I’ve come across to a problem for a site i’m following: they use memberpress login page, that unfortunately present a lack about brute force attacks: there is no way to add a google recaptcha so easily.
Since i had to resolve in short this issue, and since i use a simple google recaptcha plugin here at axew3.com to prevent robot’s fake registrations, i edited the code just a little two lines making it work also into memberpress. The explained trick could be easily done using any other recaptcha plugin, but this 156 lines plugin, can also be easily hacked for our scope and will do the simple dirty job.
Download this plugin and install and configure it (or as you like, may download the plugin, apply modifications as below indicated, then upload into your plugin directory and install):
Simple Google reCAPTCHA
open the file
/wp-content/plugins/simple-google-recaptcha/simple-google-recaptcha.php
on it search for this line:
function sgr_check() {
just after add the follow:
if( isset($_REQUEST['mepr_process_login_form']) && isset($_REQUEST['mepr_is_login_page']) ){
sgr_verify($_REQUEST);
}then search for:
add_action("init", "sgr_check");
change into:
add_action("init", "sgr_check", 9);
save and replace.
Now open:
/wp-content/plugins/memberpress/app/views/login/form.php
and immediately after this:
<div>
<label><input name="rememberme" type="checkbox" id="rememberme" value="forever"<?php checked(isset($_REQUEST['rememberme'])); ?> /> <?php _ex('Remember Me', 'ui', 'memberpress'); ?></label>
</div>
<div class="mp-spacer"> </div>add the follow (note that the code could be added wherever you want, but before the closing </form> tag):
<div class="sgr-recaptcha"></div>
Save and replace. If there is some payment/subscription process using same page to access (for example) a payment renew, then may something else need to be added to prevent action to fire when not needed.
Cheers to all lovely and cool people!