1 of 20
2 of 20
3 of 20
4 of 20
5 of 20
6 of 20
7 of 20
8 of 20
9 of 20
10 of 20
11 of 20
12 of 20
13 of 20
14 of 20
15 of 20
16 of 20
17 of 20
18 of 20
19 of 20
20 of 20

doc

How to install the reCaptcha solution through Azion’s Marketplace

Overview

reCAPTCHA is a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) solution designed to protect websites from bots and automated scripts by using a challenge-response test to determine whether the user is a human or a machine.

Google maintains and owns reCAPTCHA. The Google’s solution has been around for a long time and Google uses the data collected by reCAPTCHA to improve their services.

Along many features that you’ll find with reCaptcha, it’s possible to highlight the following:

  • API integration, which allows website owners to implement reCAPTCHA on their site.
  • Different types of challenges, such as image and audio-based challenges, that can be customized to the needs of the website.
  • Security features, such as rate limiting and automatic blocking of suspicious traffic, which help to protect your assets against bots and automated scripts.
  • Accessibility options for visually impaired users, such as an audio version of the challenge.
  1. Getting the solution
  2. Getting the keys on Google’s reCaptcha site
  3. Using the solution
    3.1 Setting up the Edge Firewall rule
    3.2 Setting up the solution
  4. Setting up the Edge Firewall Rules Engine

1. Getting the solution

reCaptcha is a serverless solution available at Azion Marketplace. This type of solution is mainly used for protecting domains against bots. It allows you to monitor traffic in your website by using the Google Dashboard for reCaptcha.

To use the reCaptcha solution provided by Azion Marketplace, you have to:

  1. Log in to your Real-Time Manager (RTM) account.
  2. On the upper left corner of the page, select Products menu > Marketplace.
  3. Select the search box and type “recaptcha” or browse through the cards to find the reCaptcha solution.
  4. Once you’ve found the reCaptcha card, select it to go to the solution page.
  5. On the solution page, look for the Subscribe for section on the bottom right corner.
  6. Click the Get It Now button.

You’ll see a message indicating that your solution was successfully installed and is ready to use.

2. Getting the keys on Google’s reCaptcha site

To use the reCaptcha solution, you have to provide two keys: your secret-key and your site-key.

To get these credentials, you’ll have to register at Google.

To do so, follow these steps:

  1. Go to Google reCaptcha admin dashboard.
    • If you don’t have a Google Account, you’ll be prompted to create one.
  2. Once you’ve signed-up to the reCaptcha account, you’ll be redirected to the website register page.
  3. On this page you have to fill in:
    • A label for your new reCaptcha site.
    • Which version of reCaptcha you want to use (you can choose from v2 or v3).
      • If you choose v2, you’ll be prompted to choose what kind of test you want to apply on your website. The options are: “I’m not a robot checkbox”, “Invisible reCaptcha”, and “reCaptcha Android”.

        Important: keep in mind that the Azion Marketplace reCaptcha solution was conceived to work with the v2 invisible option.

    • For what domain you want to run the reCaptcha. Remember to ignore the http:// or https:// for the domain name.
    • You have to accept the reCaptcha terms of service.
    • You have to choose if you want to receive alerts from Google about your site, such as misconfigurations and others.
    • Once you fill in all the information, click the Submit button.
  4. Now you have your site registered to use the reCaptcha. In the next screen, you’ll receive your keys: Site Key and Secret Key.

These two keys will be used to configure the Azion’s reCaptcha solution later on.

3. Using the solution

3.1 Setting up the Edge Firewall rule

To instantiate the reCaptcha solution, follow the steps:

  1. Under Products menu, select Edge Firewall in the SECURE section.
  2. Click the Add Rule Set button.
  3. Give an easy to remember name to your new rule.
  4. Select the domains you want to protect with the function.
  5. Click the Function switch to enable functions on your edge application..
  6. Click the Save button.

Done. Now you have instantiated the rule for your function.

3.2 Setting up the Edge Firewall function

To instantiate the reCaptcha solution, while still on the Edge Firewall page, select the Functions tab and follow these steps:

  1. Click the Add Function button.
  2. Give an easy to remember name to your instance.
  3. On the dropdown menu, select the reCaptcha function.

After you select the solution, a Code box will be loaded. This is just for study and can’t be modified.

In the same box, you have another tab: the Args tab. On the Args tab, you’ll pass the credentials you’ve obtained on the Google reCaptcha page.

The Args tab will load a JSON file which looks like this:

{
    "site_key": "site-key",
    "secret_key": "private-key",
    "expiration_in_seconds": 86400,
    "domain": ".azion.com",
    "after_check_redirect_url": "https://www.azion.com",
    "cookie_secret": "KEY_16_CHAR_LONG"
}

Where:

  • site_key: the site key you’ve obtained at Google’s reCaptcha page.
  • secret_key: the secret key you’ve obtained at Google reCaptcha page.
  • expiration_in_seconds: the time in seconds until the reCaptcha expires.
  • domain: your domain.
  • after_check_redirect_url: the URL you want to redirect after the user passes the reCaptcha test.
  • cookie_secret: this cookie is generated by the function and used in order for the functions to not re-run.

Due to the algorithm used in cryptography, the cookie_secret key must have 16 or 32 characters.

  1. Click the Save button.

Done. Now your reCaptcha instance is saved.

Optionally, you can pass other parameters to customize the messages you want on your reCaptcha and a custom HTML to render the challenge.

{
    "custom_message": "My message",
    "custom_html": "<html>... <!-- azion_captcha -->  .. </html>"
}

Where:

  • custom_message: it’s a customized message you want to show to the users.
  • custom_html: it’s the customized HTML to render the reCaptcha challenge box.

4. Setting up the Edge Firewall Rules Engine

To finish, you have to set up the Rules Engine to configure the behavior and the criteria to run the function.

Still on the Edge Firewall page, select the Rules Engine tab and follow these steps:

  1. Click the New Rule button.
  2. Give a name to the rule.
  3. Select a criteria to run and catch the domain you want to run the solution on. Example: if Hostname is equal xxxxxxxxxxxx.map.azionedge.net.
  4. Below, select a behavior to the criteria. In this case, it’ll be Run Function.
    • Select the adequate reCaptcha function according to the name you gave it in the instantiate step.
  5. Click the Save button.

Done. Now the reCaptcha solution is running for every request made to the domain you indicated.

Didn’t find what you were looking for? Open a support ticket.