How to Create a reCAPTCHA Key and Secret Port
reCAPTCHA is an essential tool for protecting websites from spam and abuse by distinguishing between humans and bots. Google reCAPTCHA offers different versions, including v2 and v3, each suited for different security needs. This guide will walk you through the process of creating a reCAPTCHA key and secret key to integrate into your website.
Step-by-Step Guide to Generating a reCAPTCHA Key and Secret Key
Step 1: Visit the Google reCAPTCHA Website
- Open your browser and go to Google reCAPTCHA.
- Click on the Admin Console button at the top right.
Step 2: Register a New Site
- Sign in with your Google account.
- Enter a label to identify the site (e.g., “My Website reCAPTCHA”).
- Choose the type of reCAPTCHA:
- reCAPTCHA v2: Offers a checkbox challenge, an invisible verification, or an Android-specific solution.
- reCAPTCHA v3: Works in the background and assigns a score based on the user’s behavior.
- Enter your website domain (e.g.,
example.com). - Accept the reCAPTCHA Terms of Service.
- Click Submit to generate the keys.
Step 3: Copy the reCAPTCHA Keys
- After submitting, Google will provide you with two keys:
- Site Key: Used in the front-end HTML code.
- Secret Key: Used in the back-end to verify user responses.
- Keep the Secret Key confidential to prevent unauthorized access.
Step 4: Implement reCAPTCHA on Your Website
- Add the following script in the
<head>section of your HTML:<script src="https://www.google.com/recaptcha/api.js" async defer></script> - For reCAPTCHA v2 (Checkbox), use the following code where you want the reCAPTCHA to appear:
<form action="verify.php" method="POST"> <div class="g-recaptcha" data-sitekey="YOUR_SITE_KEY"></div> <br> <input type="submit" value="Submit"> </form> - For reCAPTCHA v3, use the following:
<script> grecaptcha.ready(function() { grecaptcha.execute('YOUR_SITE_KEY', {action: 'homepage'}).then(function(token) { document.getElementById("recaptchaResponse").value = token; }); }); </script> <input type="hidden" id="recaptchaResponse" name="recaptchaResponse">
Step 5: Verify reCAPTCHA Response in Backend
- In PHP, you can verify the response using the Secret Key:
<?php $secretKey = "YOUR_SECRET_KEY"; $response = $_POST['g-recaptcha-response']; $remoteIP = $_SERVER['REMOTE_ADDR']; $url = 'https://www.google.com/recaptcha/api/siteverify'; $data = ['secret' => $secretKey, 'response' => $response, 'remoteip' => $remoteIP]; $options = [ 'http' => [ 'header' => "Content-type: application/x-www-form-urlencoded\r\n", 'method' => 'POST', 'content' => http_build_query($data), ], ]; $context = stream_context_create($options); $result = file_get_contents($url, false, $context); $jsonResult = json_decode($result); if ($jsonResult->success) { echo "Verification successful!"; } else { echo "Verification failed!"; } ?>
Conclusion
Integrating Google reCAPTCHA into your website enhances security and reduces spam attacks. By following these steps, you can successfully generate and implement reCAPTCHA keys for your website.
Sumit Kumar Jha Web Developer
With over 4 years of industry expertise, SD Cares Enterprises is dedicated to delivering top-notch services. We pride ourselves on our commitment to excellence, ensuring that every project is handled with the utmost care and professionalism.
Website: https://sdcaresenterprises.com