Magento Supports Google ReCaptcha Out of the box from Magento 2.4 Version. You can set it up from the Magento admin panel.
Using Google ReCaptcha on your site, You can secure your website forms from some malicious attacks and bots to secure your different form details. Only Humans can submit the form and you do not have to worry about bot attacks.
Go To Stores -> Configuration -> Security -> Google ReCaptcha Storefront.
From here, you can set up any required reCAPTCHA for your store.
Google reCAPTCHA can be implemented in three ways from the admin panel,
reCAPTCHA v2 (I am not a robot) – This will be a display checkbox and you need to challenge the security manually to confirm you are not a robot.
reCAPTCHA v2 Invisible – This will be used automatically to perform the challenge without user interaction. Sometimes you might be required to select specific images to complete a challenge in case of a suspect by Google.
reCAPTCHA v3 Invisible – This type is used by Google algorithm score Threshold and you don’t need to perform a challenge.
You Need Google API Website Key and Google API Secret key to enable ReCaptcha. You can create an account to fetch API keys from https://www.google.com/recaptcha.
If you have multiple websites, you need to register each domain (Like your_site.com, your_site_subdomain.com) to work recaptcha for your site.
There are many forms supported by default in Magento.
- Login Form
- Forgot Password
- Create New Customer Account
- Edit Customer Account
- Contact Us
- Product Review
- Newsletter Subscription
- Gift Card
- Invitation Create Account
- Send To Friend
- Checkout/Placing Order
- Coupon Codes
- PayPal PayflowPro payment
You can enable any captcha type to form by selecting a specific recaptcha value from the drop-down.
Now Let’s say you have enabled the captcha from the admin panel and you are facing an error like after submitting any specific form,
Something went wrong with reCAPTCHA. Please contact the store owner
There will be many root causes for this error.
- First You need to verify, Your Google API Website Key and Google API Secret Key value are correct and added without any space. If you suspect you can add it again from the Captcha account and save the configuration.
- If API keys are correct, check your domain is registered successfully on the Google recaptcha site.