reCAPTCHA & hCaptcha Protection
reCAPTCHA & hCaptcha Protection images
30 days return right
Easy return - no questions asked
Plug & Play Modules
Install, set up and take profit
Dedicated Support First
Priority Help & Satisfaction Over Sales
reCAPTCHA & hCaptcha Protection
Spam Protection for Login, Registration, Contact & Password Reset Forms
Price:
€69.00
Tax excluded
Shield your store from bots and spam with industry-standard CAPTCHA protection. This module integrates Google reCAPTCHA v2, reCAPTCHA v3, and hCaptcha across your store's most vulnerable forms — contact, login, registration, newsletter, and password reset. Server-side verification ensures that even sophisticated bots cannot bypass the protection, while configurable per-form settings let you balance security with user experience.
- Three CAPTCHA providers — Google reCAPTCHA v2 (checkbox), reCAPTCHA v3 (invisible), and hCaptcha
- Per-form configuration — enable CAPTCHA on specific forms: contact, login, registration, newsletter, password reset
- Server-side verification — all CAPTCHA responses verified on the server, not just client-side
- reCAPTCHA v3 score threshold — configurable score (0.0-1.0) to balance security vs. friction
- hCaptcha for privacy — privacy-focused alternative that does not track users for advertising
- Fallback handling — graceful degradation if CAPTCHA service is temporarily unavailable
Bots create fake accounts, submit spam through contact forms, and attempt credential stuffing attacks. This module stops them at the door. $69 for a permanent license. Compatible with PrestaShop 1.7, 8.x, and 9.x.
Bots Are Attacking Your Store Right Now
If your PrestaShop store has a contact form, a registration page, a login page, or a newsletter signup — bots are already targeting it. Automated scripts run 24/7 across the internet, probing every web form they find. The consequences are expensive and time-consuming:
- Spam contact messages — your inbox fills with SEO spam, phishing attempts, and garbage messages, burying legitimate customer inquiries
- Fake account registrations — bots create hundreds of fake customer accounts, polluting your customer database and skewing your metrics
- Credential stuffing attacks — bots try stolen username/password combinations from data breaches against your login form
- Newsletter spam signups — fake email addresses degrade your email deliverability score and waste your email marketing budget
- Brute force login attempts — automated password guessing attacks against your admin and customer login forms
The reCAPTCHA & hCaptcha Protection module stops these attacks by adding industry-standard CAPTCHA verification to your store's forms, with full server-side validation that bots cannot bypass.
Three CAPTCHA Providers — Choose Your Approach
Google reCAPTCHA v2 (Checkbox)
The classic "I'm not a robot" checkbox. Users click the checkbox and may be presented with an image challenge (select all traffic lights, crosswalks, etc.). This is the most recognizable CAPTCHA and provides strong bot protection with moderate user friction.
- Strong visual challenge for suspicious traffic
- Most users pass with a single click (no challenge presented)
- Accessible alternatives for vision-impaired users
Google reCAPTCHA v3 (Invisible)
Completely invisible to users — no checkbox, no image challenges, no interaction required. reCAPTCHA v3 runs in the background and assigns a score from 0.0 (likely bot) to 1.0 (likely human) based on behavioral analysis. You configure the threshold — submissions scoring below it are blocked.
- Zero friction for legitimate users — they never see or interact with a CAPTCHA
- Configurable score threshold (default 0.5, adjustable per form)
- Best user experience of all three options
- May require tuning the threshold based on your store's traffic patterns
hCaptcha
A privacy-focused alternative to Google reCAPTCHA. hCaptcha does not use the CAPTCHA data for advertising purposes and complies with GDPR, CCPA, and other privacy regulations without additional consent requirements. The user experience is similar to reCAPTCHA v2 with image-based challenges.
- Privacy-first — does not track users for advertising
- GDPR and CCPA compliant by design
- Available in regions where Google services are restricted
- Supports accessibility features
Per-Form Configuration
You do not have to enable CAPTCHA everywhere. The module lets you choose exactly which forms to protect:
- Contact form — the #1 target for spam bots; highly recommended
- Customer registration — prevents fake account creation; recommended for all stores
- Login form — blocks credential stuffing and brute force attacks; recommended if you see failed login spikes
- Newsletter signup — prevents fake email subscriptions; recommended if you use email marketing
- Password reset — prevents email bombing attacks via password reset requests
Each form can use a different CAPTCHA type if desired — for example, invisible reCAPTCHA v3 on the login form (no friction) and reCAPTCHA v2 on the contact form (visible deterrent).
Server-Side Verification — The Critical Difference
Many CAPTCHA implementations only check the CAPTCHA response on the client side (in JavaScript). This is trivially bypassed — bots simply skip the JavaScript entirely and submit the form directly to your server. This module performs all CAPTCHA verification on the server side: the CAPTCHA response token is sent to Google/hCaptcha's verification API from your server, and only a verified-valid response allows the form submission to proceed.
Technical Specifications
- PrestaShop compatibility: 1.7.0 through 9.x
- PHP compatibility: 7.2 through 8.4
- Multi-shop: Yes — independent CAPTCHA configuration per shop
- Multilingual: Yes — CAPTCHA widget language matches the store language
- Dependencies: Google reCAPTCHA or hCaptcha account (free)
- Hooks used: displayCustomerLoginFormAfter, displayCustomerAccountForm, displayContactFormAfter, actionContactFormSubmitBefore, actionCustomerAccountAdd, actionAuthentication
- Database tables: None — settings stored in ps_configuration
- License: Proprietary — single-domain license, unlimited duration
Why is this module unique?
- Three CAPTCHA providers in one module — switch between reCAPTCHA v2, v3, and hCaptcha without installing a different module
- Per-form CAPTCHA type selection — use invisible v3 where friction must be zero and visible v2 where deterrence matters
- Server-side verification on every submission — cannot be bypassed by skipping client-side JavaScript
- hCaptcha option for stores that need GDPR compliance without Google's data processing
- Graceful fallback if the CAPTCHA provider is temporarily unreachable — forms remain functional
Use Cases
- Stores receiving contact form spam — the most common problem, solved immediately with CAPTCHA on the contact form
- Stores with fake account registrations — CAPTCHA on registration eliminates automated account creation
- Stores targeted by credential stuffing — CAPTCHA on login blocks automated password-guessing attacks
- Privacy-conscious European stores — hCaptcha provides bot protection without Google's data processing implications
- Stores with email marketing — CAPTCHA on newsletter signup keeps your subscriber list clean and deliverability high
-
Referencemprrecaptcha
-
PrestaShop CompatibilityPS 1.7 – 9.x
-
Pricing ModelOne-time Purchase
-
Module TypeFront & Back-office
-
GDPR RelevantYes
-
Business GoalLegal & Compliance
-
External Account NeededYes
-
Module ComplexityFeature-Rich Module
-
Customer Journey StageConvert to Buyers
-
Works With PlatformGoogle Services
v1.2.0 — 2026-02-12
- ▸Added PrestaShop 9.x compatibility
- ▸Added hCaptcha support as alternative to Google reCAPTCHA
- ▸New form selector: protect login, registration, contact, newsletter, and checkout individually
- ▸Configurable reCAPTCHA v3 score threshold per form (0.1–0.9)
- ▸Fixed reCAPTCHA v3 token expiration causing false-positive blocks on slow form fills
v1.1.1 — 2025-09-10
- ▸Fixed reCAPTCHA badge overlapping floating action buttons on mobile
- ▸Added reCAPTCHA v2 invisible mode as alternative to checkbox widget
- ▸Improved error messaging when CAPTCHA verification fails
- ▸Added daily CAPTCHA challenge statistics in back office dashboard
v1.1.0 — 2025-04-12
- ▸Added reCAPTCHA v3 support with score-based bot detection
- ▸New per-form CAPTCHA type selection (v2 checkbox, v2 invisible, v3 score)
- ▸Configurable action on failed verification: block, soft warn, or log only
- ▸Added IP-based rate limiting as secondary protection layer
- ▸Whitelist trusted IPs to bypass CAPTCHA verification
v1.0.1 — 2024-11-08
- ▸Fixed CAPTCHA not loading on one-page checkout modules
- ▸Added theme color and size customization for reCAPTCHA v2 widget
- ▸Improved JavaScript loading: async/defer to prevent page render blocking
v1.0.0 — 2024-07-18
- ▸Initial release
- ▸Google reCAPTCHA v2 integration for PrestaShop forms
- ▸Protect contact form, registration, and login from spam and bots
- ▸Configurable site key and secret key in back office
- ▸Automatic form detection and CAPTCHA injection
- ▸Compatible with PrestaShop 1.6, 1.7, and 8.x
What customers say about us
5.0
★
★
★
★
★
(1 review)
Great work and support
Great work and support
5.0
★
★
★
★
★
(3 reviews)
Niesamowite doświadczenie i znajomość Prestashop. Każdy minimalny błąd analizowany i poprawiany. Bardzo dobry kontakt podczas realizacji zlecenia
Jest to najlepszy informatyk / programista jakiego znam. Gość jest geniuszem do wszystkich spraw związanych z prowadzeniem strony internetowej oraz sklepu internetowego. Usługi warte każdych pieniędzy, polecam!
Very professional service. The store staff has a customer-focused approach. They effectively helped us select the most optimal solution for our store, then efficiently guided us through the technical aspects of the implementation process. They also provide ongoing support in managing and promoting our website. We highly recommend them!
2
Implemented
2
requests
Invisible reCAPTCHA v3 with risk scoring
Implemented
Replace the checkbox challenge with invisible reCAPTCHA v3 that scores visitor behavior. Only show challenges to suspicious traffic.
Response:
Available since v1.2.0! reCAPTCHA v3 invisible mode with configurable score threshold. Falls back to v2 challenge for borderline scores.
Turnstile by Cloudflare as an alternative
Implemented
Cloudflare Turnstile is free, privacy-friendly, and often invisible. Great alternative to Google reCAPTCHA.
Response:
Shipped in v1.3.0! Full Cloudflare Turnstile support alongside reCAPTCHA v2/v3 and hCaptcha. Choose per-form which provider to use.
No known issues
There are currently no open or resolved issues registered for this module.
30 days return right
Easy return - no questions asked
Plug & Play Modules
Install, set up and take profit
Dedicated Support First
Priority Help & Satisfaction Over Sales
More From This Category
No reviews yet. Be the first to leave a review!
Write a Review