SSPR has integrated support for the CAPTCHA protection. CAPTCHA prevents from automated attack. SSPR uses the online re CAPTCHA service for CAPTCHA generation and validation. You need to configure a reCAPTCHA account to use this service. Registration at the reCAPTCHA site provides a public and private key that you must configure in SSPR for the reCAPTCHA support.
To configure the CAPTCHA settings, perform the following steps:
In Configuration Editor, click Settings > CAPTCHA.
Configure the following settings:
reCAPTCHA Public Key: Specify the public reCAPTCHA key. Leave this field blank if you do not want to perform CAPTCHA verification.
reCAPTCHA Private Key: Click Set Password to create the private reCAPTCHA key. You can specify the key ly or generate a random one. Leave this field blank if you do not want to perform CAPTCHA verification.
Captcha Skip Parameter Value: Specify the parameters and include the skipCaptcha key for which you want to skip the CAPTCHA request. This setting is useful for internal clients and links where CAPTCHA is not required.
For example, if the parameter is okay, SSPR skips the CAPTCHA check for this request: /public/ForgottenPassword?skipCaptcha=okay.
CAPTCHA Protected Pages: Select the pages that must be CAPTCHA protected. The CAPTCHA validation is required only for the first instance of a session. If during the same session, user visits all those selected pages then he does not have to perform the CAPTCHA validation on each page.
Captcha Skip Cookie: Specify the browser cookies. for which you want SSPR to skip the CAPTCHA request.
Click the Save icon.