IlyaSobolev/helpcenter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 27 Wiki Activity

Add new article - "Configuring recaptcha in the server version" - for bug 64021

Browse Source
This commit is contained in:
Svetlana Maleeva 2023-09-07 13:21:57 +03:00
parent 54569ebbdd
commit 98398ec7a6
4 changed files with 88 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Web/Controls/Help/Administration/AdminSecurity.ascx
View File

@ -44,6 +44,7 @@
<li><cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/ArticlesCompleteList/Guides/121_two-factor-authentication.ascx" /></li>
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/configuration.aspx#TrustedDomain")%>">Trusted mail domain settings</a></li>
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/configuration.aspx#ipsecurity")%>">IP security settings</a></li>
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/configuration.aspx#loginsettings")%>">Login settings</a></li>
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/configuration.aspx#administratormessage")%>">Administrator message settings</a></li>
<li><a href="<%=VirtualPathUtility.ToAbsolute("~/administration/configuration.aspx#sessionlifetime")%>">Session lifetime</a></li>
</ul>

1
Web/Controls/Help/GettingStarted/Configuration/Configuration.ascx
View File

@ -452,6 +452,7 @@
<li>in the <b>Check period (sec)</b> field, set up the time interval for counting unsuccessful login attempts.</li>
</ol>
<p>When the specified limit of unsuccessful login attempts is reached, attempts coming from the associated IP address will be banned (or, in the SaaS version, captcha will be requested) for the chosen period of time.</p>
<p>By default, this feature is disabled in the server version. If the you want to use it, it's necessary to enable the feature in the configuration file. To learn more, read the following <a class="links" target="_blank" href="<%=VirtualPathUtility.ToAbsolute("~/administration/configure-recaptcha.aspx")%>">article</a>.</p>
<div class="inner_delimiter"></div>
<h5 id="administratormessage">Administrator message settings</h5>

70
Web/Controls/Help/TipsTricks/General/ConfigureRecaptcha/ConfigureRecaptcha.ascx Normal file
View File

@ -0,0 +1,70 @@
<%@ Control Language="C#" Inherits="BaseContentUserControls"%>
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
<script runat="server">
protected override void Init()
{
PageTitle = PageCaption = "Configuring recaptcha in the server version";
MetaKeyWords = "recaptcha, server version";
MetaDescription = "ONLYOFFICE. Configuring recaptcha in the server version";
var guides = new GuidesModel();
(Page as BasePage).Guides = guides;
}
</script>
<div class="main_buscall_container dataBackup">
<div class="MainHelpCenter">
<h1 class="subHeaderFeaturesCaption">Configuring recaptcha in the server version</h1>
<p><b>Recaptcha</b> allows you to protect the portal against brute-force attacks by distinguishing human users from automated access.</p>
<h2 id="Enabling">Enabling recaptcha</h2>
<p>By default, this feature is disabled in the server version. If the you want to use it, it's necessary to enable the feature in the configuration file:</p>
<ol class="instructions">
<li>Get recaptcha keys associated with your domain. Go to the <a class="links" target="_blank" href="https://www.google.com/recaptcha/admin/create">https://www.google.com/recaptcha/admin/create</a> page.
<ol>
<li>Click the 'Switch to create a classic key' link.</li>
<li>Specify the <b>Label</b> to identify the site.</li>
<li>Choose the <b>reCAPTCHA v2</b> option in the 'reCAPTCHA type' section.</li>
<li>In the <b>Domains</b> section, specify your domain.</li>
<li>Check the 'Accept the reCAPTCHA Terms of Service' box.</li>
<li>Click the <b>SUBMIT</b> button.</li>
<li>Copy your generated site key and secret key.</li>
</ol>
</li>
<li>Open the <code>web.appsettings.config</code> file.
<ul>
<li>For Windows version, it can be found in the <code>c:\Program Files\Ascensio System SIA\onlyoffice\WebStudio\</code> folder.</li>
<li>For deb, rpm packages, it can be found here: <code>/var/www/onlyoffice/WebStudio/web.appsettings.config</code>.</li>
<li>For Docker version, it can be found within the CommunityServer container: <code>/var/www/onlyoffice/WebStudio/web.appsettings.config</code>.</li>
</ul>
</li>
<li>Add the following 2 strings to <code>web.appsettings.config</code> replacing values with your own site key and secret key obtained at step1.
<pre><code>&lt;add key="web.recaptcha.public-key" value="your_site_key" /&gt;
&lt;add key="web.recaptcha.private-key" value="your_secret_key" /&gt;
</code></pre>
<p>Save the changes.</p>
</li>
<li>Restart the application.
<ul>
<li>For Windows version, restart the site in IIS.</li>
<li>For deb, rpm packages, use the following command: <code>sudo service monoserve restart</code>.</li>
<li>For Docker version, restart the CommunityServer container or execute the following command within the CommunityServer container: <code>systemctl restart monoserve.service</code>.</li>
</ul>
</li>
</ol>
<h2 id="Adjusting">Adjusting security settings</h2>
<p>Once the feature is enabled in the configuration file, the owner or full access admin can adjust the portal settings:</p>
<ol class="instructions">
<li>Enter your portal.</li>
<li>Click the <img alt="Settings Icon" src="<%=VirtualPathUtility.ToAbsolute("~/images/help/tipstricks/settingsicon.png")%>" /> icon in the right upper corner to open the 'Settings' section.</li>
<li>Switch to the <b>Security</b> tab at the left-side panel, then go to the <b>Login Settings</b> subsection.</li>
<li>In the <b>Number of attempts</b> field, set up the limit of unsuccessful login attempts by the user;</li>
<li>In the <b>Blocking time (sec)</b> field, set up the time interval for blocking new login attempts;</li>
<li>In the <b>Check period (sec)</b> field, set up the time interval for counting unsuccessful login attempts.</li>
<li>Click the <b>Save</b> button at the bottom of the section to make the parameters you set take effect.</li>
</ol>
<p>When the specified limit of unsuccessful login attempts is reached, for attempts coming from the associated IP address, captcha will be requested for the chosen period of time.</p>
</div>
</div>

16
Web/administration/configure-recaptcha.aspx Normal file
View File

@ -0,0 +1,16 @@
<%@ Page Title="" Language="C#" MasterPageFile="~/Masters/Administration/AdministrationArticles.master" %>
<%@ Register Namespace="TeamLab.Controls" Assembly="__Code" TagPrefix="cc" %>
<asp:Content ID="Content4" ContentPlaceHolderID="pagebodyidpage" runat="Server">
<body class="administration_guides_security">
</asp:Content>
<asp:Content ID="content3" ContentPlaceHolderID="breadstop" runat="server">
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/VariousControls/TopControls/GeneralTop/GeneralTop.ascx" />
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="content" runat="Server">
<div id="outOfDate" style="display: none;"></div>
<cc:LocalizeContent runat="Server" ControlName="~/Controls/Help/TipsTricks/General/ConfigureRecaptcha/ConfigureRecaptcha.ascx" />
</asp:Content>
<asp:Content ID="content1" ContentPlaceHolderID="leftmenupage" runat="server">
<div class="administrationworkspacepage general">
</asp:Content>