Forum Discussion

Shotterke's avatar
Shotterke
Copper Contributor
Jun 24, 2020
Solved

Exchange 2016 OWA - reCAPTCHA

I'm trying to implement reCAPTCHA on my Exchange 2016 OWA and ECP login page.

 

I followed this guide but I'm still unable to get this to work:

https://translate.google.com/translate?hl=en&sl=auto&tl=en&u=https%3A%2F%2Fwww.askasu.idv.tw%2Findex.php%2F2017%2F09%2F06%2F3816%2F

 

When I go to the login page using the DNS name (So using the domain I entered in reCAPTCHA) nothing shows up and I can login with just my username and password with no extra checks.

 

When I go the the IP address I get the error "ERROR for site owner:Invalid domain for site key" which is normal but it shows that the reCAPTCHA is there.

 

Has anybody else ever implement reCAPTCHA and give me some pointers or guides how they did it?

2016
Exchange Server
  • Shotterke's avatar
    Shotterke
    Jun 29, 2020

    Hi PvB91,

     

    We aren't using Azure so that won't work.

     

    I did some more testing during the weekend and decided to start from scratch and also reboot our mail servers. After that everything was working like it should.

     

     

5 Replies

  • Aska Su's avatar
    Aska Su
    Copper Contributor
    Oct 15, 2020

    Hi Shotterke 

     

    Please follow these to get reCAPTCHA key first, and make sure your FQDN for OWA has input to Google reCAPTCHA admin console

    https://wpforms.com/docs/setup-captcha-wpforms/

     

    And it will be great to use reCAPTCHA v3 for Exchange OWA by following this comment

    https://gist.github.com/msenturk/8a667e4f9703bbdf9b8ea9c43baad768#gistcomment-2988079

    • akazakevich's avatar
      akazakevich
      Copper Contributor
      Mar 15, 2021

      Aska Su 

      Unfortunately, page on GitHub give s Error 404 and is not alive.

      Have some info from other place or may be from your experience for using Google ReCaptcha v.3 on Exchange OWA 2013/2016/2019?

      Tried to use it but it's not working. Only recaptcha v.2 is working OK...

      • msenturk's avatar
        msenturk
        Copper Contributor
        Apr 08, 2021

        https://gist.github.com/msenturk/9f16155a92be6c560a2be4045fba9093

  • BemmelenPatrick's avatar
    BemmelenPatrick
    MCT
    Jun 25, 2020
    Hello Shotterke,

    I think you are trying to implement ReCAPTCHA because of security reasons?

    Wouldn't it be better to use Azure Application Proxy so you can use things like Conditional Access?
    I'm referring to a article created by Mike Parker:
    https://www.google.com/amp/s/mikeparker365.co.uk/2018/09/25/how-to-secure-exchange-2016-with-azure-ad-part-3-azure-application-proxy/amp/

    You can then even use SSO with Windows Authentication to have only one sign-in experience from the Microsoft Azure sign-in page.
    • Shotterke's avatar
      Shotterke
      Copper Contributor
      Jun 29, 2020

      Hi PvB91,

       

      We aren't using Azure so that won't work.

       

      I did some more testing during the weekend and decided to start from scratch and also reboot our mail servers. After that everything was working like it should.