berkscompsltd
6 months ago
Does anyone know what I can do to prevent spam on blogengine.io?

I can alter the main page to prevent unwanted languages but as it is just a page form they can circumvent it and I just keep getting spam.

How can I add recaptcha to blogengine in the .cs part of the server-side script?
Sponsor

Want to thank us? Use: Patreon or PayPal or Bitcoins: bc1q4whppe29dw77rm4kv4pln0gqae4yjnxly0dny0hky6yhnafukzjsyrsqhk

All opinions expressed within these pages are sent in by members of the public or by our staff in their spare time, and as such do not represent any opinion held by sircles.net Ltd or their partners.


sirclesadmin
6 months ago
Installation
Package can be installed using Visual Studio UI (Tools > NuGet Package Manager > Manage NuGet Packages for Solution and search for "Recaptcha.Verify.Net").

Also latest version of package can be installed using Package Manager Console:

PM> Install-Package Recaptcha.Verify.Net

To properly reintegrate reCAPTCHA into your form on contact.aspx and ensure everything works smoothly, follow these steps. This includes adjustments in both your ASP.NET markup and JavaScript to ensure reCAPTCHA validation is effectively enforced.

1. Verify reCAPTCHA Setup
First, ensure that the blog:RecaptchaControl tag is correctly configured and that the necessary settings for reCAPTCHA are properly initialized in your application. This control needs to be recognized by ASP.NET, which depends on proper registration and the correct namespace.

Replace blog:RecaptchaControl with Standard reCAPTCHA Markup using the standard reCAPTCHA implementation directly from Google:

Register your Site with Google reCAPTCHA (if not already done) to get a site key.
Add the reCAPTCHA script and widget directly into your ASPX page.
Modify the ASPX File:
Here’s how you would add the standard reCAPTCHA v2 Checkbox directly:

aspx

<div class="g-recaptcha" data-sitekey="your_site_key"></div>
<script src="https://www.google.com/recaptcha/api.js" async defer></script>
[/code]Place these lines in your div where the blog:RecaptchaControl currently is. Replace "your_site_key" with your actual site key provided by Google.

2. Update the JavaScript Validation
You already have a JavaScript function beginSendMessage() to handle the reCAPTCHA validation on the client side, which is great. Make sure that this function is working correctly by checking the reCAPTCHA response as you already are:

🅱JS[/b]
[code=javascript]javascript

function beginSendMessage() {
    var response = grecaptcha.getResponse();
    if (response.length === 0) {  // Checks if reCAPTCHA was solved
        alert("Please verify you are not a robot.");
        return false; // Prevents the form submission
    }
    return true; // Allows form submission
}
3. Ensure Server-Side Validation
Even though client-side validation is important, it can be bypassed. Therefore, ensure you also validate the reCAPTCHA response server-side in your btnSend_Click event handler in the code-behind:

csharp

protected void btnSend_Click(object sender, EventArgs e)
{
    string recaptchaResponse = Request.Form["g-recaptcha-response"];
    if (!IsReCaptchaValid(recaptchaResponse))
    {
        lblStatus.Text = "reCAPTCHA validation failed. Please try again.";
        lblStatus.Visible = true;
        return; // Stop processing the form
    }

    // Process the form here if reCAPTCHA is valid
}

private bool IsReCaptchaValid(string recaptchaResponse)
{
    // Your server-side reCAPTCHA validation logic here
    // Make sure to check the response with Google's validation service
    return true; // Simulated response
}

4. Test the Entire Flow
After making these changes, thoroughly test the form to ensure:

The reCAPTCHA is displayed correctly.
The form cannot be submitted without completing the reCAPTCHA.
Server-side validation is also catching any bypass attempts.
These steps should help you effectively reintegrate reCAPTCHA into your contact page, enhancing the security and functionality of your form submissions.