Google Recaptcha Not Working

It is very strange but the Google Recaptcha on my store is not working. When I used Google Recaptcha V2 (the display one), it does not appear in admin or front end. Also, the invisible reCaptcha v3 gives error “You cannot proceed with such operation, your reCaptcha reputation is too low”

I tried this in both http and https mode.

Following is my setup which I did after following the video tutorial by digitalstartup as well as Magento Dev Docs. All other things are working as expected. I have not installed PhpMyAdmin and Varnish as I don’t know the proper serverblock configuration for Nginx. Also, I removed Elasticsearch since it was consuming a lot of memory on t3.medium server on AWS. I determined that Elasticsearch is best installed separately. Also, since I am still developing and have not taken care of security related settings, I kept the ports 80, 443 restricted to inbound traffic from my ip only in aws security groups. But had changed that to “all traffic” on port 80 for limited time to check if captcha loads

AWS Ubuntu 20.04 on t3.medium
Percona 5.7 (instead of mariadb)
Nginx 1.18.1
Magento 2.3.5-p1
php 7.3

I have following questions to narrow the investigation:

  • What is the difference between allow_url_fopen = 1 and allow_url_fopen = On. (both php.ini files in fpm and cli directories have allow_url_fopen = on by default. Should I add “allow_url_fopen = 1” below or replace “on” with “1”?

*I also see following error in browser when inspecting elements:

reCaptcha.js:72 Refused to load the script ‘https://www.google.com/recaptcha/api.js?onload=globalOnRecaptchaOnLoadCallback&render=explicit&hl=en’ because it violates the following Content Security Policy directive: "script-src assets.adobedtm.com … Note that ‘script-src-elem’ was not explicitly set, so ‘script-src’ is used as a fallback.

_loadApi @ reCaptcha.js:72

I appreciate if you can provide any suggestions or solution.

Hi @jigbo and welcome

I can’t say that this is an issue that I’ve ever run into - Therefore, I’ve not got anything to suggest.

Do you see this error when you try to save the setting? Or when you load a web page after changing the setting?

Yes, having installed Elasticsearch on my smaller Sandbox Servers, I can definitely relate to the Memory hunger.

To the best of my knowledge, “1” and “On” are the same. However, the PHP documentation does seem to favour “1” (Ref: Runtime Configuration).

This console error might not a red herring. I have a video coming out about this in a couple of weeks.

Thank you, Craig. I determined that this error was related to the CSP which came in Magento 2.3.5 and Magento 2 document suggests to create a custom module to whitelist the third-party scripts such as Google API, Google Recaptcha.

I read in many other articles that CSP is not mature and does not solve the practical security issues so I disabled it which actually removed the error.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.