Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
litespeed_wiki:config:recaptcha [2019/08/14 11:44]
qtwrk
litespeed_wiki:config:recaptcha [2020/05/20 20:25]
Shivam Saluja Remove space from RewriteRule
Line 54: Line 54:
  
  
-===== Advanced Configuration:​ Define ​reCAPTCHA ​Actions Through Rewrite Rules =====+===== Set "​Trusted <​ip>"​ in .htaccess to bypass ​reCAPTCHA ​check ====
  
-If you want to further define the reCAPTCHA action as ''​deny''​ or ''​drop''​, you can use one of the following rewrite rule directives ​in control panel virtual host document root .htaccess:+Since LSWS 5.4RC1, LSWS added virtual host trusted IP support, where you use ''​Trusted 1.2.3.4, 5.6.7.8'' ​for IPv4 or ''​Trusted [2001:​db8:​85a3:​8d3:​1319:​8a2e:​370:​7348]'' ​for IPv6 in Virtual Host document root .htaccess ​to bypass reCAPTCHA, it also unblock blocked IP and make that IP trusted for that vhost.
  
-''​[E=verifycaptcha]''​ or ''​[E=verifycaptcha:​ ACTION]''​ 
  
-''​[E=verifycaptcha]''​ will always redirect ​to reCAPTCHA ​until verified. ''​ACTION'' ​can be ''​deny''​ to return a 403 or ''​drop'' ​to drop the connection when **Max Tries** is reached. Until Max Tries is reached, the client will be redirected to reCAPTCHA.+===== End-user can define reCAPTCHA Actions Through Rewrite Rules in .htaccess ===== 
 +If Server System Admin would like the end-user ​to control/​enable ​reCAPTCHA ​through ​.htaccess, System Admin will need to enable reCAPTCHA from server level globally and set server sensitivity to ''​0'' ​first.  
 + 
 +''​[E=verifycaptcha]'' ​can be used to enable reCAPTCHA to override server-level ​''​0'' ​sensitivity.
  
 For example: For example:
  
-<​code>​RewriteCond SOME-CONDITIONAL-CHECK +<​code>​ 
- +<​IfModule LiteSpeed>​ 
-RewriteRule .* - [E=verifycaptcha]</​code>​+RewriteCond SOME-CONDITIONAL-CHECK 
 +RewriteRule .* - [E=verifycaptcha] 
 +</​IfModule>​ 
 +</​code>​
  
 (''​SOME-CONDITIONAL-CHECK''​ would be a suspicious UA, IP address, etc.) (''​SOME-CONDITIONAL-CHECK''​ would be a suspicious UA, IP address, etc.)
  
-**NOTE**: In most cases, rewrite rules will override the default server behavior. However, in cases where trigger sensitivity is high, visitors may be sent directly to reCAPTCHA before the rewrite rules can even be processed.+The end user can even further define the reCAPTCHA action as ''​deny''​ or ''​drop''​ in .htaccess through ''​[E=verifycaptcha:​ACTION]''​ 
 + 
 +For example: 
 +<​code>​ 
 +<​IfModule LiteSpeed>​ 
 +RewriteCond SOME-CONDITIONAL-CHECK 
 +RewriteRule .- [E=verifycaptcha:​deny] 
 +</​IfModule>​ 
 +</​code>​ 
 + 
 +or  
 + 
 +<​code>​ 
 +<​IfModule LiteSpeed>​ 
 +RewriteCond SOME-CONDITIONAL-CHECK 
 +RewriteRule .- [E=verifycaptcha:​drop] 
 +</​IfModule>​ 
 +</​code>​ 
 + 
 +**NOTE1**''​[E=verifycaptcha]''​ will always redirect to reCAPTCHA until verified. ''​ACTION''​ can be ''​deny''​ to return a 403 or ''​drop''​ to drop the connection when **Max Tries** is reached. Until Max Tries is reached, the client will be redirected to reCAPTCHA. 
 + 
 +**NOTE2**: In most cases, rewrite rules will override the default server behavior. However, in cases where trigger sensitivity is high, visitors may be sent directly to reCAPTCHA before the rewrite rules can even be processed.
  
 ===== Customize the Good Bots List ===== ===== Customize the Good Bots List =====
  • Admin
  • Last modified: 2020/05/20 20:25
  • by Shivam Saluja