Skip to content
/ ext_captcha Public

Implementation of hCaptcha / ReCaptcha spam prevention for Textpattern CMS

3 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Bloke/ext_captcha

BranchesTags

Repository files navigation

ext_captcha

An implementation of either ReCaptcha (v3) or hCaptcha for detecting bot/spammer interaction with your site.

Installation / Uninstallation

Download this plugin# and then follow the instructions below depending on your version of Textpattern. For bug reports, please raise an issue#.

For Textpattern 4.8.x+

Upload the plugin’s .zip file to the Admin→Plugins panel, install and enable the plugin.

To uninstall, delete the plugin from the Admin→Plugins panel.

For Textpattern 4.7.x

  1. Unpack the plugin’s .zip file.
  2. If you’re intending to use ReCaptcha, upload the ReCaptcha library to your textpattern/vendors directory.
  3. Paste the code from the .txt file into the Textpattern Admin→Plugins panel, install and enable the plugin.

To uninstall:

  • Delete the plugin from the Admin→Plugins panel.
  • Remove ReCaptcha from the textpattern/vendors directory if it’s there.

Setup for hCaptcha

  1. Visit the hcaptcha registration site
  2. Follow the instructions for obtaining site/secret keys for hCaptcha on your chosen domain.
  3. Visit your site’s Admin→Prefs panel and click the Captcha group from the list.
  4. Copy and paste the Site and Secret keys into the relevant boxes.
  5. Adjust the Score threshold if you are using an Enterprise account. 0.5 is average. hCaptcha uses risk scores that are the inverse of ReCaptcha. Higher values (towards 1.0) indicate a greater threat. 0.0 is no risk.
  6. Save the prefs.

Setup for ReCaptcha

  1. Visit the ReCaptcha registration site.
  2. Follow the instructions for obtaining site/secret keys for ReCaptcha v3 on your chosen domain.
  3. Visit your site’s Admin→Prefs panel and click the Captcha group from the list.
  4. Copy and paste the Site and Secret keys into the relevant boxes.
  5. Adjust the Score threshold if you wish. 0.5 is average. Higher values (towards 1.0) are more stringent, i.e. content with a higher score is required to pass. Lower values, towards zero, are more lenient.
  6. Adjust the time that the captcha response remains valid (default is 120 seconds). If you have complex forms you may wish to raise this. Set it to zero to disable this feature.
  7. Save the prefs.

Usage after setup

Somewhere in your Page/Form template that you wish to employ the captcha, add this tag:

<txp:ext_captcha /> or <ext::captcha />

If the plugin is used within a com_connect form, a zem_contact form, a mem_form or a Textpattern comment form and the test fails, the plugin will raise a “SPAM” evaluation result, forbidding the form submission.

Additional security / CSP

Todo.

Author / credits

Written by Stef Dawson. Rowan Merewood for the recaptcha v3 library.

About

Implementation of hCaptcha / ReCaptcha spam prevention for Textpattern CMS

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages