All pages
Powered by GitBook
1 of 1

3.1.1 Google Recaptcha Setup

🔐 Google reCAPTCHA Integration (ShieldsGuard)

📖 Overview

ShieldsGuard supports Google reCAPTCHA integration to enhance bot protection, DDoS challenge validation, and login security.

By adding your Google reCAPTCHA keys to the system, you ensure that automated access attempts are filtered with an additional verification layer before being allowed to interact with protected web resources.

🧭 Step-by-Step Setup Guide

1️⃣ Register Your Site at Google reCAPTCHA

  1. Visit: https://www.google.com/recaptcha/admin/create

  1. Log in with your Google account

  2. Fill in the form:

    • Label: Example: ShieldsGuard Protection

    • Choose Type:

      • reCAPTCHA v2 – "I’m not a robot" (recommended)

      • Or v3 if desired

    • Domains: Enter your domain (e.g., example.com)

    • Accept the Terms of Service

  3. Click Submit

You will receive two keys:

  • 🔐 Secret Key

  • 🌐 Site Key

2️⃣ Enter Keys into ShieldsGuard

Once you’ve obtained your keys:

  1. Log in to your ShieldsGuard Panel

  2. Navigate to: Protection > DDoS Protection > Google Recaptcha Section

  3. Click the 🔴 Set Key button (You’ll see this as a red action button prompting configuration)

  1. In the popup titled Edit Google Captcha Key, enter:

    • Secret Key (first field)

    • Site Key (second field)

  1. Click the 🔒 Save button

You will receive confirmation that the keys are stored and ready for use.

3️⃣ Activate Google reCAPTCHA in DDoS Protection

Adding the keys alone is not enough. You must activate Google reCAPTCHA in your protection mode.

  1. Go to: Protection > DDoS Protection

  2. In the DDoS Protection Settings, set:

    • Protection ModeAutomatic or Google Captcha

    • Automatic Protection TypeGoogle Captcha

  3. Save the configuration

Now, when a threshold is triggered, ShieldsGuard will serve Google reCAPTCHA challenges to the client.

🧪 Test It

To verify that Google reCAPTCHA is active:

  • Simulate a DDoS request (e.g., rapid refresh or tool-based probe)

  • Access a protected endpoint with the configured domain

  • reCAPTCHA challenge should appear in the browser

💡 Best Practices

Tip
Recommendation

✅ Use reCAPTCHA v2

More reliable for user interaction

🔁 Rotate keys periodically

For improved security

🧪 Test CAPTCHA in dev mode

Ensure visual rendering and key match

🔐 Keep secret key private

Never expose this value to frontend or users

🎯 By integrating Google reCAPTCHA with ShieldsGuard, you're creating a highly effective layer of friction for automated threats, while preserving user experience for legitimate visitors.