This guide will review how to set up ReCaptcha v3 in Aspenware Commerce. For more information about ReCaptcha (including former versions of ReCaptcha available through Aspenware Commerce) see our documentation hub. For a general overview see Google ReCaptcha v3 documentation.
Overview
The new reCAPTCHA v3 API helps you detect abusive traffic without user interaction. Instead of showing a CAPTCHA challenge (as with older versions), reCAPTCHA v3 returns a score. Resorts can then choose the most appropriate action for their websites according to this score. Because scores are determined by monitoring user interaction on your site, Aspenware recommends implemented reCAPTCHA to begin site monitoring as soon as possible and across all possible interactions. In addition to disabling at any time, reCAPTCHA thresholds can also be adjusted see below for instructions on how to enable on Aspenware Commerce.
Configuration Guide
Preqequisite Steps
In order to user reCAPTCHA you will need to register your site and get your reCAPTCHA public and private keys at https://www.google.com/recaptcha/admin/create.
Detailed Setup Guide
Go to Aspenware Admin > Configuration > General Settings
Insert your public (site) and private (secret) keys.
sub bullet
Select “reCAPTCHA v3”
Select each of the other locations you would like reCAPTCHA v3 to monitor your site
Note: to receive the best sevurity benefits, Aspenware recommends resorts enable reCAPTCHA v3 to all locations
Set threshold to begin monitoring your site
Note: reCAPTCHA learns by seeing real traffic on your site. For this reason, scores in a staging environment or soon after implementing may differ from production. As reCAPTCHA v3 doesn't ever interrupt the user flow, you can first run reCAPTCHA without taking action and then decide on thresholds by looking at your traffic in the admin console. By default, you can use a threshold of 0.5 or to ensure NO ACTION is ever taken, you can set your threshold to 1.