Skip to main content

Protect your forms with reCAPTCHA

Invisible reCAPTCHA v3 scores every form submission and rejects bots server-side — no puzzles for real visitors.

Updated 2026-07-17

Every CurateOne form already ships with honeypot and timing checks. reCAPTCHA v3 adds Google's bot scoring on top: each submission carries an invisible token, and the server rejects submissions that fail verification or score poorly. Visitors never see a checkbox or puzzle.

02Set it up

  1. Open the Google reCAPTCHA admin console and register your site — choose reCAPTCHA v3.
  2. Add your site's domains: your yourname.curateone.ai address and any custom domain you've connected.
  3. In the Widgets drawer, open Google reCAPTCHA (Forms category), paste the Site key, and paste the Secret key into the secret field — it's stored encrypted and used only server-side.
  4. Save & enable, then Publish. Submit your own contact form once on the live site to confirm it still goes through.
TipIf Google's verification service is ever unreachable, forms fail OPEN — a Google outage can't cost you real leads.