An implementation of either ReCaptcha (v3) or hCaptcha for detecting bot/spammer interaction with your site.
Download this plugin# and then follow the instructions below depending on your version of Textpattern. For bug reports, please raise an issue#.
Upload the plugin’s .zip file to the Admin→Plugins panel, install and enable the plugin.
To uninstall, delete the plugin from the Admin→Plugins panel.
- Unpack the plugin’s .zip file.
- If you’re intending to use ReCaptcha, upload the ReCaptcha library to your textpattern/vendors directory.
- Paste the code from the .txt file into the Textpattern Admin→Plugins panel, install and enable the plugin.
To uninstall:
- Delete the plugin from the Admin→Plugins panel.
- Remove ReCaptcha from the textpattern/vendors directory if it’s there.
- Visit the hcaptcha registration site
- Follow the instructions for obtaining site/secret keys for hCaptcha on your chosen domain.
- Visit your site’s Admin→Prefs panel and click the Captcha group from the list.
- Copy and paste the Site and Secret keys into the relevant boxes.
- Adjust the Score threshold if you are using an Enterprise account. 0.5 is average. hCaptcha uses risk scores that are the inverse of ReCaptcha. Higher values (towards 1.0) indicate a greater threat. 0.0 is no risk.
- Save the prefs.
- Visit the ReCaptcha registration site.
- Follow the instructions for obtaining site/secret keys for ReCaptcha v3 on your chosen domain.
- Visit your site’s Admin→Prefs panel and click the Captcha group from the list.
- Copy and paste the Site and Secret keys into the relevant boxes.
- Adjust the Score threshold if you wish. 0.5 is average. Higher values (towards 1.0) are more stringent, i.e. content with a higher score is required to pass. Lower values, towards zero, are more lenient.
- Adjust the time that the captcha response remains valid (default is 120 seconds). If you have complex forms you may wish to raise this. Set it to zero to disable this feature.
- Save the prefs.
Somewhere in your Page/Form template that you wish to employ the captcha, add this tag:
<txp:ext_captcha /> or <ext::captcha />
If the plugin is used within a com_connect form, a zem_contact form, a mem_form or a Textpattern comment form and the test fails, the plugin will raise a “SPAM” evaluation result, forbidding the form submission.
Todo.
Written by Stef Dawson. Rowan Merewood for the recaptcha v3 library.