google captcha migration to v3

Aug 04, 2021 / 1 min read

No more "No, I am not a robot"

If you did not have one, you will need to create an app here: Google create

  • no more captcha. Verification happen under the hood

    • before: form before
    • after: form after
  • You can check google answer google response I consider action: "contactPage", score > .8 to be a valid request. You can use your own

You can give the user ip as optional param. (I don't. Google has already enough data on us)

The front end code front The back end code back Yes I am using @laravelphp.

I also added a new page /contacted to have a better reporting from google analytics conversion for specific goals. Don't worry I protected it, you can't access it except you are coming from the contact form twitter Let me elaborate: Having a specific page where the user is being redirected is a good practice for analytics since you can then record the hits you are getting from that specific page (for me /contacted). You can have the same for user registration /registred

Wrap up

It was amazingly fast. The migration v2 -> v3 is straightforward. So if you did not, go ahead it is less than 5min. Next step for me is to add it on my login form as well. Happy coding!

Resources:

  • display: https://developers.google.com/recaptcha/docs/v3
  • verify: https://developers.google.com/recaptcha/docs/verify/

Update: April 8 2024

Recently I've noticed this very website is receiving spam message from the contact form. It appears like bots have grown in sophistication and now able to go past this implentation. One of the things I liked about it, is how seemless it is for the user while still managing to block bot. Might be a good idea to check the score and make sure it is still above 80%. Will update here