Google reCAPTCHA
Due to potential security risks while using reCAPTCHA v2 and Invisible reCAPTCHA, we strongly recommend that you update your settings to use reCAPTCHA v3. A hotfix to add support for reCAPTCHA v3 is available for WHMCS 8.10.
- Download and apply the hotfix now.
- For steps to switch to reCAPTCHA v3 after applying the hotfix, see Enabling reCAPTCHA v3 below.
Preventing bots from accessing your website and store is challenging but vital for your business. Various verification methods can help you achieve this, with varying levels of accuracy for you and difficulty for your customers. Methods that are the most effective at catching bots can also create frustration for clients and loss of potential customers.
- reCAPTCHA can help resolve this issue without increasing customer frustration, using an advanced, secure risk analysis engine.
- Invisible reCAPTCHA offers similar protection but allows most customers to proceed with no interruption.
How reCAPTCHA Works
When a visitor takes certain actions on your site:
- The system will require them to check a checkbox to verify that they are human.
- Google’s risk analysis engine will analyze the way in which the user checked the checkbox, including their behavior before, during, and after the action.
- If Google is able to verify that the user is human, they can proceed. If Google is not able to verify this, a mobile-friendly verification tool like a CAPTCHA or image selection will appear.
Enabling reCAPTCHA v2
To enable Google reCAPTCHA:
- Go to the Security tab at Configuration () > System Settings > General Settings.
- For Captcha Type, select reCAPTCHA v2.
- For Captcha for Select Forms, select the locations in which you want to use reCAPTCHA.For more information, see Captcha for Select Forms.
- Log in to your Google account.
- Select I’m not a robot.
- Enter your domain under the domains section.
- Accept the Google Terms of Service.
- Click Register.
- Copy the Site Key and Secret Key that Google generated and enter them in WHMCS.
- Click Save Changes.
Enabling Invisible reCAPTCHA
To enable the Invisible reCAPTCHA feature for the shopping cart:
- Go to the Security tab at Configuration () > System Settings > General Settings.
- For Captcha Type, select Invisible reCAPTCHA.
- For Captcha for Select Forms, select the locations in which you want to use reCAPTCHA.For more information, see Captcha for Select Forms.
- Log in to your Google account.
- Enter a label for your key.
- Select reCAPTCHA v2.
- Select Invisible reCAPTCHA badge.
- Enter your domain under the domains section.
- Accept the Google Terms of Service.
- Click Register.
- Copy the Site Key and Secret Key that Google generated and enter them in WHMCS.
- Click Save Changes.
Enabling reCAPTCHA v3
- Google reCAPTCHA v3 support is only available for WHMCS 8.10.
- To enable reCAPTCHA v3 in WHMCS 8.10, you must first download and apply the necessary hotfix.
To enable the reCAPTCHA v3:
- Go to the Security tab at Configuration () > System Settings > General Settings.
- For Captcha Type, select reCAPTCHA v3.
- Log in to your Google account.
- Select I’m not a robot.
- Enter your domain under the domains section.
- Accept the Google Terms of Service.
- Click Register.
- Copy the Site Key and Secret Key that Google generated and enter them in WHMCS.
- For reCAPTCHA Score Threshold, enter the desired minimum score for reCAPTCHA verification. You can enter a value between
0
(least restrictive) and1
(most restrictive). For example,.5
. - For Captcha for Select Forms, select the locations in which you want to use reCAPTCHA.For more information, see Captcha for Select Forms.
- Click Save Changes.
Last modified: July 25, 2024