Fast and Easy Form Security with Google ReCaptcha
April 28, 2015 by Michael Evangelista
With Google reCAPTCHA on board, Mura CMS adds yet another simple and powerful security feature. Forms in Mura 6.2 are instantly protected from automated submissions and other suspicious activity without being unfriendly to real users.
Layers of Protection
As always, security is a priority when it comes to form submissions in Mura CMS. By enabling and adding reCAPTCHA to your forms, peace of mind is enabled as well. With cutting-edge spam and abuse protection, and low friction, effortless interaction for real people, any form created with Mura's form builder tools will be automatically protected.
Whether utilizing Mura's robust Form Builder options to create a simple email contact form or a complex data collection system, unwanted submissions will be minimized by using the maximum number of protection methods. In addition to the new reCAPTCHA option, any Mura CMS form can be protected by enabling the built in CFformProtect spam detection system. This robust form protection library includes a number of individual tests which can be uniquely tuned or disabled to provide just the right amount of spam detection on any Mura site.
User Friendly Form Protection with Added Value
Unlike old-school CAPTCHA tests with cluttered images and distorted text, reCAPTCHA allows most users to pass with a single click. The test and underlying logic are added to your form by the reCAPTCHA service for a safe, frustration-free user experience.
Depending on the user, the reCAPTCHA test may also display a simple bit of text or numbers, which must be typed into an additional input provided for this purpose. Worth noting, this user-generated data does not go to waste. Each human response to a reCAPTCHA image is utilized to digitize books, improve Google Maps, or even to expand our understanding of computer science.
Automatically Added to Any Mura Form
Like most things in Mura, the setup couldn't be simpler. A series of options exists in the Mura CMS Site Configuration system specifically for reCAPTCHA integration. Simply follow the instructions in the Mura CMS reCAPTCHA Documentation to obtain and enter your Site Key and Secret, two specialized bits of code obtained from any free Google reCaptcha Admin account. A button on the Mura site settings screen makes this easy, with a direct link to obtain your reCAPTCHA API key pair.
Site or Global Configuration Options
In addition to the built in options for setup on any Mura site, it is also possible to enable reCAPTCHA for an entire Mura installation, adding complete protection to all forms created with the Mura form builder, on all existing or future Mura CMS sites within that installation.
Mura's global settings file, settings.ini.cfm, contains 3 lines corresponding to the form inputs show in the Site Administration. When entered here, the same three values take on a global priority and automatically assign the specified reCAPTCHA API credentials to all forms built using the Mura form builder tools on any site in the Mura instance. The only additional step would be entering any new domains into the Google reCAPTCHA admin area to link those domains to the reCAPTCHA API.
For simple email delivery forms or data collection forms with multiple sections, the Mura CMS Form Builder and reCAPTCHA provide a solid and simple form security solution. Whether used alone or combined with other form protection methods such as CFformProtect, the addition of reCAPTCHA integration is yet another way Mura CMS is meeting the challenges of the evolving web, and providing professional, reliable solutions for the growing community of Mura CMS developers and users.
More About This Feature
Google reCAPTCHA: introduction and features
Mura CMS Documentation: reCAPTCHA setup