What is G.A.S.P. Protected WordPress Login and how to enable it?

GASP stands for: Growmap Anti Spambot Plugin.

There was a plugin released for WordPress (G.A.S.P. Plugin) that did a great job at preventing WordPress comment spam by automated spambots.

It worked by adding a check box to the comments form that was generated using Javascript. Since most automated bots don't process/render Javascript, they couldn't check the checkbox in the form. Therefore, all comments submitted were easily rejected by the server since the checkbox wasn't present.

GASP Protection on the login screen works in exactly the same manner.

Enabling this option will place a checkbox on the login screen:

To enable GASP protection on your standard WP login/lost password/registration forms, you'll need to select these forms first, and then enable Bot Protection option:

What does this feature protect me from?

It protects you against brute force login attacks from spambots that can't process javascript on the login page (which is most of them).

If the server-side checks doesn't find this checkbox present, it'll reject the login process altogether.

Applications of this feature

This feature has minimal impact on the logging-in user and is reliable in preventing automated login attempts to your site.

To learn more how to add GASP protection to the WordPress login form, read our blog article here.

Important point to note

Bot Protection feature is depreciated. You can use it but we highly recommend trying out our Antibot Detection Engine instead. They're the newer, better way to protect the forms.

This completely removes the need for login form CAPTCHAs, and Shield’s own GASP “I’m a human” checkbox.

We’re passively testing a visitor’s status (no direct interaction required from the visitor), and we build their Bot Score and allow or deny the request.

Please note that, if you decide to enable G.A.S.P (I'm a human) checkbox option, you'll need to disable ADE first.