2015-12-28 04:36:33 +00:00
|
|
|
# reCAPTCHA
|
|
|
|
|
2020-08-06 15:09:42 +00:00
|
|
|
GitLab leverages [Google's reCAPTCHA](https://www.google.com/recaptcha/about/)
|
2015-12-28 04:36:33 +00:00
|
|
|
to protect against spam and abuse. GitLab displays the CAPTCHA form on the sign-up page
|
|
|
|
to confirm that a real user, not a bot, is attempting to create an account.
|
|
|
|
|
|
|
|
## Configuration
|
|
|
|
|
2015-12-28 20:21:34 +00:00
|
|
|
To use reCAPTCHA, first you must create a site and private key.
|
2015-12-28 04:36:33 +00:00
|
|
|
|
2018-11-13 00:39:21 +00:00
|
|
|
1. Go to the URL: <https://www.google.com/recaptcha/admin>.
|
2018-12-07 21:47:34 +00:00
|
|
|
1. Fill out the form necessary to obtain reCAPTCHA v2 keys.
|
|
|
|
1. Log in to your GitLab server, with administrator credentials.
|
|
|
|
1. Go to Reporting Applications Settings in the Admin Area (`admin/application_settings/reporting`).
|
2019-09-30 06:06:02 +00:00
|
|
|
1. Fill all reCAPTCHA fields with keys from previous steps.
|
2018-11-13 00:39:21 +00:00
|
|
|
1. Check the `Enable reCAPTCHA` checkbox.
|
|
|
|
1. Save the configuration.
|
2020-07-13 12:09:18 +00:00
|
|
|
1. Change the first line of the `#execute` method in `app/services/spam/spam_verdict_service.rb`
|
|
|
|
to `return CONDITONAL_ALLOW` so that the spam check short-circuits and triggers the response to
|
|
|
|
return `recaptcha_html`.
|
|
|
|
|
|
|
|
NOTE: **Note:**
|
|
|
|
Make sure you are viewing an issuable in a project that is public, and if you're working with an issue, the issue is public.
|
2018-06-21 18:13:08 +00:00
|
|
|
|
|
|
|
## Enabling reCAPTCHA for user logins via passwords
|
|
|
|
|
|
|
|
By default, reCAPTCHA is only enabled for user registrations. To enable it for
|
|
|
|
user logins via passwords, the `X-GitLab-Show-Login-Captcha` HTTP header must
|
|
|
|
be set. For example, in NGINX, this can be done via the `proxy_set_header`
|
|
|
|
configuration variable:
|
|
|
|
|
2020-03-25 06:07:58 +00:00
|
|
|
```nginx
|
2018-06-21 18:13:08 +00:00
|
|
|
proxy_set_header X-GitLab-Show-Login-Captcha 1;
|
|
|
|
```
|
|
|
|
|
2020-04-30 03:09:32 +00:00
|
|
|
In Omnibus GitLab, this can be configured via `/etc/gitlab/gitlab.rb`:
|
2018-06-21 18:13:08 +00:00
|
|
|
|
|
|
|
```ruby
|
2020-07-28 12:09:49 +00:00
|
|
|
nginx['proxy_set_headers'] = { 'X-GitLab-Show-Login-Captcha' => '1' }
|
2018-06-21 18:13:08 +00:00
|
|
|
```
|