How to use Google reCaptcha on WFFM with ASP.NET Layout

Recently I needed to have reCaptcha on my forms so that I can secure them from bots. My client specifically wants to use reCaptcha so that we can have “I’m not a robot” check on our web forms.


There is a guide provided by Sitecore on “How to use reCaptcha on forms”, but that is for MVC layouts (See that guide here), not for ASP.NET layouts. I have spent a lot on finding a way to use reCaptcha on ASP.NET layout and then I landed on here . but, the question was, how to use this for WFFM as we don’t have access to the code. So I thought of implementing this by creating a custom field type for WFFM and render that HTML and javascript via that new field type.

So let’s take a look at that implementation.

  1. Create a class and inherit it from Sitecore.Form.Web.UI.Controls.LabelreCaptcha-code
  2. use the below Javascript code for the button click event
    $(".scfSubmitButton").click(function() {
    /*read the tocken generated by reCaptcha , token will be generated only
    if the validation is successfull */   
        var rcres = grecaptcha.getResponse();
        if (rcres.length) {
            return true;
        } else {
            return false;
  3. Create a custom field type in Sitecore at this location – /Sitecore/system/Modules/Web Forms for Marketers/Settings/Field Types/Custom  custom-field-type.png
  4. Download the and place the Recaptcha.dll into your website’s bin folder.
  5. Now the new custom field type is ready. You just need to add a field on your form and select the field type as your new custom field (reCaptcha in my case). field-on-form.png

Publish your form and see the reCaptcha in action as shown in this screenshot.actual-use.png

I know not many people are using Sitecore on ASP.NET layouts, MVC is lightweight and far good for Sitecore. But there are some implementations on ASP.NET layouts as well, so Wrote this post in a hope that it will help someone like me.

How to hide Publish Site button in Sitecore

Publish Site –  yeah that’s the button which can cause you some serious failure in your live site if you don’t use this with extra care. What I mean to say is – if accidentally, a user hits the Publish Site, this can publish all the items from the content tree ( you might have items which are not supposed to go live). Not only this, if the content tree is large, this may cause a performance issue as well and of course, that will affect the end user. No one wants to make a bad impression on the audience of the site.

So, the million dollar question is – How can I hide/remove the Publish Site button for my users?

Well, I have got the answer in the next few lines.

Note- Publish Site is available in two locations, The Start Menu, and the Publish Menu in the content editor. So let’s do it-

  1. Login to your core database in Sitecore.
  2. Now, open the Security Editor either from start button or from the dashboard.
  3. Select the role “Sitecore Client Publishing” by clicking on the account button available on the top of the security editor window.selectrole
  4. To hide the Publish Site button from the start menu, Navigate to the sitecore > content > document and settings > all users > start menu > left > publish site item in the left pane and remove the read permission from there.hideinstartmenu
  5. To hide the Publish Site from the publish menu in the content editor, Navigate to sitecore > content > applications > content editor > menues > publish site item in the left pane and deny the read permission on this item.hideinpublishmenu

One last not-  The above steps will hide the Publish Site feature from your Sitecore instance for all the users except Admin users.


Field Level Restrictions in Sitecore

Requirement: As an admin user, I want read only access on a field for a specific role.

Solution: First of all having read or write access on a particular field is not possible in Sitecore. So now the question is, what can be done in this situation? And the answers is, by restricting the field itself for required user or role. To achieve this, you have to break the inheritance of this field for the required role.

  1. Go to Role Manager and Create a new Role


  1. Select the newly created role and add the required role in members list.


  1. Go to Security Editor and select the newly created role and then navigate to field (to be restricted)


That’s it, we are done with restricting a field access for a particular role. Now, the field will not be visible for the selected role users on template item.