Magento comes bundled with a Google reCaptcha module which will add an extra layer of security to your Online Store.” Google reCaptcha” is designed to identify humans from bots and consequently to prevent spam, phishing and hacker attacks on your website. We will guide you on how to enable it on your Magento Online Store and secure your store’s front and backend.
In order to begin, please log in to your Magento Admin Dashboard and navigate through the left menu bar to Stores > Configuration.
Once you access the “Configuration” page, please click on “Google reCaptcha” located under the “Security” tab.
Under this page, you will need to enter your Google API keys and you will be able to control where on your website reCaptcha will be enabled.
The required API keys need to be obtained from your “Google reCAPTCHA” account. In case you do not have an existing account, please go ahead a create a new one here.
Once your account is successfully created you will have to register a new site.
Under the “Label” field, please enter a title that will help you easily recognize this site in the future.
From the options below, please select your desired verification type. If you are uncertain what is the exact difference between these types, please take a moment to review Google’s official documentation available here.
You will also need to enter the domain name of your Magento store into the empty field available under “Domains”. Please note that it includes all subdomains associated with your main domain name.
Please, make sure to tick the “Accept the reCAPTCHA Terms of Services” checkbox and then click on the “SUBMIT” button.
Afterward, you will be provided with the required “Site Key” and “Secret Key”. Please make sure to keep these keys safe as they are sensible data.
Now you are all set here. Please, go back to the “Google reCaptcha” page under your Magento Admin Dashboard.
Under the “General” section you will have to enter the API keys you have just obtained from your “Google reCaptcha” account. Please copy/paste each of the keys into the corresponding empty fields.
From the “Backend” section you can determine whether Google reCaptcha will be enabled on your Magento Admin login page. In order to enable it, please select “Yes” from the “Enabled” dropdown menu.
From the “Theme” dropdown menu you can select the color type of the reCaptcha form. You will be provided with two options - “Lighter theme” and “Darker theme”. Please make sure to untick the “Use system value” checkbox in order to be able to select the one you prefer.
From the “Size” dropdown menu you can choose the proportions of the reCaptcha form. You will be able to select between “Normal” and “Compact”.
Lastly, from the “Frontend” section you will be able to enable Google reCaptcha on your store’s frontend pages. Similarly to the backend, you will be able to select the “Theme” and “Size” of the reCaptcha form, but you will need to configure a few additional settings.
From the “reCaptcha type” dropdown menu you can select the type of the form. You can go with the regular reCaptcha form or you can choose the “Invisible reCaptcha” type which will slightly hide the form. If you select this setting you will be provided with an additional “Badge Position” setting to select where exactly you would like the form to be positioned - “Botton Right”, “Bottom Left” or “Inline”.
Under the “Language Code” field you can enter the default language used for the reCaptcha form. You may review the codes of all supported languages here. If you do not specify any value the language used will be determined based on the visitor’s location.
The following settings will allow you to control on which pages of your store’s frontend reCaptcha will be enabled. In order to exclude a given page, please untick the “Use System Value” checkbox and choose “No” from the corresponding dropdown menu. Since the settings clearly indicate the pages in question we will not dig into each of them. We will allow ourselves to recommend you to at least keep it enabled on the “Contact” form in order to protect your website from spam attacks which are pretty common on Contact forms.
Once you are ready, please do not forget to click on the “Save Config” button and you will be all set.
If at some point you happen to experience any difficulties with Google reCapctha on your Magento Store you can disable it globally by executing the following command via the command line:
bin/magento msp:security:recaptcha:disable
Please note that this command requires the permissions of the “magento” binary file set to 0777 (Magento Installation root directory > bin > magento). You can change the permission directly via the command line or through the “File Manager” available in your cPanel account. If you have any difficulties changing the permissions, please make sure to contact our Technical Support staff for further assistance.
We would like to recommend you to go ahead and test each of the pages you have decided to enable Google reCaptcha on, just to make sure everything was properly set up. As you have probably noticed the configuration of Google reCaptcha is quite easy and straight to the point, therefore we hope you have managed to enable it without much of a hassle. In case you happened to experience any sort of difficulties do not hesitate to contact our Support Team for further instructions.
Sebahat is a young and bright woman who has become an invaluable part of our team. She started as a Customer Care Representative, mastering that role and, along the way, growing into a tech-savvy individual who is well acquainted with every support layer of the company. Driven by her aim to improve our customers’ experience constantly, she is committed to enhancing the extraordinary support we deliver.