reCAPTCHA Setup

Nathan Paton edited this page Feb 10, 2016 · 8 revisions

Dolphin includes built-in support for reCAPTCHA to help keep bots and spammers at bay. While it won't keep all spam out, it can greatly reduce the number of registrations, and make site management easier.

reCAPTCHA is enabled by default on new installs, but it won't work until it's setup - this means creating and adding an API key from Google. Until then, users can't join or use the contact form (see: Disabling reCAPTCHA - not recommended!).

First, we'll need to create an API key. This requires a Google account, as reCAPTCHA is a Google service. You can create an API key by logging onto: https://www.google.com/recaptcha/intro/index.html

Look for the blue "Get reCAPTCHA" button in the header and click it:

Screen Shot 2016-02-09 at 10.26.36 PM.png

If you're not all ready logged in, you'll be asked to login or to create a new Google account. You may be brought back to the reCAPTCHA homepage after logging in - don't worry, just reclick the "Get reCAPTCHA" button.

You should see a form to "Register a new site":

Screen Shot 2016-02-09 at 10.30.37 PM.png

Fill in the form with a Label (e.g., "My Community") and the Domains that will be using the key. You should only enter the FQDN (fully qualified domain name), without the www prefix or any subdomains - the domain itself is enough:

Screen Shot 2016-02-09 at 10.33.30 PM.png

You should leave "Send alert to owners" checked to be notified about any issues with the key or unusual site traffic.

Next, click the blue "Register" button.

You now have a shiny new reCAPTCH API key! Scroll down the page until you see the "Adding reCAPTCHA to your site" section. Look for the "Site key" and "Secret key"... keys:

Screen Shot 2016-02-09 at 10.37.12 PM.png

Now switch over to Dolphin and open the Administration Panel => Settings => Advanced Settings => Security. Dolphin all ready includes all the necessary code for reCAPTCHA integrated, so all that's needed is to add the keys:

Screen Shot 2016-02-09 at 10.39.14 PM.png

Enter in the two reCAPTCHA fields:

  • ReCAPTCHA Public Key: Your Site key
  • ReCAPTCHA Private Key: Your Secret key

Like so:

Screen Shot 2016-02-09 at 10.40.48 PM.png

Now scroll down and click the blue "Save" button. That's it! reCAPTCHA is now setup on the site.


Disabling reCAPTCHA

Note: This is not recommended. reCAPTCHA can greatly reduce the number of bot and spam registrations on the site. Disabling it can lead to an uncontrollable flood that is not fun.

You can disable reCAPTCHA on the join form from the Profile Fields Builder. Go to the Administration Panel => Builders => Profile Fields. You'll be on the join page by default. Look for the "CAPTCHA" item and drag it to the Inactive area of the Fields Builder. This will immediately disable the field and remove it from the form.

Removing reCAPTCHA from the contact form is a bit tricker - there's no option to remove it via a setting or the builders. You must edit the related code in the contact.php file and comment-out or remove it. Edit the file and look for (around line 107):

'captcha' => array(
    'type' => 'captcha',
    'caption' => _t('_Enter what you see'),
    'name' => 'securityImageValue',
    'required' => true,
    'checker' => array(
        'func' => 'captcha',
        'error' => _t( '_Incorrect Captcha' ),
    ),
),

And comment out:

/*
'captcha' => array(
    'type' => 'captcha',
    'caption' => _t('_Enter what you see'),
    'name' => 'securityImageValue',
    'required' => true,
    'checker' => array(
        'func' => 'captcha',
        'error' => _t( '_Incorrect Captcha' ),
    ),
),
*/

or remove it entirely. Once done, save the changes. reCAPTCHA will no longer load on the contact form. To add it back later, revert the changes.

For the password reset form, it's almost the same procedure as above. Edit the forgot.php file and look for (around line 67):

array(
    'type' => 'captcha',
    'name' => 'captcha',
    'caption' => _t('_Enter Captcha'),
    'required' => true,
    'checker' => array(
        'func' => 'captcha',
        'error' => _t( '_Incorrect Captcha' ),
    ),
),

And comment out:

/*
array(
    'type' => 'captcha',
    'name' => 'captcha',
    'caption' => _t('_Enter Captcha'),
    'required' => true,
    'checker' => array(
        'func' => 'captcha',
        'error' => _t( '_Incorrect Captcha' ),
    ),
),
*/

or remove it entirely. Then save the changes.

You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.