From 74007ef5eee52d565048a68f870200c84a3e5721 Mon Sep 17 00:00:00 2001 From: richvdh Date: Wed, 7 Jul 2021 09:44:14 +0000 Subject: deploy: 7c823789921ac34f1fee670be7ef7f6c8266832b --- latest/CAPTCHA_SETUP.html | 290 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 290 insertions(+) create mode 100644 latest/CAPTCHA_SETUP.html (limited to 'latest/CAPTCHA_SETUP.html') diff --git a/latest/CAPTCHA_SETUP.html b/latest/CAPTCHA_SETUP.html new file mode 100644 index 0000000000..e1a5654b91 --- /dev/null +++ b/latest/CAPTCHA_SETUP.html @@ -0,0 +1,290 @@ + + + + + + Registration Captcha - Synapse + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + + + + + +
+
+ +
+ +
+ +

Overview

+

A captcha can be enabled on your homeserver to help prevent bots from registering +accounts. Synapse currently uses Google's reCAPTCHA service which requires API keys +from Google.

+

Getting API keys

+
    +
  1. Create a new site at https://www.google.com/recaptcha/admin/create
    2. +
  2. Set the label to anything you want
    3. +
  3. Set the type to reCAPTCHA v2 using the "I'm not a robot" Checkbox option. +This is the only type of captcha that works with Synapse.
    4. +
  4. Add the public hostname for your server, as set in public_baseurl +in homeserver.yaml, to the list of authorized domains. If you have not set +public_baseurl, use server_name.
    5. +
  5. Agree to the terms of service and submit.
    6. +
  6. Copy your site key and secret key and add them to your homeserver.yaml +configuration file +
    recaptcha_public_key: YOUR_SITE_KEY
+recaptcha_private_key: YOUR_SECRET_KEY
+
    +
    7. +
  7. Enable the CAPTCHA for new registrations +
    enable_registration_captcha: true
+
    +
    8. +
  8. Go to the settings page for the CAPTCHA you just created
    9. +
  9. Uncheck the "Verify the origin of reCAPTCHA solutions" checkbox so that the +captcha can be displayed in any client. If you do not disable this option then you +must specify the domains of every client that is allowed to display the CAPTCHA.
    10. +
+

Configuring IP used for auth

+

The reCAPTCHA API requires that the IP address of the user who solved the +CAPTCHA is sent. If the client is connecting through a proxy or load balancer, +it may be required to use the X-Forwarded-For (XFF) header instead of the origin +IP address. This can be configured using the x_forwarded directive in the +listeners section of the homeserver.yaml configuration file.

+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file -- cgit 1.4.1