Plugin - Google reCaptcha v3 (Spam Protection)

Downloading and Installing the plugin

Download

You can download the plugin by logging with your purchase user, then head to Downloads > Paid Downloads > RSForm!Pro > Modules & Plugins > "Google reCAPTCHA v3".

Install

Go to Extensions > Manage > Install, and upload and install the plugin. Next thing would be to check if the plugin is published. Go to Extensions > Plugins, search for "System - RSForm! Pro reCAPTCHA v3" and ensure it is published.

What is reCaptha v3

The 3rd version of reCAPTCHA includes a new way to stop bots, more precisely, the 'Action' concept has been included as a tag that you can use to define the key steps of your user path and enable reCAPTCHA to run its risk analysis in context.

reCaptcha v3 does not physically interact with your website visitors, there are no puzzles to solve or icons displayed. Given the fact, Google recommends adding reCAPTCHA v3 to multiple pages, in this way, the reCAPTCHA adaptive risk analysis engine is able to identify the pattern of attackers more accurately by looking at the activities across different pages on your website.

RSForm!Pro keeps up with the latest trends in spam prevention by including a plugin that provides the possibility to add a reCAPTCHA v3 field to any RSForm!Pro form.

Configuration

After installing and enabling the plugin you will see, in Components > RSForm!Pro > Configuration that a new tab was added, reCAPTCHA v3:

Three configuration parameters are required:

• Site Key: You can get this by registering your domain on the Google reCAPTCHA account
• Secret Key: You can get this by registering your domain on the reCAPTCHA account
• Load On All Pages: Yes / No - Setting this to Yes will load the reCAPTCHA script on all of your pages; this is helpful for reCAPTCHA to analyze your traffic and better understand which part of your traffic is legitimate.
• Allowable Threshold: reCAPTCHA V3 returns a score (1.0 is very likely a good interaction, 0.0 is very likely a bot). Any submission below this score will be blocked. The following Google doc article provides more information on how this score can be interpreted.
• Use async & defer: Yes) / No - Setting this to Yes will set the async and defer attributes on the external ReCAPTCHA script tag.
• Domain: Change between loading the reCAPTCHA assets from google.com or recaptcha.net; this is useful for cookies control, since google.com can fetch other cookies along with the request.

The Form Field

To add a reCAPTCHA v3 field to your form, head to Components > RSForm!Pro > Manage Forms > edit your form > Form Fields > scroll down to reCAPTCHA v3 and click on it. The field is a Hidden type and includes the following configuration tabs:

General

• Name: Type in an internal name for the field
• Published: Yes / No.

Attributes

• reCaptcha Action: Unlike the previous version and being a hidden field, this area provides only one option. This is the 'action' parameter that will be used with this reCAPTCHA instance. These actions may only contain alphanumeric characters and slashes, and must not be user-specific. By default, this is set to 'contactform'.

In the reCAPTCHA admin console, you can get a full overview of reCAPTCHA score distribution and a breakdown for the stats of the top 10 actions on your site, to help you identify exactly which pages are being targeted by bots and how suspicious the traffic was on those pages.