• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
NameHero® Blog

NameHero® Blog

Web Hosting Tips & Resources From NameHero

  • Hosting
    • Web Hosting
    • VPS Hosting
    • WordPress Hosting
    • WooCommerce Hosting
  • Reseller
  • Enterprise
  • Domains
  • Account
  • Blog Home
  • Categories
  • Authors

How To Add Cloudflare Turnstile To WordPress

Bhagwad Park

Published on: October 24, 2022

Categories: Website Security 0

A short while back, Cloudflare announced a new tool – Turnstile. It’s an alternative to the ubiquitous CAPTCHA forms that are used on 98% of websites. This new tool achieves the same goal of protecting you from spam, but without the intrusive puzzle-solving and sending your data to Google. Here’s how to integrate Cloudflare’s turnstile onto your site.

Step 1: Log in to Cloudflare and Generate a Domain Key

Unlike other Cloudflare services, you don’t need to integrate your site with Cloudflare to use Turnstile. Of course, you need a Cloudflare account, so log into your dashboard and select “Turnstile” on the right-hand side as shown below. This is an account-wide feature, so don’t choose any specific site:

Add Site to Cloudflare for Turnstile Integration
Add Site to Cloudflare for Turnstile Integration

For this test, I’m using the test NameHero domain. So under “Domain”, either choose a site you’ve already added to Cloudflare or create a new one. Under “Widget Type”, select “Non-interactive”. You can also choose to hide the Turnstile entirely if you want.

After this, Cloudflare will assign a “Site Key” and a “Secret Key” as shown here:

Cloudflare Turnstile Site Key and Secret Key
Cloudflare Turnstile Site Key and Secret Key

Keep both of these keys in a safe location.

Step 2: Download the Simple Cloudflare Turnstile Plugin

This is a “set it and forget it” plugin. Compared to other add-ons like WS Forms, the Simple Cloudflare Turnstile has a basic configuration, is braindead, and is easy to use. Download and install the plugin and in the configuration screen, enter your Site Key and Secret Key as shown here:

Enter the Site and Secret Key into the WordPress Plugin
Enter the Site and Secret Key into the WordPress Plugin

You can choose to disable your form’s “Submit” button until the challenge is solved and choose the theme of the Turnstile. Further down, select the WordPress forms to which you want to apply the Cloudflare Turnstile. You can start with the comment form as shown here:

Select the Forms to Use with Turnstile
Select the Forms to Use with Turnstile

All the above forms are popular targets for bots and spammers. So there’s no harm in enabling them all. Save your changes. Now the Simple Cloudflare Turnstile plugin will ask you to validate the API response like this:

Test Cloudflare Turnstile API Resposne
Test Cloudflare Turnstile API Response

Click the green “Test API Response” button, and if everything goes well, it should validate as shown here:

Successful Cloudflare Turnstile Response
Successful Cloudflare Turnstile Response

And you’re done.

Testing the Cloudflare Turnstile Form

Navigate to a form on which you’ve enabled the Cloudflare Turnstile widget. You should see something like this:

Cloudflare Turnstile Working on the Comment Form
Cloudflare Turnstile Working on the Comment Form

As shown above, the widget will evaluate your behavior to determine if you’re a human or not. And if so, it’ll show “Success,” and you can submit the form without further interaction. This is the easiest way to add Cloudflare’s Turnstile widget to WordPress.

How Turnstile is Better than CAPTCHA

The most obvious way that Turnstile is superior to CAPTCHA is that it doesn’t require user interaction. Unlike CAPTCHA, you don’t have to solve a puzzle or click images. It’s easier and more seamless for your users.

The other benefit, however, is that it’s a massive improvement in privacy. CAPTCHA sends your data to Google and users with a Google cookie receive a higher value than those who don’t. Google swears up and down that they don’t use the data they collect for ad targeting. But is it believable? I don’t think so. On the other hand, Cloudflare Turnstile doesn’t send your data to Cloudflare in the first place. And because of this, it’s more privacy friendly than Google’s CAPTCHA.

Turnstile is mature enough for production use, and I recommend everyone who uses a CAPTCHA to use Turnstile instead.

Bhagwad Park Profile Picture
Bhagwad Park

I’m a NameHero team member, and an expert on WordPress and web hosting. I’ve been in this industry since 2008. I’ve also developed apps on Android and have written extensive tutorials on managing Linux servers. You can contact me on my website WP-Tweaks.com!

Related Posts

How to Fix the “ssl_error_no_cypher_overlap” Error on Mozilla Firefox

Check out our guide on how to fix the ssl_error_no_cypher_overlap error code, which indicates a mismatch in the cipher suites in Firefox.

How to Fix ‘ERR_CACHE_MISS’ in Chrome: A Comprehensive Guide (6 Ways To Fix!)

Check out these six ways to fix the ERR_CACHE_MISS error in Google Chrome quickly and easily - no coding or technical skills required!

Blocking Countries In QUIC.cloud And Cloudflare

Despite assertions to the contrary, blocking an entire country from your website is a legit tactic - especially if it's a source of spam.

How To Open Or Add Ports Using IPTables

Here's how to open or add ports using IPTables. I also show you how to delete rules, and why you shouldn't use IPTables in its raw form.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Follow & Subscribe

Exclusive promos, content and more!

Most Popular Posts

NameHero’s Recommended WordPress Plugin and Theme Setup (2023)

WordPress Hosting vs. Web Hosting – What’s The Difference?

How To Increase The InnoDB Buffer Pool Size

How To Fix A Stuck All-in-One WP Migration Import

How To Add A Subdomain In Cloudflare

Top Categories

  • WordPress
  • WordPress Tutorials
  • Enterprise Hosting
  • WooCommerce
  • Web Hosting
  • Resellers
  • Website Security
  • Website Development
  • Website Performance
  • VPS Hosting
  • SEO Tips
  • Announcements
  • Domain Registration
NameHero

NameHero® proudly provides web hosting to over 40,000 customers with 99.9% uptime to over 750,000 websites.

  • Master Card
  • Visa
  • American Express
  • Discover
  • Paypal
Products
  • Web Hosting
  • VPS Hosting
  • WordPress Hosting
  • WooCommerce Hosting
  • Reseller Hosting
  • Enterprise Hosting
  • Domains
Help & Support
  • NameHero Blog
  • Support
  • Help Center
  • Migrations
  • Affiliates
  • Call 1-855-984-6263
Company
  • About Us
  • Contact Sales
  • Reviews
  • Uptime
  • We're Hiring

Copyright © 2023 Name Hero, LLC. All rights reserved.
NameHero® is a registered trademark.

  • Privacy Policy
  • Terms of Use
  • Acceptable Use Policy
  • Payment Policy
  • DMCA