Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Making recaptcha work with a reverse proxy

Tags:

reverse-proxy

recaptcha

I am trying to include a recaptcha verification on a 'forgot password' screen for users that are trying to connect to a mobile hotspot. Prior to logging in, they have very limited access through the firewall, and therefore the forgot password screen can't download the js file from the standard script generated by Recaptcha.createRecaptchaHtml:

<script type="text/javascript" src="https://www.google.com/recaptcha/api/challenge?k=...."></script>

I can get around this by changing the src above to point to a local address, and setting up a reverse proxy to forward it to google.

However, this call downloads an additional javascript (https://www.google.com/recaptcha/api/js/recaptcha.js) file that contains more references to google (and I believe other sites as well) that the page cannot reach.

Question: Has anyone tried to do something like this, and is there an elegant solution? If not, I will resort to a simpler captcha solution that requires fewer firewall changes.

like image 281
pierus Avatar asked Jul 10 '14 18:07

pierus

People also ask

How can I integrate reCAPTCHA in my site?

Add Google reCAPTCHA to a formClick the pencil icon or Edit on the form or newsletter block. In the Storage tab, click Google reCAPTCHA. Switch the Use Google reCAPTCHA toggle on. Repeat these steps for all form blocks on your site where you want to add a reCAPTCHA.

Why is reCAPTCHA blocking me?

reCAPTCHA support Unfortunately it may happen to good users like you for a few reasons: You may be on a shared network that is being used abusively. Your internet service provider may have recently assigned you a suspicious IP address. The site you are trying to access may be currently under heavy attack.

Does reCAPTCHA v3 stop bots?

While reCAPTCHA v2 and v3 can help block some bot traffic, they cannot stop advanced scalper bots, scraper bots, DDoS, ATO attacks, etc.

How do I fix reCAPTCHA verification failed?

Help for reCAPTCHA usersMake sure your browser is fully updated (see minimum browser requirements) Check that JavaScript is enabled in your browser. Try disabling plugins that might conflict with reCAPTCHA.

1 Answers

For anyone still wondering, I ended up using a lighter-weight captcha solution that did not require additional calls.

like image 142
pierus Avatar answered Sep 19 '22 20:09

pierus
Sign in to Comment

Related questions

Spring Security SAML, Redirects going to HTTP instead of HTTPS when using SAMLContextProviderLB set to HTTPs scheme
How do I set up a reverse proxy on a Mac?
NodeJS multiple websites
Rewrite rules for response headers in IIS 7 (replacing the cookie path)
How to fix URL Rewriting for links inside CSS files with IIS7
Prevent Jenkins access on port 8080
Csrfguard behind a reverse proxy
Nginx reverse proxy on unix socket for uvicorn not working
Apache Reverse Caching Proxy - why isn't it caching?
REST API caching, should I use a Reverse proxy or memcache(d)?
Create a Reverse Proxy in NodeJS that can handle multiple secure domains
nginx: [emerg] "server" directive is not allowed here in /etc/nginx/nginx.conf:98
CloudFront how to setup reverse proxy on an existing distribution serving website from S3
How does a reverse proxy server improve your security?
Apache Rewrite then Proxy Pass
How to run twisted with flask?
Does a reverse proxy make node.js safe?
Nginx gunzip POST requests to backend
Traefik as a simple Http Reverse Proxy not working
infinite timeout for reverse proxy in Apache

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!