Resizing Recaptcha

RecaptchaGoogle has made it really easy to add their Recaptcha to any form, but since it’s an iframe, sizing it to fit any space becomes an issue. This is especially difficult in a sidebar, because the Recaptcha will easily stretch past anything under 300px in width. Because of the iframe, writing CSS rules for any of the internal elements is useless, so the only chance is to put it in a container and style that. Fortunately, Gravity Forms already provides a container around the iframe, in the form of a div with the class “ginput_container” and “ginput_recaptcha”. Most form plugins will provide the same container div around the iframe.

To the “ginput_recaptcha” class, I’ll add these rules:

transform: scale(0.77);

-webkit-transform: scale(0.77);

transform-origin: 0 0;

-webkit-transform-origin: 0 0;

Captcha corrected

77% seems to be the best resize, although you can scale it to whatever size you need. In this case, 77 was the perfect number, as it completely lined up with the other inputs in the form.

Postman SMTP

Some sites, and some hosting platforms, have difficulty handling email, in which case we have to add a plugin to ensure email delivery goes through smooth. Here are the steps for adding our preferred plugin, Postman SMTP, to a WordPress site:

  1. Find the plugin within the repository. It is
  2. Have at the ready an email address, preferably a gmail, and log in to it. You’ll need this address to set up the APP, API Key and App Secret.
  3. Enable the plugin and go through the Setup Wizard. It will ask you the email address and name. If a gmail address, it will go through the next two steps without any input needed.
  4. In authentication, click the link to the Google Developers Console Gmail Wizard to set up the App.
  5. In the Console, it will ask you to create a project and if you agree to the terms of service. This will enable the API.
  6. In the first step, you are using a Gmail API. In the second step, you’ll be calling this from a Web Browser (JavaScript). Next, click on User Data as the data you will be accessing. Then click on What Credentials Do I Need?
  7. The Console will ask you for the Authorized JavaScript origins and Redirect URI, which are in the current screen of Postman SMTP. Add those to the console and click on create the ID.
  8. Still in the Console, add the email address and add a Product Name of your choosing.
  9. This will give you the Client ID. Copy it and paste it into Postman SMTP’s settings.
  10. To get the Client Secret, click on Credentials in the left menu, then click on the name of your APP. This will give you the Secret. Add to Postman SMTP.
  11. You’ll have to enable the APP, which Postman will prompt you to do.
  12. You’ll also need to go back into the settings, and change the transport type to Gmail API from SMTP.

And that should be it. Next, test the form to make sure everything is in order.

Reviews Format

Want to know what people are saying? Take a look at our various reviews profiles below, and feel free to leave your own comments! We greatly appreciate hearing feedback from our clients. Please note that many of these sites require accounts to discourage inauthentic reviews. To find us on Yelp, simply search “XXX” near “XXX”

*Requires Account

Google Plus

*Requires Account

Yellow Pages

*No Account Required


*Requires Account


Master List of Spam Referral Sources

This post is no longer in use because there is a built in Google feature you can enable on the view settings of each account.

These are to be added to iThemes as blocked user agents.



Permanent redirect all pages to HTTPS on WordPress

In the past we have modified the standard WordPress snippet in the htaccess file to add this redirect code. It is best to add this as a separate section in the htaccess file to prevent it being overidden by security plugin or a WordPress update.

# https
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^(.*) https://%{SERVER_NAME}/$1 [R,L]
# end https

The Boom Visibility Parent Theme

Adapted from the WordPress Twenty Twelve Theme

Sliders and Tabs use Bx Slider

Photo Galleries and Single Images Use Osvaldas Responsive Gallery Script

The responsive Menu uses slick nav.

A copy of the parent theme can be worded on and experimented on  Don’t assume the latest version is on there though.


Added columns shortcode and newsletter sign up code for gravity forms.


Reorganized style.css into areas with their own sets of media queries.  Add PDF jQuery script to assign class to PDF’s and open in new window. Removed UL LI grids.


Charlie’s Version of the parent theme deviated from the Saas build.


Scott’s Version of the Parent theme deviated from the Saas build and a few additional sites.


  • Advanced Custom Fields
  • Gravity Forms

Setting Up Gravity Forms Notifications Settings

Gravity Forms notifications are set up in the individual settings of each form. Under notifications, select Admin Notification (the default).

The Send to Email should be set to the email addresses the form should go to.

From Name can be set from the drop down to the right. The First Name should be selected, then a space, then Last Name.

From Email should be set to something like wordpress@<site URL>.

Reply to should be set to the user’s Email address (again, in the right hand dropdown).

BCC to admin email address.

Subject remove all but New Submission Form and add  First Name , then a space, then Last Name, as before.

If this form is in a sidebar, add Embed Post/Page Title into the Message.


Post-Hack Procedures

Reset FTP passwords

Reset all admin passwords

Reset database password

Reset WordPress SALTs

Check to see if any new users have been added

Replace all WordPress core files outside of Wp-content, except for WP-config.php.  Visually check over this file, if you are unsure then copy the database specs to the wp-config-sample.php and rename it.

Within WP-content.

Manually go through all of the folders within the uploads folder.

Manually review all files in the active theme folder.

Delete the cache folder it is there.  Delete unneeded themes.  Remove unneeded or unused plugins.  For any remaining plugins delete the folder and redownload them from the repository.

Run WordFence scan.



Configure iThemes Security

Within Global Settings:
Write to Files: Allow iThemes Security to write to wp-config.php and .htaccess
Set notification email and backup email to web@ address
Send Digest Email
Enable Blacklist Repeat Offender
Add Current IP to Whitelist
Enable Infinite WP Compatibility

Within Banned Users:
Enable Ban Lists

Within System Tweaks:
Protect System Files
Disable Directory Browsing
Disable PHP in Uploads

Within WordPress Tweaks:
Remove the Windows Live Writer header
Remove the RSD Header
Reduce comment spam
Disable XML-RPC (unless using Jetpack)
Block Multiple Authentication Attempts per XML-RPC Request
Protect System Files

We also change the login URL, which is especially important if the site has a history of malware. This is in the Advanced Tab as Hide Backend. In this setting, you can change the login URL to anything you would like.