OLS reCAPTCHA failing

#1
Hi, I've recently enabled reCAPTCHA in my server, I've generated a site key/id and enabled reCAPTCHA at server level and then at virtual host level I enabled it and put those key/id there (It's using a checkbox)

Now when I try to open up my website, it loads up the "Verifying that you are not a robot..." page but when I clicked on the checkbox, it turns into the green tick and gets redirected to my domain /.lsrecap/recaptcha and this page is never getting loaded (it's like a timeout). I will get this error afterwards:

ERR_HTTP2_PROTOCOL_ERROR

How can I investigate this problem and fix it?
 
#3
Hi,
I tried the checkbox and input key method on my test server, no such issue. Could you provide the reproduce method to bug@litespeedtech.com so LiteSpeedtech engineers can take a look?
Thank you for your reply. I do not know the exact reproduce steps, I installed OLS on my own machine and when I enable recaptcha the same way it seems to be working fine. I sent my website link to you and also bug@litespeedtech.com
 

Cold-Egg

Administrator
#4
ok, I just opened it, click the checkbox and choose the images, then the site loads correctly.
Please check it again from an incognito browser.
 
#5
ok, I just opened it, click the checkbox and choose the images, then the site loads correctly.
Please check it again from an incognito browser.
Sometimes it works and many times it won't.
For instance it worked fine 1 time in incognito mode but after I close the browser and wait couple of seconds and then try again, it doesn't work. It doesn't work from my android device either. I also tried firefox and other ip addresses (My other Internet providers)

I have recorded a video for this which I also sent on private message to you.
 
#8
Hello.

I do confirm this issue. When under high ddos-attack the it just redirects to /.lsrecap/recaptcha
The browser is returning a ERR_HTTP2_PROTOCOL_ERROR Using 1.7.5 version.
I have tried several browsers with different engines and the issue was there.
I have disabled QUIC protocol and restarted the OLS and it seems the issues is not there anymore.
Another issue the the mechanism of blocking, for some reason OLS does not block the IP addresses which failed verification more than x times.
This is also an issue in LiteSpeed Enterprise. So after 5 misses of Recaptcha there are still 403 responses in log, but I think the IP address should get a temporary block and not still send requests and receive 403, this is also load and traffic.
 

Cold-Egg

Administrator
#11
Is it a shared server? Maybe it's controlled by the hosting manager. Since it's a shared server, you probably have no permission to check the configuration.
 
Top