From 1b4ed0ade5fedd88f6a1377ef60168d6e24b5fd9 Mon Sep 17 00:00:00 2001 From: DMRobertson Date: Tue, 21 Nov 2023 12:39:50 +0000 Subject: deploy: bb86eb98147d4b9d78bcd564133666f2d777c5c3 --- v1.97/CAPTCHA_SETUP.html | 224 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 224 insertions(+) create mode 100644 v1.97/CAPTCHA_SETUP.html (limited to 'v1.97/CAPTCHA_SETUP.html') diff --git a/v1.97/CAPTCHA_SETUP.html b/v1.97/CAPTCHA_SETUP.html new file mode 100644 index 0000000000..879a3289f3 --- /dev/null +++ b/v1.97/CAPTCHA_SETUP.html @@ -0,0 +1,224 @@ + + + + + + Registration Captcha - Synapse + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
+ +
+ + + + + + + +
+
+ +
+ +
+ +

Overview

+

A captcha can be enabled on your homeserver to help prevent bots from registering +accounts. Synapse currently uses Google's reCAPTCHA service which requires API keys +from Google.

+

Getting API keys

+
    +
  1. Create a new site at https://www.google.com/recaptcha/admin/create
    2. +
  2. Set the label to anything you want
    3. +
  3. Set the type to reCAPTCHA v2 using the "I'm not a robot" Checkbox option. +This is the only type of captcha that works with Synapse.
    4. +
  4. Add the public hostname for your server, as set in public_baseurl +in homeserver.yaml, to the list of authorized domains. If you have not set +public_baseurl, use server_name.
    5. +
  5. Agree to the terms of service and submit.
    6. +
  6. Copy your site key and secret key and add them to your homeserver.yaml +configuration file +
    recaptcha_public_key: YOUR_SITE_KEY
+recaptcha_private_key: YOUR_SECRET_KEY
+
    +
    7. +
  7. Enable the CAPTCHA for new registrations +
    enable_registration_captcha: true
+
    +
    8. +
  8. Go to the settings page for the CAPTCHA you just created
    9. +
  9. Uncheck the "Verify the origin of reCAPTCHA solutions" checkbox so that the +captcha can be displayed in any client. If you do not disable this option then you +must specify the domains of every client that is allowed to display the CAPTCHA.
    10. +
+

Configuring IP used for auth

+

The reCAPTCHA API requires that the IP address of the user who solved the +CAPTCHA is sent. If the client is connecting through a proxy or load balancer, +it may be required to use the X-Forwarded-For (XFF) header instead of the origin +IP address. This can be configured using the x_forwarded directive in the +listeners section of the homeserver.yaml configuration file.

+ +
+ + +
+
+ + + +
+ + + + + + + + + + + + + \ No newline at end of file -- cgit 1.5.1