CAPTCHA
Pressero Provides two options of captcha, Google reCAPTCHA V2 and Cloudflare Turnstile
Google reCAPTCHA V2
Google reCAPTCHA V2 is a free service from Google that protects your website from spam and abuse. reCAPTCHA uses an advanced risk analysis engine and adaptive challenges to keep automated software from engaging in abusive activities on your site. It does this while allowing your valid users to pass through with ease.
You must set up a reCAPTCHA V2 account with Google (https://www.google.com/recaptcha/admin) and register the domain(s) you intend to use with this Pressero account before enabling reCAPTCHA on your Pressero site(s). Obtain reCAPTCHA keys (Site Key and Secret Key) from Google and enter them configure into pressero.
Cloudflare Turnstile
Turnstile is Cloudflare’s smart CAPTCHA alternative. Turnstile, adapt the actual challenge outcome to the individual visitor or browser. First, it run a series of small non-interactive challenges gathering more signals about the visitor/browser environment.
Those challenges include, proof-of-work, proof-of-space, probing for web APIs, and various other challenges for detecting browser-quirks and human behavior. As a result, we can fine-tune the difficulty of the challenge to the specific request and avoid ever showing a visual puzzle to a user.
After have all the necessary keys, please follow the bellow process to configure captcha into your Pressero account.
- Go to Preferences > General Settings > CAPTCHA.
- Click the Enable CAPTCHA Integration check box. The captcha type, Site Key and Secret Key boxes appear.
- Select the Captcha type.
- Enter the Site Key in the field provided.
- Enter the Secret Key in the field provided.
- Optional: for google reCaptcha v2 click the "Test reCAPTCHA" button and the results of the test will display as shown in the screens below. A failed test will display an error message in a red box; a successful test will display "reCAPTCHA test successful!" in green text. If the test fails, recheck the accuracy of the two keys. For Cloudflare Turnstile this test is automatcally applied and you success if you set the right Site key, secret Key and set the Pressero admin domin on Cloudflare Turnstile configuration.
- Click “Save.”
The Login Security area in General Settings enables you to customize the login security features of your sites. When a user has a number of unsuccessful login attempts within a certain period of time, they are automatically locked out and unable to try again for a specific time. By default, users are locked out for 10 minutes after 10 failed attempts within a 10-minute window.
This feature cannot be disabled, but you can change the number of attempts allowed, the time frame in which those attempts can take place, and the time that a user is locked out after they reach the maximum login attempts.
Go to Preferences > General Settings > Login Security.
Master Password - This is the default password that will be used to log into the site with user impersonation. You can also set a different master password for each site in Sites > [site name] > Settings > General tab in the "Site Basics" section. (This is moved from the General Settings section to the Login Security section on the wireframe.)
Maximum Login Attempts - This is the number of failed login attempts allowed within the retry period defined in Retry Time Limit (see below). By default, this is set to 10 attempts. The minimum number of attempts is 5, and the maximum is 20.
Retry Time Limit (minutes) - This is the length of time in minutes in which the number of failed login attempts defined in Maximum Login Attempts (see above) are allowed before a lockout occurs. By default, this is set to 10 minutes. The minimum number of minutes is 5, and the maximum is 20.
Lockout Time Period (minutes) - This is the number of minutes that a particular user's IP address is locked out once a lockout is triggered. By default, this is set to 10 minutes. The minimum number of minutes is 10, and the maximum is 60.
When a user has 2 attempts remaining, they will receive a message stating, "You have 2 remaining attempts before your account will be disabled. If you have forgotten your password, please select the reset password link below."
When a user has reached the maximum number of login attempts within the retry time limit, they will receive a message stating, "You've entered the wrong password too many times, therefore for security purposes, you have been locked out of this account for [lockout time period]. If you've forgotten your password you can request a new one by selecting the Reset Password link below."