How to install the reCAPTCHA integration through Azion Marketplace

reCAPTCHA is a serverless integration available at Azion Marketplace. This type of integration is mainly used for protecting domains against bots. It allows you to monitor traffic in your website by using the Google Dashboard for reCAPTCHA.

reCAPTCHA is a CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) integration designed to protect websites from bots and automated scripts by using a challenge-response test to determine whether the user is a human or a machine.

Google maintains and owns reCAPTCHA and uses the data collected by reCAPTCHA to improve their services.


Getting the integration

To install the reCAPTCHA integration provided by Azion Marketplace, you have to:

  1. Access Azion Console > Marketplace.
  2. On the Marketplace homepage, select the integration’s card.
  3. Once the integration’s page opens, click the Install button.

You’ll see a message indicating that your integration was successfully installed.


Getting the keys on Google’s reCAPTCHA site

To use the Azion reCAPTCHA integration, you have to provide two keys: your secret-key and your site-key. To get these credentials, you’ll have to register at Google.

To do so, follow these steps:

  1. Go to Google reCAPTCHA admin dashboard.
  • If you don’t have a Google Account, you’ll be prompted to create one.
  1. Once you’ve signed-up to the reCAPTCHA account, you’ll be redirected to the website’s register page.
  2. On this page, you have to fill in:
    • A label for your new reCAPTCHA site.
    • The version of reCAPTCHA you want to use (you can choose from v2 or v3).
      • If you choose v2, you’ll be prompted to choose what kind of test you want to apply on your website. The options are: “I’m not a robot checkbox”, “Invisible reCaptcha”, and “reCaptcha Android”.
      • Important: Azion reCAPTCHA integration was conceived to work with the v2 invisible option.
    • The domain you want to run the reCAPTCHA. Remember to ignore the http:// or https:// for the domain name.
    • You have to accept the reCAPTCHA terms of service.
    • You have to choose if you want to receive alerts from Google about your site, such as misconfigurations and others.
  3. Once you fill in all the information, click the Submit button.

Now you have your site registered to use the reCAPTCHA. In the next screen, you’ll receive your keys: Site Key and Secret Key.

These two keys will be used to configure the Azion reCAPTCHA integration later on.


Configuring the integration

Setting up an edge firewall

To start the configuration of the reCAPTCHA integration, follow these steps:

  1. On the Products menu, select Edge Firewall in the SECURE section.
  2. Click the + Edge Firewall button.
  3. Give an easy-to-remember name to your edge firewall.
  4. Select the domains you want to protect with the function.
  5. Click the Edge Functions switch to enable functions.
  6. Click the Save button.

Done. Now you have instantiated the rule for your function.

Setting up the Edge Firewall function

To instantiate the reCAPTCHA integration, while still on the Edge Firewall page:

  1. Select the Functions tab and follow these steps:
  2. Click the Add Function button.
  3. Give an easy to remember name to your instance.
  4. On the dropdown menu, select the reCAPTCHA function.
  • This action will load the function, showing a form with the function’s source-code and, just above it, two tabs: Code and Args. By clicking on the Code tab, you’ll be able to navigate through the source-code, but won’t be able to change it.
  1. In the Args tab, you’ll pass the two keys you get on the reCAPTCHA site and your variables:
{
"site_key": "efdb42c7-10ee-4969-8013-cfcb5f7ad007",
"secret_key": "0x11c8eB6e78Bd45f058876aF59ac2fB782nbdswqu",
"cookie_secret": "A key to sign the cookies",
"expiration_in_seconds": 3600,
"origin_address": "https://xxxxxxxx.map.azionedge.net",
"origin_headers": {
"X-Custom": "value",
"X-Another-Custom": "another-value"
},
"captcha_args": {
"theme": "dark",
"size": "compact",
"custom_message": "My message",
"custom_html": "<html>... <!-- azion_captcha --> .. </html>"
}
}

Where:

VariableRequiredDescription
site_keyYesThe site key you obtained at the reCAPTCHA page
secret_keyYesThe secret key you obtained at the reCAPTCHA page
expiration_in_secondsYesThe time in seconds until the reCAPTCHA expires
origin_addressYesYour domain from which the function will fetch the content after the user solves the CAPTCHA challenge
origin_headersNoWhenever the access to the origin requires the usage of specific request headers
captcha_argsNoThese args modify and customize the layout of the challenge box
custom_messageNoA customized message you want to show to the users
custom_htmlNoThe customized HTML to render the reCAPTCHA challenge box
cookie_secretYesThis cookie is generated by the function and used in order for the functions not to be re-run
  1. Click the Save button to save your configuration.

Done. Now your reCAPTCHA instance is saved.

Setting up the Edge Firewall Rules Engine

To finish, you have to set up the Rules Engine to configure the behavior and the criteria to run the function.

Still on the Edge Firewall page:

  1. Select the Rules Engine tab.
  2. Click the + Rule Engine button.
  3. Give a name to the rule.
  4. Select a criteria to run and catch the domain you want to run the integrationn on. Example: if Hostname is equal xxxxxxxxxxxx.map.azionedge.net.
  5. Below, select a behavior to the criteria. In this case, it’ll be Run Function.
    • Select the adequate reCAPTCHA function according to the name you gave it in the instantiate step.
  6. Click the Save button.

Done. Now the reCAPTCHA integration is running for every request made to the domain you indicated.

Watch a video about how to install the reCAPTCHA integration through Azion Marketplace on Azion’s YouTube channel:


Contributors