A simple precaution to prevent fraudulent sign-ups through your WordPress sign-up form is to add Google ReCAPTCHA. This adds an, "I'm not a robot" checkbox to the bottom of your form, which ensures everyone who signs up for your list is a real person.
A bot is just a computer program that performs a repetitive task over the internet. Though not all bots are bad, malicious bots are designed with the intent to disrupt or cause harm. For example, a bot could exploit a contact sign-up form to create hundreds or thousands of fake email list sign-ups to bog down the system and cause you an administrative headache trying to weed out the valid email addresses from the bad ones.
If you're using the Constant Contact Forms plugin in your WordPress account, there is a hidden "honeypot field" included in the form that isn't visible to people, but bots can see it. If the hidden field is filled in, Constant Contact rejects the form submission. The "honeypot field" isn't a foolproof method, but it does a good job of combating false sign-ups. Adding Google reCAPTCHA gives you an extra layer of protection against malicious bots.
You need to have a Google account to use Google reCAPTCHA. If you don't have one, sign up for one: it's free.
Your sign-up form now has the "I'm not a robot" reCAPTCHA checkbox at the bottom, and can't be submitted until the box is checked.
To remove Google reCAPTCHA from your WordPress Sign-up Form, return to the Spam Control tab, delete the site key and secret key so that the boxes are blank, and then click Save Changes.
Any links we provide from non-Constant Contact sites or information about non-Constant Contact products or services are provided as a courtesy and should not be construed as an endorsement by Constant Contact.
Copyright © 2025 · All Rights Reserved · Constant Contact · Privacy Center