Setting Up reCAPTCHA v2 on Your Cockpit Login Screen Print

Cockpit allows you to enhance security by adding Google's reCAPTCHA v2 to your login screen. This guide will walk you through the process of obtaining reCAPTCHA keys and configuring them in your Cockpit installation.

Obtaining reCAPTCHA v2 Keys

1. Visit the reCAPTCHA Admin Console
   • Go to https://www.google.com/recaptcha/admin
   • Sign in with your Google account
2. Register Your Site
   • Click the "+" (plus) button to register a new site
   • Enter a label for your site (e.g., "Cockpit Login")
   • Select "reCAPTCHA v2" as the type
   • Choose "I'm not a robot" Checkbox option
   • Add your domain(s) in the "Domains" section (e.g., yourdomain.com)
   • Accept the Terms of Service and click "Submit"
3. Get Your Keys
   • After registration, you'll receive two keys:
     • Site Key: This is used in the HTML of your login page
     • Secret Key: This is used for server-side verification
   • Keep both keys secure, especially the Secret Key

Configuring reCAPTCHA in Cockpit

1. Access the Superadmin Panel
   • Log in to your Cockpit installation with Superadmin credentials
2. Navigate to reCAPTCHA Settings
   • Find the "reCaptcha v2 Site Key" and "reCaptcha v2 Site Secret" fields in your settings
3. Enter Your Keys
   • Paste your Site Key in the "reCaptcha v2 Site Key" field
   • Paste your Secret Key in the "reCaptcha v2 Site Secret" field
   • Click the "Update" button to save your changes
4. Test Your Configuration
   • Log out of your Cockpit account
   • Return to the login page
   • You should now see the reCAPTCHA verification widget on the login page

Important Notes

• Both fields must be filled for reCAPTCHA to work properly
• If you leave both fields blank, reCAPTCHA will be disabled
• Make sure you're using reCAPTCHA v2 keys, not v3 or Enterprise
• The domain in your reCAPTCHA settings must match where Cockpit is hosted
• If your keys aren't working, double-check for typos or spaces

Resetting reCAPTCHA Settings

If you encounter issues with your reCAPTCHA configuration and need to reset it:

1. Connect to your server via FTP or file manager
2. Navigate to your Cockpit installation directory
3. Locate and delete the /includes/db/cockpit.sqlite database file
4. Visit your Cockpit URL to trigger the initial setup process
5. Create new credentials and configure reCAPTCHA again

Warning: Deleting the SQLite database will reset ALL settings, not just reCAPTCHA. This includes user accounts and any other customizations. Only use this method if you're willing to reconfigure your entire Cockpit installation.

Benefits of Adding reCAPTCHA

• Prevents automated login attempts and brute force attacks
• Reduces the risk of unauthorized access
• Adds an additional security layer to your Cockpit installation
• Minimal impact on legitimate users' login experience

By implementing reCAPTCHA on your login page, you significantly enhance the security of your Cockpit installation while maintaining a good user experience for authorized users.