Content Notify features a built-in anti-spam honeypot to help prevent spam or fake subscriptions from being created. This is implemented by way of a hidden form field at the bottom of the Content Notify subscription form which will fail the form’s validation if changed. In addition to this, you can also use a CAPTCHA service to add a dedicated CAPTCHA field to the bottom of the Content Notify subscription form. Adding a CAPTCHA field can prevent fake/spam subscribers with high levels of success.

To use a CAPTCHA field in your forms, you must add captcha="true" to any Content Notify form shortcodes that you wish to use it on.
You must then choose your CAPTCHA service and add your site and secrets keys (see steps of how to get one, below) under Subscriptions > Settings > Security in the WordPress Admin.

Cloudflare Turnstile CAPTCHA

Cloudflare’s Turnstile CAPTCHA service requires a free Cloudflare account in order to use it. To sign-up for this, and get the required ‘site key’ for this to work, here’s what you need to do:

1. Sign up for a new account or log into an existing one at Cloudflare.com.
2. Add a new site using the domain name you wish to use the CAPTCHA service on. For example, on this site, I used ‘contentnotify.com’.
3. Choose ‘Free’ option when asked which plan you’d like and press ‘Continue’.
4. Cloudflare may do a scan of your domain at this point.
5. Press the back arrow icon under the Cloudflare logo in the top left of the screen (not the browser’s back button) to return to the main Dashboard page.
6. Go to ‘Turnstile’ in the left sidebar menu.
7. Click ‘Add Site’.
8. Type a name for your site. For example, on this site, I used ‘Content Notify’.
9. Choose your domain from the list of available domains below. This was the one created in step 2.
10. Choose your Widget Type. If you don’t know which one to use, leave it on ‘Managed’.
11. Click ‘Create’.
12. Make a note of the ‘Site Key’ and ‘Secret Key’ shown next.
13. Go back to the WordPress Admin and go to Subscriptions > Settings > Security.
14.  Choose ‘Cloudflare Turnstile’ under the CAPTCHA Service selection box.
15. Click ‘Save Changes’.
16. New ‘Cloudflare Turnstile Site Key’ and ‘Cloudflare Turnstile Secret Key’ fields should show. Add in your site key and secret key from step 12.
17. Choose a theme (light or dark), or leave blank for the default theme, which will use either depending on the settings inside your computer’s operating system.
18. Click ‘Save Changes’, again.

CAPTCHA has now been added to any of the Content Notify form shortcodes that you added captcha="true" to.

Google reCAPTCHA v3

Content Notify supports Google’s reCAPTCHA v3 service which, unlike v2 which requires some kind of user input, is invisible and bases the outcome of the hidden v3 CAPTCHA field on a score instead.
Content Notify does not support reCAPTCHA v2 as it is now considered outdated.

To use Google reCAPTCHA v3, you must have a Google account. Once you have a Google account, here are the steps you need to take in order to create a reCAPTCHA for your site:

1. Go to https://www.google.com/recaptcha/admin/
2. Click the ‘+’ (Create) icon in the top right of the screen to register a new site for reCAPTCHA.
3. Type a label for your site. This can be anything you like.
4. Choose ‘reCAPTCHA v3’. Content Notify does not support reCAPTCHA v2.
5. Add one or more domains to the next field.
6. Tick the box to ‘Accept the reCAPTCHA Terms of Service’.
7. Click ‘Submit’.
8. Make a note of the ‘Site Key’ and ‘Secret Key’ shown next.
9. Go back to the WordPress Admin and go to Subscriptions > Settings > Security.
10.  Choose ‘Google reCAPTCHA v3’ under the CAPTCHA Service selection box.
11. Click ‘Save Changes’.
12. New ‘Google reCAPTCHA v3 Site Key’ and ‘Google reCAPTCHA v3 Secret Key’ fields should show.
13. Add in your site key and secret key from step 8.
14. Click ‘Save Changes’, again.

CAPTCHA has now been added to any of the Content Notify form shortcodes that you added captcha="true" to.

hCaptcha

hCaptcha’s CAPTCHA service requires a free account in order to use it. To sign-up for this, and get the required ‘site key’ for this to work, here’s what you need to do:

1. Sign-up for an ‘hCaptcha for Publishers’ account: https://www.hcaptcha.com/signup-interstitial
2. Once signed-up and logged in, create a new site by going to ‘Sites’ in the top right of the main navigation.
3. Click the ‘New Site’ button in the top right.
4. Type a name for your sitekey. This can be anything you like.
5. Add the domain name(s) you wish to use the CAPTCHA service on. For example, on this site, I used ‘contentnotify.com’.
6. For ‘hCaptcha Behaviour’, choose ‘Mode: Always Challenge’. This is the only included option in the ‘hCaptcha for Publishers’ plan.
7. Set the ‘Passing Threshold’ to ‘Moderate’.
8. Click ‘Save’ in the top right.
9. Click ‘Settings’ on your new site shown in the ‘Active Sites’ section.
10. Make a note of the ‘Site Key’.
11. Click the avatar icon in the top right of the main navigation and click ‘Settings’.
12. Make a note of the ‘Secret Key’.
13. Go back to the WordPress Admin and go to Subscriptions > Settings > Security.
14. Choose ‘hCaptcha’ under the CAPTCHA Service selection box.
15. Click ‘Save Changes’.
16. New ‘hCaptcha Site Key’ and ‘hCaptcha Secret Key’ fields should show.
17. Add in your site key from step 10 and secret key from step 12.
18. Click ‘Save Changes’, again.

CAPTCHA has now been added to any of the Content Notify form shortcodes that you added captcha="true" to.