diff --git a/content/applications/websites/website/configuration.rst b/content/applications/websites/website/configuration.rst index 455be2a81..21a77b3f3 100644 --- a/content/applications/websites/website/configuration.rst +++ b/content/applications/websites/website/configuration.rst @@ -11,4 +11,5 @@ Configuration configuration/translate configuration/multi_website configuration/unsplash + configuration/spam_protection configuration/on-premise_geo-ip-installation diff --git a/content/applications/websites/website/configuration/spam_protection.rst b/content/applications/websites/website/configuration/spam_protection.rst new file mode 100644 index 000000000..b3c913e56 --- /dev/null +++ b/content/applications/websites/website/configuration/spam_protection.rst @@ -0,0 +1,145 @@ +===================== +Forms spam protection +===================== + +:ref:`Cloudflare Turnstile ` and :ref:`Google reCAPTCHA v3 ` +protect website forms against spam and abuse. They attempt to distinguish between human and bot +submissions using non-interactive challenges based on telemetry and visitor behavior. + +.. tip:: + **Cloudflare Turnstile is recommended** as it is possible to add an interactive check if the + automated check fails. Also, Google reCAPTCHA v3 is limited to `1 million assessments per month + per domain `_. + +.. note:: + All pages using the :guilabel:`Form`, :guilabel:`Newsletter Block`, :guilabel:`Newsletter Popup` + snippets, and the eCommerce :guilabel:`Extra Step During Checkout` form are protected by both + tools. + +.. seealso:: + - `Cloudflare Turnstile's documentation `_ + - `Google's reCAPTCHA v3 guide `_ + +.. _cloudflare-turnstile: + +Cloudflare Turnstile configuration +================================== + +On Cloudflare +------------- + +- `Create `_ a Cloudflare account or use an existing one and + `log in `_. +- On the dashboard navigation sidebar, click :guilabel:`Turnstile`. +- On the :guilabel:`Turnstile Sites` page, click :guilabel:`Add Site`. +- Add a :guilabel:`Site name` to identify it easily. +- Enter or select the website's :guilabel:`Domain` (e.g., *example.com* or *subdomain.example.com*). +- Select a :guilabel:`Widget Mode`: + + - The :guilabel:`Managed` mode is **recommended**, as visitors can be prompted to check a box + confirming they are human if deemed necessary by Turnstile. + + .. image:: spam_protection/turnstile-human.png + :alt: Cloudflare Turnstile human verification widget + + - For the :guilabel:`Non-interactive` and :guilabel:`Invisible` modes, visitors are never + prompted to interact. In :guilabel:`Non-interactive` mode, a loading widget can be displayed to + warn visitors that Turnstile protects the form; however, the widget is not supported by Odoo. + + .. note:: + If the Turnstile check fails, visitors are not able to submit the form, and the following + error message is displayed: + + .. image:: spam_protection/turnstile-error.png + :alt: Cloudflare Turnstile verification error message + +- Click :guilabel:`Create`. + +.. image:: spam_protection/turnstile-configuration.png + :alt: Adding a website to Cloudflare Turnstile + +The generated keys are then displayed. Leave the page open for convenience, as copying the keys in +Odoo is required next. + +On Odoo +------- + +- From the database dashboard, click :guilabel:`Settings`. Under :guilabel:`Integrations`, enable + :guilabel:`Cloudflare Turnstile` and click :guilabel:`Save`. +- Open the Cloudflare Turnstile page, copy the :guilabel:`Site Key`, and paste it into the + :guilabel:`CF Site Key` field in Odoo. +- Open the Cloudflare Turnstile page, copy the :guilabel:`Secret Key`, and paste it into the + :guilabel:`CF Secret Key` field in Odoo. +- Click :guilabel:`Save`. + +.. tip:: + Navigate to Turnstile on your Cloudflare account to view the solve rates and access more + settings. + +.. _google-recaptcha: + +reCAPTCHA v3 configuration +========================== + +On Google +--------- + +Open `the reCAPTCHA website registration page `_. Log +in or create a Google account if necessary. + +On the website registration page: + +- Give the website a :guilabel:`Label`. +- Leave the :guilabel:`reCAPTCHA type` on :guilabel:`Score based (v3)`. +- Enter one or more :guilabel:`Domains` (e.g., *example.com* or *subdomain.example.com*). +- Under :guilabel:`Google Cloud Platform`, a project is automatically selected if one was already + created with the logged-in Google account. If not, one is automatically created. Click + :guilabel:`Google Cloud Platform` to select a project yourself or rename the automatically created + project. +- Agree to the terms of service. +- Click :guilabel:`Submit`. + +.. image:: spam_protection/recaptcha-google-configuration.png + :alt: reCAPTCHA website registration example + +A new page with the generated keys is then displayed. Leave it open for convenience, as copying the +keys to Odoo is required next. + +On Odoo +------- + +- From the database dashboard, click :guilabel:`Settings`. Under :guilabel:`Integrations`, enable + :guilabel:`reCAPTCHA` if needed. + + .. warning:: + Do not disable the :guilabel:`reCAPTCHA` feature or uninstall the :guilabel:`Google reCAPTCHA + integration` module, as many other modules would also be removed. + +- Open the Google reCAPTCHA page, copy the :guilabel:`Site key`, and paste it into the + :guilabel:`Site Key` field in Odoo. +- Open the Google reCAPTCHA page, copy the :guilabel:`Secret key`, and paste it into the + :guilabel:`Secret Key` field in Odoo. +- Change the default :guilabel:`Minimum score` (`0.50`) if necessary, using a value between `1.00` + and `0.00`. The higher the threshold is, the more difficult it is to pass the reCAPTCHA, and vice + versa. +- Click :guilabel:`Save`. + +You can notify visitors that reCAPTCHA protects a form. To do so, open the website editor and +navigate to the form. Then, click somewhere on the form, and on the right sidebar's +:guilabel:`Customize` tab, toggle :guilabel:`Show reCAPTCHA Policy` found under the :guilabel:`Form` +section. + +.. image:: spam_protection/recaptcha-policy.png + :alt: reCAPTCHA policy message displayed on a form + +.. note:: + If the reCAPTCHA check fails, the following error message is displayed: + + .. image:: spam_protection/recaptcha-error.png + :alt: Google reCAPTCHA verification error message + +.. tip:: + Analytics and additional settings are available on `Google's reCAPTCHA administration page + `_. For example, you can receive email alerts if Google + detects suspicious traffic on your website or view the percentage of suspicious requests, which + could help you determine the right minimum score. diff --git a/content/applications/websites/website/configuration/spam_protection/recaptcha-error.png b/content/applications/websites/website/configuration/spam_protection/recaptcha-error.png new file mode 100644 index 000000000..b7947e564 Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/recaptcha-error.png differ diff --git a/content/applications/websites/website/configuration/spam_protection/recaptcha-google-configuration.png b/content/applications/websites/website/configuration/spam_protection/recaptcha-google-configuration.png new file mode 100644 index 000000000..c3bbea65a Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/recaptcha-google-configuration.png differ diff --git a/content/applications/websites/website/configuration/spam_protection/recaptcha-policy.png b/content/applications/websites/website/configuration/spam_protection/recaptcha-policy.png new file mode 100644 index 000000000..a335a45eb Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/recaptcha-policy.png differ diff --git a/content/applications/websites/website/configuration/spam_protection/turnstile-configuration.png b/content/applications/websites/website/configuration/spam_protection/turnstile-configuration.png new file mode 100644 index 000000000..195309fb8 Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/turnstile-configuration.png differ diff --git a/content/applications/websites/website/configuration/spam_protection/turnstile-error.png b/content/applications/websites/website/configuration/spam_protection/turnstile-error.png new file mode 100644 index 000000000..d70b2d61f Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/turnstile-error.png differ diff --git a/content/applications/websites/website/configuration/spam_protection/turnstile-human.png b/content/applications/websites/website/configuration/spam_protection/turnstile-human.png new file mode 100644 index 000000000..12926b5b6 Binary files /dev/null and b/content/applications/websites/website/configuration/spam_protection/turnstile-human.png differ diff --git a/redirects/saas-16.2.txt b/redirects/saas-16.2.txt index 2f8d2de69..0f392b7f1 100644 --- a/redirects/saas-16.2.txt +++ b/redirects/saas-16.2.txt @@ -1,3 +1,7 @@ # applications/finance applications/finance/accounting/payables/pay/trusted_accounts.rst applications/finance/accounting/payments/trusted_accounts.rst # payables/pay/* -> payments/* + +# applications/websites + +applications/websites/website/configuration/recaptcha.rst applications/websites/website/configuration/spam_protection.rst \ No newline at end of file