forked-synapse/docs/CAPTCHA_SETUP.rst

Captcha can be enabled for this home server. This file explains how to do that.
The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google.

Getting keys
------------
Requires a public/private key pair from:

https://developers.google.com/recaptcha/


Setting ReCaptcha Keys
----------------------
The keys are a config option on the home server config. If they are not
visible, you can generate them via --generate-config. Set the following value::

  recaptcha_public_key: YOUR_PUBLIC_KEY
  recaptcha_private_key: YOUR_PRIVATE_KEY

In addition, you MUST enable captchas via::

  enable_registration_captcha: true

Configuring IP used for auth
----------------------------
The ReCaptcha API requires that the IP address of the user who solved the
captcha is sent. If the client is connecting through a proxy or load balancer,
it may be required to use the X-Forwarded-For (XFF) header instead of the origin
IP address. This can be configured using the x_forwarded directive in the
listeners section of the homeserver.yaml configuration file.
Update CAPTCHA_SETUP (it continues to ignore fallback, but I guess I should fix it so that doesn't need the key in two different places) 2015-03-30 13:27:42 -04:00			`Captcha can be enabled for this home server. This file explains how to do that.`
Add original, unmodified CAPTCHA-SETUP from the webclient repo before modifying (captcha setup is now purely on the HS). 2015-03-30 13:18:19 -04:00			`The captcha mechanism used is Google's ReCaptcha. This requires API keys from Google.`

			`Getting keys`
			`------------`
			`Requires a public/private key pair from:`

			`https://developers.google.com/recaptcha/`


Update CAPTCHA_SETUP (it continues to ignore fallback, but I guess I should fix it so that doesn't need the key in two different places) 2015-03-30 13:27:42 -04:00			`Setting ReCaptcha Keys`
			`----------------------`
rename CAPTCHA_SETUP this is rst so name it accordingly 2016-12-01 07:01:54 -05:00			`The keys are a config option on the home server config. If they are not`
			`visible, you can generate them via --generate-config. Set the following value::`
Add original, unmodified CAPTCHA-SETUP from the webclient repo before modifying (captcha setup is now purely on the HS). 2015-03-30 13:18:19 -04:00
Update CAPTCHA_SETUP (it continues to ignore fallback, but I guess I should fix it so that doesn't need the key in two different places) 2015-03-30 13:27:42 -04:00			`recaptcha_public_key: YOUR_PUBLIC_KEY`
Add original, unmodified CAPTCHA-SETUP from the webclient repo before modifying (captcha setup is now purely on the HS). 2015-03-30 13:18:19 -04:00			`recaptcha_private_key: YOUR_PRIVATE_KEY`
rename CAPTCHA_SETUP this is rst so name it accordingly 2016-12-01 07:01:54 -05:00
			`In addition, you MUST enable captchas via::`
Add original, unmodified CAPTCHA-SETUP from the webclient repo before modifying (captcha setup is now purely on the HS). 2015-03-30 13:18:19 -04:00
			`enable_registration_captcha: true`

			`Configuring IP used for auth`
			`----------------------------`
			`The ReCaptcha API requires that the IP address of the user who solved the`
			`captcha is sent. If the client is connecting through a proxy or load balancer,`
			`it may be required to use the X-Forwarded-For (XFF) header instead of the origin`
Update CAPTCHA_SETUP.rst X-Forwarded-For docs It looks like CAPTCHA_SETUP.rst contains information relevant to an old version of Synapse, but Synapse now has a different approach to configuring use of the X-Forwarded-For header. 2017-02-09 00:21:02 -05:00			`IP address. This can be configured using the x_forwarded directive in the`
			`listeners section of the homeserver.yaml configuration file.`