Since SuperOffice 8.5 R04 we have introduced a new feature in Forms - Google reCaptcha. It is possible to use it in both Onsite and Online offerings.
reCaptcha is found in Form - Fields - add element - Form elements:
Note that it is only possible to add one reCaptcha per form.
When the element is added you can decide how you'll use the Site and Secret keys:
In SuperOffice Online we, by default, provide you with our default keys. If you do not want to setup your own reCaptcha profile and do not need the statistics, you do not need to fill in anything to the Site key and Secret key. This way the reCaptcha element will work out-of-the-box using our predefined set of keys protecting your form from robots.
If you are interested in the reCaptcha statistics, you can make your reCaptcha profile (see below) and enter your own Site key and Secret key. Statistics provide information like Requests passed & failed, Average Score, Sessions completed, Average Response Time (for more info see https://www.google.com/recaptcha/admin once you make the profile).
For SuperOffice Onsite you need to make your own reCaptcha profile and get your Site and Secret key. If you do not want to enter the keys every time to the reCaptcha form element, you can specify them in the web.config for the NetServer used by Service. Then you do not need to give the keys for each form you create.
For reCaptcha to work in an Onsite installation, the NetServer needs to have access to the Google verification URL (see below). This is used to verify the reCaptcha attempt.
You need to add this line under the <sectionGroup name="SuperOffice"> <section name="GoogleRecaptcha" type="System.Configuration.NameValueSectionHandler, System, Version=1.0.5000.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
And these lines under the section <SuperOffice>:
<add key="VerificationUrl" value="https://www.google.com/recaptcha/api/siteverify" />
<add key="SiteKey" value="<sitekey>" />
<add key="SecretKey" value="<secretkey>" />
The above web.config changes need to be done only if you want to specify the keys in the web.config. reCaptcha will work without these but you will have to add the keys to the form each time.
If you add the keys to the web.config you still will be able to overwrite them and add different ones directly to the reCaptcha form element.
How to create Google reCaptcha profile
To create custom keys, you need to log in with a Google account to https://www.google.com/u/0/recaptcha/admin/create
- enter a site label
- select "reCAPTCHA v2"
- and then the ""I'm not a robot" Checkbox"
- add the domain. Under "domains", you must insert the domain that the Customer Center (customer.fcgi) is running on, or a parent domain of that sub domain.
After you press Submit, your Site key and Secret key will be shown: