Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.We recently upgraded our version of reCAPTCHA from 7.x-1.14 to 7.x-2.2, and HAVE NOT HAD any luck getting it to work. The messages "CAPTCHA session reuse attack detected." and "The answer you entered for CAPTCHA was not correct." are still being displayed.
Here are just two (2) of many blogs/forums that were closed just because there were no activities on them for two (2) weeks.
https://www.drupal.org/node/918856 - this we can't use because they've resorted to the dev version for fix. We can't possibly use that for our website in Production.
https://www.drupal.org/node/2449209 - this one is where the contributor himself, MiroslavBanov, is questioning whether it's fixed or not.
And here's one (https://www.drupal.org/node/2852790) where the CAPTCHA contributor pleads for help in maintaining the module. I included the link in response to the person who stated that us, developers, are wasting our time trying to find bugs that have been fixed, but in reality, these bugs are not fixed yet. We are too busy trying to get it to work that we have no time to update the blog/forum.
Thanks.
Comments
Comment #2
hass CreditAttribution: hass commentedSee https://www.drupal.org/node/2481341. The missing google root ca should be the most typical root cause.
Comment #3
JCL324I just got bit by this too. My problem now is I can't login, even as User 1! I'm locked out and this should not happen. PLEASE, create a WARNING on the modules home page about upgrading from 1.x to 2.x.
Comment #4
hass CreditAttribution: hass commentedThe module has no issue at all. It is only your PHP server.
Comment #5
JCL324Even my local MAMP stack?? I have never in all my years doing Drupal had to mess with local PHP just to get a general contrib module to work.
It would still be nice to warn people of this potential gotcha, whatever the root cause is.
Comment #6
hass CreditAttribution: hass commentedHave you followed https://www.drupal.org/node/2481341 ? I guess not. Check your PHP logs. They contain errors. The module is not responsible for not having included Google Root CA into PHP.
Comment #8
d'inquirer CreditAttribution: d'inquirer commentedThe link you're providing "https://www.drupal.org/node/2481341" is not fixed. They tried your steps but still to no avail. Please provide a Drupal site where they are using the "I am not a robot" and maybe I can inquire from them for the fix. We have no choice at this time but to still use the unsupported version 7.x-1.14. Anyone out there who can help! Would really appreciate. Thanks.
Comment #9
JCL324@d'inquirer, my issue had nothing to do with my PHP server. It was all about the Google keys. Once I got the proper keys with the correct domains (even .dd works if you are using Acquia DevDesktop locally), everything was fine.
Comment #10
d'inquirer CreditAttribution: d'inquirer commentedHere are the steps that I'm doing but still can't get reCAPTCHA to work:
1.) I have to disable reCAPTCHA v2 (using Drush) because that's the only way I'm able to login. Otherwise, the error "ERROR for site owner: invalid domain for site key.." is displayed and I can't login at all. I use "Drush pmi" just to check the version of reCAPTCHA installed and it is 7.x-2.2.
2.) I go to Modules\Install New Module\List\Spam control, and turn on reCAPTCHA. I then click on Configure and input the new set of keys obtained from google.com\recaptcha. Then click on "Save configuration".
3.) I logout and log back in but I still see "ERROR for site owner: invalid domain for site key...". I even clear my cookies but still get the same error on my login form.
What steps am I missing? Thanks.
Comment #11
hass CreditAttribution: hass commentedDelete your key at Google and recreate new keys with your domain. That should help. This error message comes directly from Google.