Ne reCAPTCHA giving me a 403 error

Question

Recently a client told me his website's reCAPTCHA was no longer working. After investigating, I found out that Google changed it. I upgraded their site using the new documentation from Nov 19, 2014, but it always gives me a 403 error. I tried submitting just the secret key and that returned a JSON result with a false and an error. I did the same by just submitting the response from the g-recaptcha-response field and it also returned a JSON result with the error. As soon as I put both of them into a string using http_build_query, I get a 403 forbidden from Google.

I am using the new http://www.google.com/recaptcha/api/siteverify URL. I am submitting to it using PHP cURL using the following code:

    $post_data = array('response'=>$response, 'secret'=>$privatekey);
    $curlPost = http_build_query($post_data, '', '&');

    $ch = curl_init();

    //Set the URL of the page or file to download.
    $url = 'http://www.google.com/recaptcha/api/siteverify';

    curl_setopt($ch, CURLOPT_URL, $url);
    curl_setopt($ch, CURLOPT_HEADER, 0);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $curlPost);

    $data_json = curl_exec($ch);

Any help would be greatly appreciated.

Answer 1

Just droping this info, as encountered and the reason was: recaptcha gem starting from v5.0 changed used siteverify host from google.com to recaptcha.net
code repo

So might be needed configuration in FW.

Answer 2

You have to use https, so the correct URL is:

$url = 'https://www.google.com/recaptcha/api/siteverify';

This should fix the 403 error.