GDPR-compliant ReCaptcha for all forms and logins. You can get it here: https://wordpress.org/plugins/gdpr-compliant-recaptcha-for-all-forms/
|Blocks spam on all public forms, comments and logins
|Invisible. No user-input required
|Still receive 100 percent of the real requests
|Compliant to GDPR (respectively DSGVO, RGPD)
|The Plugin is for free
|No tracking, no cookies, no sessions
|No external ressources
|Easy to use
|Only necessary code, no jQuery
|Optionally messages can be flagged instead of blocking them
The plugin is based upon a mining-approach that we know from several crypto-currencies:
The client-browser has to spend a little computation effort in order to solve a hash-based puzzle. When the form is submitted and the puzzle is not solved, or it is not solved correctly, the server recognizes the request as spam.
Your visitors won't even recognize the short computation effort, even if they use mobile devices with comparatively low computing power. Spam-bots typically request thousands of webpages within seconds. For them even little computation efforts for many pages sum up. Therefore spam bots avoid computations by either submitting forms directly after the HTML is loaded completely, or they just close the respective connections whithout submission, if longer computation is required.
As bots from web-crawlers (i.e. Googlebot) act very similar to spam-bots, they face the same problems. Therefore they will penalize computation efforts with a bad ranking. But as web-crawlers usualy do not submit forms on your webpage, they can easily be distinguished. The plugin does so, by starting to generate the puzzle not sooner, as when the user has pressed a key the first time. Whereas webcrawlers won't press any keys, spam-bots usually do so in order to mimic human behaviour.