weekly newsletter for the hottest resources, tips and tricks to take your social history research to the next level. Tell the stories of your ancestors with the empathy and understanding you gain from learning about their place and time.
References [ + ]
|1.||↑||A brute force login attack is when a hacker attempts to gain access to your website by trying usernames and passwords over and over again, until they get in.|