reCAPTCHA#
To protect specific actions from abuse, configure reCAPTCHA credentials. You can register for credentials here.
Copy the corresponding values from Google into recaptcha.siteKey
and recaptcha.secretKey
fields or RCTF_RECAPTCHA_SITE_KEY
and RCTF_RECAPTCHA_SECRET_KEY
.
You must also configure recaptcha.protectedActions
as a list of strings specifying which actions require a reCAPTCHA.
Valid protected action values are:
register
recover
setEmail
For example, to prevent automated registration and recovery, use:
recaptcha:
siteKey: AAA
secretKey: BBB
protectedActions:
- register
- recover