Difference between revisions of "Google reCAPTCHA"

From WHMCS Documentation

(Enabling Invisible reCAPTCHA)
Line 25: Line 25:
  
 
==Enabling Invisible reCAPTCHA==
 
==Enabling Invisible reCAPTCHA==
[[File:ReCAPTCHA_Configuration.png|thumb|reCAPTCHA Key Generation]]
 
 
 
To enable the Invisible reCAPTCHA feature for the shopping cart, follow these steps:
 
To enable the Invisible reCAPTCHA feature for the shopping cart, follow these steps:
 +
[[File:Recaptcha-configuration.png|thumb|reCAPTCHA Key Generation]]
  
* Navigate to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > General Settings > [[Security Tab|Security]]''' or, prior to WHMCS 8.0, '''Setup > General Settings > Security'''
+
# Navigate to '''Configuration (<i class="fa fa-wrench" aria-hidden="true"></i>) > System Settings > General Settings > [[Security Tab|Security]]''' or, prior to WHMCS 8.0, '''Setup > General Settings > Security'''
* Under the setting Captcha Type, select Invisible reCAPTCHA
+
# Under the setting Captcha Type, select Invisible reCAPTCHA
* Visit https://www.google.com/recaptcha/admin and log into your Google account
+
# Visit https://www.google.com/recaptcha/admin and log into your Google account
* Click the "Register a new site" option, enter in a label for your key and select the "Invisible reCAPTCHA" option.
+
# Click '''Register a new site'''.
* Be sure to enter in your domain under the "domains" section and then accept the Google terms of service and click the Register button to finish registering your site and generating your keys.
+
# Enter a label for your key.
* Copy the Site Key and Secret Key issued by Google and enter them in the fields provided in WHMCS.
+
# Select ''reCAPTCHA v2''.
* Save Changes to complete the process
+
# Select ''Invisible reCAPTCHA badge''.
 +
# Be sure to enter in your domain under the ''domains'' section and then accept the Google terms of service and click the Register button to finish registering your site and generating your keys.
 +
# Copy the Site Key and Secret Key issued by Google and enter them in the fields provided in WHMCS.
 +
# Save Changes to complete the process
  
 
==Captcha Locations==
 
==Captcha Locations==

Revision as of 14:45, 13 April 2022

Differentiating between humans and bots (computers) is an ever-changing and more challenging task. A number of solutions have been implemented, typically involving increasing obscured text and numbers or images, such as the default 5 character verification of WHMCS.

As bots and software have become more sophisticated, a common solution was to make the text more difficult to read, which can result in frustrated and lost potential clients. Google's reCAPTCHA set's out to change that. They have created a system that is easy for people, but hard for bots. By using an advanced and more secure risk analysis engine, humans and bots are more effectively differentiated.

The first step in authentication is to ask the user to confirm that they are not a robot by checking a checkbox. Google's risk analysis engine analyzes how the user checked the checkbox, including how the user responds before, during, and after the action. In cases where the engine cannot confidently differentiate between them, a mobile-friendly verification tool like a CAPTCHA or image selection from a list may appear.

Google reCAPTCHA V2 is available in WHMCS 7.0 and later.
Google Invisible reCAPTCHA is available in WHMCS 7.7 and later.

Enabling Google reCAPTCHA

Google's reCAPTCHA may be enabled by following these steps:

  • Navigate to the Security tab at Configuration () > System Settings > General Settings or, prior to WHMCS 8.0, Setup > General Settings.
  • Under the setting Captcha Type, select reCAPTCHA
  • Visit https://www.google.com/recaptcha/admin and log into your Google account
  • Click the "Register a new site" option, enter in a label for your key and select the "Invisible reCAPTCHA" option.
  • Be sure to enter in your domain under the "domains" section and then accept the Google terms of service and click the Register button to finish registering your site and generating your keys.
  • Copy the Site Key and Secret Key issued by Google and enter them in the fields provided in WHMCS.
  • Save Changes to complete the process

Captcha config.png

Enabling Invisible reCAPTCHA

To enable the Invisible reCAPTCHA feature for the shopping cart, follow these steps:

reCAPTCHA Key Generation
  1. Navigate to Configuration () > System Settings > General Settings > Security or, prior to WHMCS 8.0, Setup > General Settings > Security
  2. Under the setting Captcha Type, select Invisible reCAPTCHA
  3. Visit https://www.google.com/recaptcha/admin and log into your Google account
  4. Click Register a new site.
  5. Enter a label for your key.
  6. Select reCAPTCHA v2.
  7. Select Invisible reCAPTCHA badge.
  8. Be sure to enter in your domain under the domains section and then accept the Google terms of service and click the Register button to finish registering your site and generating your keys.
  9. Copy the Site Key and Secret Key issued by Google and enter them in the fields provided in WHMCS.
  10. Save Changes to complete the process

Captcha Locations

This page describes a feature available in version 7.7 and above

You can choose which forms have a captcha enabled on them by checking the appropriate boxes in the "Captcha for Select Forms" option. The following options are available:

  • Shopping Cart Checkout - On checkout in the Client Area
  • Domain Checker - The homepage domain checker, and on the Register or Transfer domain pages in the cart
  • Client Registration - register.php
  • Contact Form - contactus.php
  • Ticket Submission - When submitting a ticket
  • Login Forms - Admin and Client login forms

Troubleshooting

Invalid Site Key/I can't login

If the site key specified under General Settings isn't valid for some reason and is preventing logins to the admin area to correct it, it will be necessary to disable reCAPTCHA manually via the database (setting "Captcha Form Protection " to "Always Off" temporarily to resolve this. Please take a backup of the database and then run the following SQL query using a tool like phpMyAdmin to do so:

UPDATE tblconfiguration SET value = '' WHERE setting = 'CaptchaSetting';