Skip to main content

Litespeed Recaptcha - How to implement ?

Hatrix Hoster

Recently I have started seeing sudden spikes in the load average in whm server(even 12-14 sometime in 16 core dedicated server):

[root@hostname ~]# grep -R "wp-login.php" /usr/local/apache/domlogs/ | wc -l
69729
[root@hostanme~]# grep -R "xmlrpc.php" /usr/local/apache/domlogs/ | wc -l
187531
[root@hostname~]# grep -R "wp-cron.php" /usr/local/apache/domlogs/ | wc -l
96238

As I can haven't done any special configuration so confirmed that its the last 24 hours log(if  am not wrong).

so basically I doubt that the sudden load spike that I see regularly in my server is due to this ? Is it right?

So I was planning to implement litespeed + googl recaptcha.(is it the right approach for such?).

while configuring google recaptcha, they used to ask for the domain name right?  but in my case there are huge domains, 2-5 domain adding daily as I am providing cpanel accounts to my clients. how can I solve this issue?

as a test, I have added my global server hostname in that section of google recaptcha and tried configuring it from litespeed webserver page. 
when I visited the hostname.com then it shows the recaptcha as I have expected. But its not shown to all cpanel users in the server(which is also expected because I haven't added their domains too).


how can I set it up?
what is the way?

sometime the client also get irritated because they get captcha time to time, so they can request me to remove this captcha. How can that? Is this possible to whitelist or remove the captcha for this certain cpanel user?

Comments

2 comments

Date Votes
  • cPRex Jurassic Moderator

    I thought we determined in your other thread that this isn't going to solve your issue?  You *really* need an admin to examine the server and get to the bottom of what is happening with the machine.

    0
  • cagsmith

    Just wanted to add something here - we decided against this feature in LiteSpeed Web Server because showing ReCAPTCHA on a domain requires notifying users of this in a privacy/cookie acceptance policy (at least it did last time I checked). This isn't feasible on a large scale with many different domains.

    Services like Imunify360 offer an alternative solution with their WebShield feature which is better suited to multi-site servers in my opinion.

    No idea what your actual issue is, you'd need to do as @cPRex suggested and have an admin examine the issue, but hopefully you find this helpful.

    0

Please sign in to leave a comment.

Didn't find what you were looking for?

New post