This plugin hasn’t been tested with the latest 3 major releases of WordPress. It may no longer be maintained or supported and may have compatibility issues when used with more recent versions of WordPress.

Gab Captcha 2


Gab Captcha 2 is a simple, easy-to-solve and efficient captcha plugin for fighting spam in WordPress comments.

It adds an easy Turing test before each comment form. The Turing test consists of emphasized characters (red by default) that you must type in a text field. The plugin can be configured in your administration area.

The captcha can be displayed using JavaScript for maximum security (recommended) but can also be displayed without using any JavaScript code. This can be configured in the the plugin settings.

You can choose to insert (or not insert) the comments into the database on failure to provide a valid solution. Inserting comments on failure can be useful if you want to be sure that blocked comments are really spam. On the other hand, choosing not to insert the comments on failure can lower your database usage as writing to the database is an expensive process.

On failure to provide a valid solution, a visitor will have the opportunity to try again and will not loose his comment.

Gab Captcha 2 currently comes in three languages: English (default), Russian (partial) and French. You are welcome to propose your own translation or to update existing ones, especially the English one as I am not a native English speaker.

Important notes:

  1. Depending on your settings, this plugin may requires Javascript to be able to post a comment
  2. This plugin can automatically approve valid comments depending on your settings
  3. This plugin requires PHP 5


  • Gab Captcha 2 settings in WordPress administration area
  • Gab Captcha 2 before the comment text area


This section describes how to install the plugin and get it working.

  1. Extract and upload the directory “gabcaptcha2” and all its content to your ‘/wp-content/plugins/’ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress

Optional but recommended :

  1. Change the options to fit your needs in the ‘Settings > Gab Captcha 2’ menu in your WordPress administration area
  2. If you don’t want to receive an email after each spam has been catched:
    1. Go to the ‘Settings > Discussion’ menu
      1. Tick the following checkboxes:
        • “E-mail me whenever > Anyone posts a comment”
        • “Before a comment appears > An administrator must always approve the comment”
        • “Before a comment appears > Comment author must have a previously approved comment”
      2. Uncheck the following checkbox:
        • “E-mail me whenever > A comment is held for moderation”
    2. Go to the ‘Settings > Gab Captcha 2’ menu
      1. Choose ‘yes’ for ‘Automatically approve comments who passed the test’

You will now receive an email only after a valid comment has been posted.


Is Gab Captcha unbeatable by spambots?

Definitely not. But it stopped all my spam as of today (getting about 100 spams every single day).

Can I change some settings for Gab Captcha 2?

Yes. Go to the ‘Settings > Gab Captcha 2’ menu in your WordPress administration area.

Why Gab Captcha 2 is not translated in my language?

Most probably because nobody submitted a translation for your language yet. But you can help:
1. Go to read this article
2. The POT file is located in the “lang” sub-directory of Gab Captcha 2
3. Then send me your translated file.
Note: do not edit .po files by hand. Use an appropriate tool such as Poedit and send me both the resulting .po and .mo files.


Read all 1 review

Contributors & Developers

“Gab Captcha 2” is open source software. The following people have contributed to this plugin.


Translate “Gab Captcha 2” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Corrected a Javascript issue in IE8


  • Added an option for legacy themes compatibility. Legacy themes often do not use the comment_form() function that brings several actions and filters. Check this option if the captcha doesn’t appear since update 1.0.15. The only action used will be “comment_form” and JavaScript will be used compulsory.


  • Better handling of captcha insertion, should be compatible with more themes
  • JavaScript is now optional (but recommended) to use the captcha, that is configurable in the options. Default setting: use JavaScript.
  • On failure to provide a valid solution, the page is scrolled to the fieldset of the captcha
  • On failure to provide a valid solution, the captcha field is autofocused
  • On failure to provide a valid solution, the commment data is now sanitized using wp_kses_data()
  • Simplified a little JavaScript code
  • Corrected translations


  • Logged in users can post comments again now (oops)


  • Option to block spam before it is inserted into the database (default is: insert, like the previous version)
  • Corrected the “required” attribute of checkbox fields
  • Updated the description in readme.txt (this file)
  • Code cleaning
  • Bugs fixed


  • Performance tweaks
  • Use DOM methods to add the captcha instead of element.innerHTML: can now be used on XHTML websites served as application/xhtml+xml
  • Corrected the display bug when the credits are displayed as text
  • Code cleaning
  • Administration page improved
  • WordPress 3.3 support


  • Fixed the checkbox that was not saved in the options (thanks to Hans!)
  • No longer use a file to get back the comment after failure
  • Better escaping thanks to esc_js()
  • Code cleaning
  • Moved the code outside the main class inside the class
  • Corrected the visibility of some main class functions


  • This is a maintenance release
  • Bug fixed: Captcha field length was hard-coded to “4”, ignoring the corresponding option. Now fixed. Thanks to Billy Willoughby for reporting this!
  • Renamed the PHP functions outside the class and the Javascript functions so that they all begin with the “gabcaptcha2_” prefix to avoid conflicts.
  • Updated French translation. Waiting for the Russian translation.


  • New administration page
  • Only two options in the WordPress options table now
  • Bugs fixed
  • Updated French translation


  • Bugs fixed
  • Translation issues fixed
  • If the URL field is not found, try with other fields


  • Bugs fixed


  • Russian translation added (thanks!)


  • Fixed some translation issues
  • Updated the Readme file


  • After an invalid solution is provided, automatically scrolls to the comment area so that the user knows he failed.


  • Fixed the appearance of message “You are posting too quickly. Slow down!” when a valid solution has been provided.


  • Fixed the appearance of message “Dupplicate comment detected” after retrying to post a comment with a valid solution.
  • Comments are no longer moved to the spam folder.


  • Use a class now
  • Use the standard WordPress translation system using .po and .mo files. You can contribute your translation using Poedit.
  • Use the recommended way to insert CSS in WordPress
  • Function reorganisation
  • Code cleaning


  • Added choice for 3 methods of generation: Standard (most compatible but average security), CSS (improved security, compatible with CSS-capable browsers), and CSS 3 (better security but only compatible with CSS3-compliant browsers)
  • Corrected a bug in CSS 3 method: the indices of :nth-child() were not shifted, leading to the CSS 3 method to be unusable previously
  • Corrected some translations


  • Corrected captcha random generation issue
  • Improved performance a little.
  • Added option for CSS3 only captcha solution (but keep in mind that only CSS3-enabled browsers will be compatible!)
  • Corrected invalid value for CSS property problem


  • Initial public version