- Joined
- Jul 25, 2024
- Messages
- 142
- Thread Author
- #1
For many years, XenForo has used reCAPTCHA as its default CAPTCHA provider to help mitigate spam and bot actions without requiring our customers to go through additional configuration. However, we have recently been informed that restrictions may be placed on the reCAPTCHA key included in XenForo. This may lead to CAPTCHAs not being enforced or failing to validate.
If you have not changed the default CAPTCHA method, to avoid disruption, we urge customers to take one of the actions below to resolve this issue.
Best solution:
Once you've upgraded to XenForo 2.2.5 (or any subsequent release), there are no other actions you need to take to resolve this issue.
Alternative solution:
If upgrading XenForo is not an option, you can also avoid disruption by choosing a different CAPTCHA provider in the XenForo control panel. To change this:
If you wish to continue using reCAPTCHA, you must register your site directly with them. To do this:
If you have not changed the default CAPTCHA method, to avoid disruption, we urge customers to take one of the actions below to resolve this issue.
Best solution:
Upgrade to XenForo 2.2.5
Alongside this announcement, we have released XenForo 2.2.5 which changes the default CAPTCHA provider to hCaptcha. hCaptcha is used by many companies, including by CloudFlare all across the internet. We have contacted hCaptcha regarding our situation and they are excited to be the default CAPTCHA provider for XenForo and its customers.Once you've upgraded to XenForo 2.2.5 (or any subsequent release), there are no other actions you need to take to resolve this issue.
Alternative solution:
Change to a different CAPTCHA provider
(Note: this is only required if you are using the default reCAPTCHA configuration included in XenForo by default. If you have supplied your own reCAPTCHA keys or are using a different CAPTCHA provider already, there is no action for you to take.)If upgrading XenForo is not an option, you can also avoid disruption by choosing a different CAPTCHA provider in the XenForo control panel. To change this:
- Log into your XenForo control panel. In the left column, expand Setup and click Options.
- In the option group list, click Basic options.
- If you are running XenForo 2.2, the CAPTCHA option may be hidden by default. Scroll to the bottom of the page. If you see "...advanced option(s) have been hidden", click Show them.
- Look for the Enable CAPTCHA for guests option.
If you wish to continue using reCAPTCHA, you must register your site directly with them. To do this:
- Go to reCAPTCHA and click v3 Admin Console. If you do not have any sites registered with them yet, this will take you directly to a form to register a new site.
- Select reCAPTCHA v2 as the type and choose either "I'm not a robot" Checkbox or Invisible reCAPTCHA badge depending on your preferences.
- Complete the rest of the form as necessary and you will be provided with a site key and a secret key.
- Enter these into the CAPTCHA option in the XenForo control panel. If you selected the invisible option when setting up your key, ensure use invisible reCAPTCHA is selected in the XenForo control panel.
- Save the options.