reCAPTCHA V3 causes a lot false positives in CF7?

  • Hello ??

    with the integration of reCAPTCHA v3 I get a *lot* of false positives. Around 30% of my reguar visitors are ruled out by google now.

    What am I doing wrong? On other sites using reCAPTCHA v3 there is are no problems – with (almost) the same visitors.

    Is there anything I can change to fix this (except from going back to v2)?

Viewing 3 replies - 1 through 3 (of 3 total)

  • I am using CF7 with reCAPTCHA and V3 keys on two sites, and on both 100% of the users (including myself) are flagged as positive.
    So when I do a test and fill in the contact form myself and press the button to send in the form, I get the error code that tells me there has been an error. I added “SPAM” to this error message so I could tell what it was, and indeed: every time I try (or someone else tries) they get the “SPAM” error message.
    When I remove the reCAPTCHA keys CF7 works just fine – I get all the messages delivered, including a LOT of spam indeed.

    So for me, CF7 with reCAPTCHA v3 has never worked. I wish I knew how I could go back to v2.

    Hi,

    I was wondering if anyone has any thoughts on this issue as I’m a victim of lots of false positives on multiple websites.

    Any insights would be much appreciated.

    I’m progressively reverting all my client sites to recaptcha V2 using the Contact Form 7 – reCaptcha v2 plugin. Why?

    Having read some of the Google tech info from the developers (and noticed that Google themselves are still using V2 on ‘mission-critical’ pages). I do not consider recaptcha V3 on its own a viable solution. There is supposed to be a ‘fall-back’ mechanism, which neither Google nor (to my knowledge) any plugin developer yet provides.

    What’s needed is a V3 implementation which, instead of simply locking out anything scored as ‘probably spam’, bounces it ‘down’ to V2, so if a bona fide user fails the invisible captcha, they can still get through by going through the ‘I’m not a Robot’ and then, if necessary and they have the patience, the whole picture grid checking business. At least there’s still a route through, instead of a simple lock-out.

    OK, it means you need to go through the busines of generating BOTH V2 and V3 keys, but until either a plugin or Google provide this option (and it could be just that – optional), I shall be taking all my sites back to V2. There have just been too many false positives and even (in a couple of cases) a flood of spam submissions actually getting through!) using V3 as it is currently set up.

    Incidentally, I discovered reading the Google documentation that V3 returns a ‘score’ which is usable in the API – so possibly an interim solution might be to add an ‘advanced’ option in CF7 to tweak the threshold, as you can in the better email spam filters?

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘reCAPTCHA V3 causes a lot false positives in CF7?’ is closed to new replies.