{"id":2831,"date":"2024-10-18T19:29:32","date_gmt":"2024-10-18T17:29:32","guid":{"rendered":"https:\/\/itsimple.info\/?p=2831"},"modified":"2024-10-19T03:05:54","modified_gmt":"2024-10-19T01:05:54","slug":"how-to-add-google-recaptcha-to-exchange-web-access-and-protect-from-brute-force-attacks","status":"publish","type":"post","link":"https:\/\/itsimple.info\/?p=2831","title":{"rendered":"How To Add Google reCAPTCHA To Exchange Web Access and Protect from brute force attacks"},"content":{"rendered":"\n<p>To create a Google reCAPTCHA site and integrate it into Exchange Server OWA\/ECP, go through the below steps:<\/p>\n\n\n\n<p>First create a new Google reCAPTCHA site. Once we have the reCAPTCHA keys, we can integrate them into Exchange Server.<\/p>\n\n\n\n<p>Sign in to <a href=\"https:\/\/www.google.com\/recaptcha\/admin\/create\" target=\"_blank\" rel=\"noreferrer noopener\">Google reCAPTCHA<\/a> and fill in the below details:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Label:<\/strong> &lt;Your Project Name><\/li>\n\n\n\n<li><strong>reCAPTCHA type:<\/strong> reCAPTCHA v2 \u2013 \u201cI\u2019m not a robot\u201d tickbox<\/li>\n\n\n\n<li><strong>Domains:<\/strong> (your Exchange URL) &lt;example.com><\/li>\n<\/ul>\n\n\n\n<p>Check both the checkboxes:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Accept the reCAPTCHA Terms of Service<\/li>\n\n\n\n<li>Send alerts to owners<\/li>\n<\/ul>\n\n\n\n<p>Click on <strong>Submit<\/strong>.<\/p>\n\n\n\n<p>Now you have 2 keys : 1. site key   2. secret key<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-1 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"737\" height=\"506\" data-id=\"2832\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_Keys.png\" alt=\"\" class=\"wp-image-2832\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_Keys.png 737w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_Keys-300x206.png 300w\" sizes=\"auto, (max-width: 737px) 100vw, 737px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>now in your exchange server browse to folder :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">C:\\Program Files\\Microsoft\\Exchange Server\\V15\\FrontEnd\\HttpProxy\\owa\\auth<\/pre>\n\n\n\n<p>Create a new file with <strong>Notepad<\/strong> with the name <strong>recaptcha.aspx<\/strong> in that folder<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"734\" height=\"358\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File1.png\" alt=\"\" class=\"wp-image-2833\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File1.png 734w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File1-300x146.png 300w\" sizes=\"auto, (max-width: 734px) 100vw, 734px\" \/><\/figure>\n\n\n\n<p>edit with notepad and copy this code into it :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;% @ Page AspCompat=True Language = \"VB\" %><br>&lt;%<br>Dim strPrivateKey As String = \"SECRET_KEY\"<br>Dim strResponse = Request(\"response\")<br>Dim objWinHTTP As Object<br>objWinHTTP = Server.CreateObject(\"WinHTTP.WinHTTPRequest.5.1\")<br>objWinHTTP.Open(\"POST\", \"https:\/\/www.google.com\/recaptcha\/api\/siteverify\", False)<br>objWinHTTP.SetRequestHeader(\"Content-type\", \"application\/x-www-form-urlencoded\")<br>Dim strData As String = \"secret=\" &amp; strPrivateKey &amp; \"&amp;response=\" &amp; strResponse<br>objWinHTTP.Send(strData)<br>Dim strResponseText = objWinHTTP.ResponseText<br>Response.Write(strResponseText)<br>%><\/pre>\n\n\n\n<p>Replace &#8220;SECRET_KEY&#8221; (3rd line) with the key you have create before .<\/p>\n\n\n\n<p>Now we need to configure the Exchange login page to use reCaptcha . First create a backup file, just in case&#8230; :<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-2 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"920\" height=\"466\" data-id=\"2835\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File3.png\" alt=\"\" class=\"wp-image-2835\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File3.png 920w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File3-300x152.png 300w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File3-768x389.png 768w\" sizes=\"auto, (max-width: 920px) 100vw, 920px\" \/><\/figure>\n<\/figure>\n\n\n\n<p><strong>Note:<\/strong> The file <em>logon.aspx<\/em> will be rewritten to its original state when you <a href=\"https:\/\/www.alitajran.com\/install-exchange-cumulative-update\/\">install Exchange Server CU<\/a>. So write down in your manual to replace the file after the CU and test that the Google reCAPTCHA works.<\/p>\n\n\n\n<p>Look for <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;form action=\"\/owa\/auth.owa\"<\/pre>\n\n\n\n<p>Change this to (leave the rest of the line untouched):<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;form action=\"\"<\/pre>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-3 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"739\" height=\"590\" data-id=\"2836\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File4.png\" alt=\"\" class=\"wp-image-2836\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File4.png 739w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File4-300x240.png 300w\" sizes=\"auto, (max-width: 739px) 100vw, 739px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Then in the file find :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;div onclick=\"clkLgn()\"<\/pre>\n\n\n\n<p>Change this to :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;div onclick=\"myClkLgn()\"<\/pre>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"735\" height=\"590\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File5.png\" alt=\"\" class=\"wp-image-2837\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File5.png 735w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File5-300x241.png 300w\" sizes=\"auto, (max-width: 735px) 100vw, 735px\" \/><\/figure>\n\n\n\n<p>Now the Tricky part, you need to add the script in the right place, next look for :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;div>&lt;input id=\"passwordText\"<\/pre>\n\n\n\n<p>And create few empty line, like this :<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-4 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"739\" height=\"589\" data-id=\"2838\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File6.png\" alt=\"\" class=\"wp-image-2838\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File6.png 739w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File6-300x239.png 300w\" sizes=\"auto, (max-width: 739px) 100vw, 739px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Now copy this text in this empty lines leaving one line above and one below :<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">&lt;script type=\"text\/javascript\"><br>function myClkLgn()<br>{<br>var oReq = new XMLHttpRequest();<br>var sResponse = document.getElementById(\"g-recaptcha-response\").value;<br>var sData = \"response=\" + sResponse;<br>oReq.open(\"GET\", \"\/owa\/auth\/recaptcha.aspx?\" + sData, false);<br>oReq.send(sData);<br>if (oReq.responseText.indexOf(\"true\") != -1)<br>{<br>document.forms[0].action = \"\/owa\/auth.owa\";<br>clkLgn();<br>}<br>else<br>{<br>alert(\"Invalid CAPTCHA response\");<br>}<br>}<br>&lt;\/script><br>&lt;script src=\"https:\/\/www.google.com\/recaptcha\/api.js\" async defer>&lt;\/script><br>&lt;div class=\"g-recaptcha\" data-sitekey=\"SITE_KEY\">&lt;\/div><\/pre>\n\n\n\n<p>Replace &#8220;<strong>SITE_KEY<\/strong>&#8221; with the one you got from google<\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-5 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"740\" height=\"588\" data-id=\"2839\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File7.png\" alt=\"\" class=\"wp-image-2839\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File7.png 740w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File7-300x238.png 300w\" sizes=\"auto, (max-width: 740px) 100vw, 740px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>Save the file ! That&#8217;s IT !!! the captcha should be visible immediately (After refreshing the page)<\/p>\n\n\n\n<p>  <\/p>\n\n\n\n<figure class=\"wp-block-gallery has-nested-images columns-default is-cropped wp-block-gallery-6 is-layout-flex wp-block-gallery-is-layout-flex\">\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"738\" height=\"509\" data-id=\"2840\" src=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File8.png\" alt=\"\" class=\"wp-image-2840\" srcset=\"https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File8.png 738w, https:\/\/itsimple.info\/wp-content\/uploads\/2024\/10\/Captcha_File8-300x207.png 300w\" sizes=\"auto, (max-width: 738px) 100vw, 738px\" \/><\/figure>\n<\/figure>\n\n\n\n<p>If this is not that case try restart the IIS by executing on command prompt as administrator<\/p>\n\n\n\n<p> <\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">iisreset<\/pre>\n\n\n\n<p>make sure you are not confused with the keys <\/p>\n\n\n\n<figure class=\"wp-block-pullquote has-vivid-green-cyan-color has-text-color has-link-color has-large-font-size wp-elements-913a8d28a4fab8f1d7b7023910a23e04\"><blockquote><p>Good Luck<\/p><\/blockquote><\/figure>\n","protected":false},"excerpt":{"rendered":"<p>To create a Google reCAPTCHA site and integrate it into Exchange Server OWA\/ECP, go through the below steps: First create a new Google reCAPTCHA site. Once we have the reCAPTCHA keys, we can integrate them into Exchange Server. Sign in to Google reCAPTCHA and fill in the below details: Check both the checkboxes: Click on [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9,22,4,12],"tags":[],"class_list":["post-2831","post","type-post","status-publish","format-standard","hentry","category-microsoft-exchange-2016","category-security","category-tech","category-tutorials"],"_links":{"self":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/2831","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2831"}],"version-history":[{"count":2,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/2831\/revisions"}],"predecessor-version":[{"id":2843,"href":"https:\/\/itsimple.info\/index.php?rest_route=\/wp\/v2\/posts\/2831\/revisions\/2843"}],"wp:attachment":[{"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2831"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2831"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itsimple.info\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2831"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}