Skip to content
Roundcube plugin to enforce reCAPTCHA for users who have too many failed logins.
PHP TSQL CSS
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
SQL Add empty update scripts for all database drivers. May 12, 2018
lib
localization Add Swiss German (de_CH) translation. Oct 30, 2018
skins Update HTML and CSS for the elastic skin (dont use <tr> on elastic); … Nov 25, 2019
.gitignore Add .gitignore Sep 27, 2016
README.md Add minor updates to README. Nov 25, 2019
composer.json Release version 1.2.2 Nov 25, 2019
config.inc.php.dist Support ReCAPTCHA v3 and v2 invisible; deprecate config vars recaptch… Nov 8, 2019
rcguard.php

README.md

Roundcube plugin rcguard

Introduction

This plugin logs failed login attempts and requires users to go through a reCAPTCHA verification process when the number of failed attempts go too high. It provides protection against automated attacks.

Failed attempts are logged by IP and stored in a database table. IPs are also released after a certain expire amount of time.

Installation

IMPORTANT: This plugin requires reCAPTCHA API keys to work properly.
These can be obtained from https://www.google.com/recaptcha.

With Composer

Add this plugin dsoares/rcguard to the require section of your Roundcube composer.json, run composer update and enable rcguard in the main Roundcube configuration file.
OR just run:

composer require dsoares/rcguard

Copy config.inc.php.dist to config.inc.php and modify as necessary.

Manually

Place the contents of this directory under plugins/rcguard and enable rcguard in the main Roundcube configuration file.

Copy config.inc.php.dist to config.inc.php and modify as necessary.

Use the files under SQL/ to create the database schema required for rcguard. The table should be created in the database used by Roundcube.

Customizing reCAPTCHA

You may customize the following in the config.inc.php file:

  • the API version: v3, v2invisible or v2;
  • the v2 widget theme: light or dark;
  • the v2 widget size: normal or compact.

For more information about the widget please check the documentation about reCAPTCHA.

The plugin configuration file has several other options you may configure, please take at look.

Since May 2018, you can define a proxy (anonymous or authenticated) to request the recaptcha widget.

Supported databases

  • MySQL
  • PostgreSQL
  • SQLite

Contact

The original author of this plugin was Denny Lin. I forked it some years ago to 1) use reCAPTCHA v2.0, 2) add the larry skin and 3) because the project issues were taking too long to be answered. Also, the original project was not updated since 2015 and many things have changed in the meantime in Roundcube's API.

I will maintain this project because i need it working with the latest version of Roundcube.

Comments and suggestions are welcome (preferentially via issues).

Email: Diana Soares

License

This plugin is distributed under the GPLv3+ license.

This plugin also contains a PHP library for reCAPTCHA that is distributed under its own license. See the library file for the exact details.

You can’t perform that action at this time.