Configuring Google reCAPTCHA

Flux supports Google reCAPTCHA v2 to protect your forms from automated abuse. This integration handles the script injection and server-side validation automatically.

Step 1: Get Your Keys

Before configuring Flux, you need to register your site with Google.

1. Go to the Google reCAPTCHA Admin Console.
2. Click the + (Create) button.
3. Label: Enter a descriptive name for your site (e.g., "Flux Forms").
4. reCAPTCHA type:
   • Select Challenge (v2).
   • Choose either "I'm not a robot" Checkbox (recommended) or Invisible reCAPTCHA badge.
   • Note: Flux is currently optimized for the v2 flow.
5. Domains: Add the domain where your form will be hosted (e.g., mysite.com).
   • Tip: Add localhost to this list if you are testing locally.
6. Accept the Terms of Service and click Submit.
7. Keep this tab open. You will need the Site Key and Secret Key for the next step.

Step 2: Configure Flux

Now, you need to store these credentials securely in your Flux instance.

1. SSH into your Flux instance:

   ssh -p 2222 admin@<your-ip>
   

2. Navigate to Infrastructure -> Captcha (or "Manage Captchas").
3. Press n to create a new configuration.
4. Provider Name: Give it a unique ID (e.g., google-main).
5. Type: Select Google reCAPTCHA from the list.
6. Site Key: Paste the Site Key you copied from Google.
7. Secret Key: Paste the Secret Key.
8. Select Save (or press Enter) to confirm.

Step 3: Attach to a Form

Finally, you must tell Flux which form should use this protection.

1. Go back to the Dashboard and select Forms (or "Manage Forms").
2. Select the specific form you want to protect from the list.
3. Select Edit Metadata.
4. Scroll down to the Captcha dropdown field.
5. Select your new provider (e.g., google-main).
6. Select Save & Exit.

That's it.

Flux will now automatically inject the required Google scripts and the widget into your form HTML. All future submissions for this form will be validated against Google's servers before being accepted.