Re: ReCAPTCHA suddenly stopped working

CarterJD72 · 08-31-2024 10:23 AM

I have had Recaptcha on our ecommerce website for a few years without problem. I have identical site themes (Kallyas) hosted on the same server which all work well, but one site the Recaptcha has suddenly stopped working. Recaptcha is built into the theme so just have to input the key and secret key.
The site theme, Wordpress and plugins are all up to date, I've created new keys multiple times, and tried V2 and V3, and have disabled all plugins but no avail. I hadn't made any changes to the site and suddenly both forms on the site started displaying "ERROR for site owner: Invalid site key". My hosting company (Brixly) and domain registrar (Fasthosts) have no idea and believe the fault lies with google. Does anyone have any idea what to try next as I'm totally stumped. Many thanks!

Danrancan

I am having the EXACT same issue on my Wordpress site, but using the XYZ-Scripts Newsletter plugin. The plugin has been set up and configured using the free version of google reCAPTCHA v2. In the plugin's Captcha settings, it requires the Site Key, and the Secret Key. I have both the site and secret key inputted into the corresponding boxes, and everything was working. When looking at my V2 API stats page in google, it shows the plugin was reporting requests to google up until 08/31/2024. Then I saw a notice on my reCAPTCHA page that said I need to enable "Billing" in google reCAPTCHA setting to get the full version. This made me suspect, that maybe google ended my (unlimited v2 I think) free trial for 10,000 api requests per month. So I opened up the billing section and created a billing account. Afterwords, the "Billing" error no longer appeared, and I thought the Site Key and Secret Keys would now work. I went back to the Wordpress plugin, made sure the Keys were entered properly, emptied my cache, and the checked my Wordpress site again, and the error did not go away! So now I have some billing account set up with google (somewhere in their LOADS AND LOADS of documentation/settings pages), that I don't want to be charged for. But I bet google ends up charging me for something since I would count on there being some sort of misconfiguration in my gcloud settings, since I'm new to the platform.

My Live Production web site which is encountering the error is (URL Removed by Staff)

Just scroll down to the bottom "(URL Removed by Staff)" section, and you will clearly see the message:

ERROR for site owner: Invalid site key

in bright red! I have posted a screenshot of this at the bottom.

Could someone please assist with this question?

I have nothing in my Wordpress Logs, or Nginx logs. I have also contacted XYZ Scripts, and they reported that they can't find anything on there end that could be causing this.

@CarterJD72 Let me know if you find any hints or solutions. Thanks for posting this error.

McMo.is - Error for site owner Invalid Site key.png

Danrancan

Did you ever figure this out? Can anyone help?

CarterJD72

Still no joy with resolving this. It seems theres others with the same issue on other forums. I still have disabled recapcha but getting loads of spam now! Did you ever figure it out?

CarterJD72

Hi. No, it still wont work. Ive had to disable it from the site. Ive deleted and recreated different key versions but to no avail. I have near identical sites using the same theme and hosting and they work fine, just this one suddenly stopped working. The domain isn't blacklisted, but its as though Google Recapture has blocked it or something?! Really odd. i'm stumped, and so is my hosting provider,, who said just "reach out to Google"..... !!!!! If anyone has a clue, it would be much appreciated. Thanks!

rossta0825

Sadly, I have had this problem, too, probably for 5 months and it has evidently been blocking our mail form for that entire time -who knows how many attempted messages we lost!. I've just spent 3 days working on this - I'm not a "real programmer" so was mostly just following the instructions I found posted. Finally "rolled my own" solution based upon many debug statements.

The problem I found was the rc-verify operation stopped working. This is where the response received is sent to google's server API for validation. So, I used HTTP::Tiny to do a form POST to the API and get the response, but this response was not a HASH - it was a JSON data structure, so then I used JSON::Parse to convert this to a HASH and set a variable to point to that (reference).

These 2 steps then replaced the rc-verify operation. I did this in PERL with those lines looking like this:

use HTTP::Tiny;         # added this to do the post_form
use JSON::Parse 'parse_json';  # added to parse the API response
my $ua = HTTP::Tiny->new;
my $url = 'https://www.google.com/recaptcha/api/siteverify';
my $form = [ secret => $secret, remoteip => $ENV{'REMOTE_ADDR'}, response => $response ]; 
my $json_result = $ua->post_form($url, $form)->{content};
my $result = parse_json($json_result);
unless ( $result->{success} ) {
   $form_errs .= "captcha ";
}

I'm sure if Captcha::reCAPTCHA::V2 is repaired so that it returns the response to
my $result = $rc->verify($secret, $response,$ENV{'REMOTE_ADDR'} );
then it would probably have taken care of it being in a HASH already and things wouldn't have failed. I am really disappointed in google for this failure, in the first place, and for it going unnoticed for 5 months with no response to these folks who have asked for help. I'm sure a real programmer would have solved this in a few minutes and saved us a lot of damage and lost time.