Skip to content

reCAPTCHA#

To protect specific actions from abuse, configure reCAPTCHA credentials. You can register for credentials here.

Copy the corresponding values from Google into recaptcha.siteKey and recaptcha.secretKey fields or RCTF_RECAPTCHA_SITE_KEY and RCTF_RECAPTCHA_SECRET_KEY.

You must also configure recaptcha.protectedActions as a list of strings specifying which actions require a reCAPTCHA.

Valid protected action values are:

  • register
  • recover
  • setEmail

For example, to prevent automated registration and recovery, use:

recaptcha:
  siteKey: AAA
  secretKey: BBB
  protectedActions:
    - register
    - recover