Cerberus FTP Server recognizes that bots will try to spam and abuse your account requests, password resets and logins. To protect users from these types of attacks, Cerberus FTP Server has an integration feature with Google reCAPTCHA as an added layer of protection.
reCAPTCHA is a free service that protects your site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart. With the new API, a significant number of your valid human users will pass the reCAPTCHA challenge without having to solve a CAPTCHA. reCAPTCHA comes in the form of a widget that you can easily add to your site.
Creating and Integrating a reCAPTCHA:
Follow the steps below to integrate a reCAPTCHA with the Cerberus FTP Server web interface.
Open the reCAPTCHA form in Cerberus:
Open the Cerberus FTP Server UI or Web Admin portal. Navigate to 'Server Manager' > 'Listeners'. In the list of IP addresses, scroll down and select an HTTPS listener (most likely your HTTPS listener with your server IP on it) and click on it. Selecting the listener will turn the line light blue.
After selecting the HTTPS IP address you will see a variety of options appear below. Click on "Configure CAPTCHA".
Access the Google reCAPTCHA form:
A box will pop up titled "Configure CAPTCHA". Click the link "Sign up for a reCAPTCHA Account".
Create a reCAPTCHA account in Google:
Clicking on the link "Sign up for a reCAPTCHA Account" in Cerberus FTP Server will open a new window and redirect you to Google reCAPTCHA webpage. At the top of the webpage, click the blue button that says "Get Started With Enterprise".
After clicking on the button, you may be required to log in, or you will be taken to the "Register a new site" page. Provide a a project name (this can be whatever you like) and select the your site/organization in "Create In". Finally, click '"Get Started"
Google will set up your account. This takes a minute or two. Once the project has been created, click "Cloud Console" to go to the next step.
Create the reCAPTCHA key pair in Google:
You will now create the key for Cerberus. Enter a descriptive name, like "Cerberus FTP Server", or "File Transfer Site", something meaningful for you. Choose "Website" from the platform type menu.
Next, you will need to provide the domain you want to associate the reCAPTCHA with. The domain you will supply here is the IP address of your HTTPS listener, which you can locate in the "Interfaces" pane of the Cerberus FTP Server admin portal. Click "Create Key".
Enter the key pair into Cerberus:
Since you are integrating with Cerberus, on the next screen, click "Use Legacy Key"
Google will provide a "secret key" that can be pasted into the private key field in the Cerberus form:
Next, copy the "Site Key" from Google and paste it into "Public Key" field in the Cerberus form.
In Cerberus FTP Server, the Public Key refers to the Site Key and the Private Key refers to the Secret Key. Select the boxes below the keys to identify where you want the reCAPTCHA to appear. Click "Save".
Finally, click "Update" on the Server Manager - Interfaces box. If you do not click "Update" the reCAPTCHA will not appear. Repeat this process for each of the HTTP/S listeners where you wish to have reCAPTCHA appear.
Update your firewall (if necessary):
If necessary, update your firewall to allow the reCAPTCHA URL through. The URL that reCAPTCHA needs access to is https://www.google.com/recaptcha/api/siteverify.
Comments
0 comments
Please sign in to leave a comment.