The recaptcha directive performs reCAPTCHA validation on incoming requests. Upon receiving a specified type of request, it extracts the response token and sends it to the reCAPTCHA server. If the request is invalid, recaptcha drops it and returns a 400 status code. This allows backends to simplify their code and logic. However, the recaptcha directive does not inject reCAPTCHA code into outgoing HTML pages. Instead, that can be done with the http.filter plugin.

    v3 Syntax

    • secret is the secret key
    • action is the action
    • threshold is the lower bound of allowed scores
      • default is .5
    • method is the request method to validate
      • one of POST, PUT, PATCH
      • default is POST

    v2 Syntax

    • secret is the secret key
    • method is the request method to validate
      • one of POST, PUT, PATCH
      • default is POST

    Related Links

    Documentation

    Access the full documentation for this plugin off-site:

    Docs

    Plugin Help

    Plugin Website

    Visit http.recaptcha’s website for more information:

    Website

    Plugin Author: William Wang

    This plugin is independent of the Caddy project and is not endorsed or maintained by Caddy developers. Use at your own risk. Do not file issues for this plugin on Caddy’s bug tracker.