Anti-Spam Options - [BetoPho] reCaptcha v3 Login Integration

There are several requests to make this around the forum, so I guess I would contribute one.

Product Information
Provide reCaptcha intergration for vBulletin 4's login process that can check for bots or unsafe traffics using Google's famous reCaptcha engine.

Main Features

• Ultilizing reCaptcha v3 advantages: invisible checks that can determine how safe a user/traffic is, from very likely human to very likely bot, using reCaptcha's 'score' system.
• Performing specific actions to unsafe users/traffics, reject the login or redirect to another URL.
• Bad traffic users captured by the product will just be displayed with an invalid login screen.
• Ability to exclude users that won't be checked by reCaptcha.
• Lightweight and easy to configure.
• Simple installation: Install - Get reCaptcha keys - Configure the action - Done.

Future Versions Planning

• Expanding integration with other forum sections, like thread/post posting, PM, album, etc.
• Expanding integration with other activities, like register, search, page viewing, etc.
• Combining suport with reCaptcha v2, adding additional layer of human verification, for example, only when reCaptcha v3 detected likely unsafe traffic, verification form from v2 will show for the user to verify.
• Admincp Dashboard to view all failed login attemps captured by reCaptcha.
• Support for vBulletin 3 & 5.
• You name it.

Details

• Files upload: none
• Plugins: 6
• Templates: 3 (2 templates, 1 CSS template)
• Phrases: 2

Instructions

1. (Preparation) Have your reCaptcha v3 keys ready first. reCaptcha homepage.
2. Import the product XML file using Product section.
3. Go to Options > [BetoPho] reCaptcha Integration.
4. Insert the keys first (this product won't work without the keys).
5. Configure and start using.

Additional Instructions

1. To check if automatic template works, after putting the keys and configuring everything, view the homepage source (with the login form) as a Guest user and search for this code:
   
   HTML Code:

   <input type="hidden" name="btp_rcaptcha_response" id="btp_rcaptcha_input">

   If found, it's good. If not found, it means you are using modified templates/style.
2. In case it's not found, modify the template with the login form (usually 'header' template, might be other one depends on your style), search for the login form:
   
   HTML Code:

   action="login.php?do=login"

   When found, insert the product code in the #1 section into anywhere inside of the form. For example, it will look like this:
   
   Code:

   <form id="navbar_loginform" action="login.php?do=login" method="post" (other codes...)>
   ...
   <input type="hidden" name="btp_rcaptcha_response" id="btp_rcaptcha_input">
   ...
   </form>

   Then it will work.

Let me know if you have any questions or suggestions.
Thank you

Changelog
1.0.0 - Jul 05 2019

• Initial Release

1.1.0 - Jul 07 2019

• Fix Admincp/Modcp locked out issue
• Cleaning up codes and preparation for additional features

[CvP]

In the login_failure/login_verify_success hook, you should use these variables instead of hardcoded admincp/modcp:

$config['Misc']['admincpdir']
$config['Misc']['modcpdir']

[BetoPho]

Quote:

Originally Posted by CvP

In the login_failure/login_verify_success hook, you should use these variables instead of hardcoded admincp/modcp:

$config['Misc']['admincpdir']
$config['Misc']['modcpdir']

Thank you. I actually modified that already and will be included in the upcoming release

[deadlyruler]

The latest version 1.1.0 locked me out of my administration panel with the error Parse error: syntax error, unexpected T_BOOLEAN_AND, expecting ')' in public_html/forum/includes/functions_login.php(203) : eval()'d code on line 1
Unable to add cookies, header already sent.
File: public_html/forum/includes/functions_login.php(203) : eval()'d code
Line: 1

[cm826]

Can you modify this plugin and make it to verify Private Message action instead of login? I understand the new functionality will become available in future iterations but I desperately need a captcha method to counter Private Message Spam

[dknelson]

I had to remove this. It created a problem where people couldn't login to the site except at the upper right corner, nabber. Anytime there was as login page such as somebody trying to reset their password or whatever, it gave a username/passeword not recognized error.

[JnGirard]

Hi Betopho,
- do you plan to release an upgrade version to get us replace the deprecated reCaptcha v1 of vbulletin4 ?
- if yes, will there be an option to just use it on, let say, register only, and not enable your native login protection feature ?

[dennisuello]

I get an error

'input is null'

in

<script>
grecaptcha.ready(function() {
grecaptcha.execute("6Len8bMUAAAAAHw9MGP3IRwSY5xeWq b76uxjAiTi", {action: "login"}).then(function(token) {
let input = document.getElementById("btp_rcaptcha_input");
input.value = token;
});
});
</script>

[Hostboard]

Very very interested in this being able to replace the now depreciated v1 across the board in VB.
Can you also add a protected user group option?

[Grouper]

Is there an update to this plugin?

[Hostboard]

Been getting hammered with registrations of late. Went ahead and installed. Locked out of ACP. Had to disable plugins, and disable this... To nandthis had promise... Willing to pay someone to fully develop it to where it replaces the entire now defunct captchya system