Shopware 5.3 introduced a brand new and more flexible captcha handling, which allows shop owners to configure captcha validation for more forms in the storefront. Before, only blog comments and article reviews could be secured with a captcha - now this applies to the customer registration and the newsletter registration. In addition to the old, regular captcha implementation, shop owners can now select between the following new validation methods for each shop or subshop individually.
The customer is asked to enter an alphanumerical string into a form field. This method provides solid security against automated bots but increases the customers hurdle filling out the form because of the additional field.
This solution adds an invisible field to the form that looks like a regular form field to a malicious spam bot. When the bot fills out the field, the captcha's validation fails. The advantage of this method is its significantly reduced intrusiveness on the customer.
The respective shop is not secured by any captcha and forms can be submitted without any validation.
All settings regarding captchas can be configured individually for each shop or subshop right from within the Shopware backend in the basic settings.
In Basic Settings > Frontend > Captcha', the following settings are available:
In Basic settings > Frontend > Login / Registration you can find the configuration what type of captcha validation should be used for the registration form.
In Basic settings > Additional settings > Newsletter you can configure what type of captcha validation should be used for the newsletter registration.
The new captcha component also allows developers to implement their own custom validation method. Have a look at the following DevDocs article where we explain how to integrate Google's ReCaptcha into Shopware.