ReCaptcha never gets a correct validation

[nosy79]

I am using rcguard to protect the roundcube installation.

All works but unfortunatelly if a user solves a capture the user is still not allowed to login. The only chance for a user that got a capture is to wait until the expire time is through.

Do you have any idea what could be wrong or how I could troubleshoot? My versions are Roundcube 1.1 and rcguard with the latest checkout from the master branch. Unfortunatelly I dont find much in the error log or rcguard I only get:

[09-Oct-2015 12:59:59 +0200]: IMAP Error: Login failed for user from xxx. AUTHENTICATE PLAIN: Authentication failed. in /var/lib/roundcubemail-1.1.1/program/lib/Roundcube/rcube_imap.php on line 198 (POST /?_task=login?_task=login&_action=login)

[dennylin93]

Can you get confirmation that (1) the user is actually solving the CAPTCHA correctly and (2) the right password is being input? You can turn on logging by setting recaptcha_log to true in the config. This should tell you the result of CAPTCHAs.

[nosy79]

Thanks for your suggestions. I already have enabled the logging. There are no notices on wrong or right captures. To me its completely unclear which part of ReCaptcha is failing because there is nothing in the logs. Still the Captchas get displayed. I use the same API keys for ReCaptcha on my test system and in production. Do you think this could be a problem?

[dsoares]

Hi nosy79, Did you enabled both systems for that API key? Go to your ReCaptcha API Keys Management page at https://www.google.com/recaptcha/admin and verify the enabled sites for the key you are using.

[nosy79]

The funny thing is I only entered the name of the production system in the domains field.

[nosy79]

Do you have any idea how I could troubleshoot? Guess I will write some code...

[dsoares]

If you disable the rcguard plugin, the user can login? "IMAP Error: Login failed for user from xxx. AUTHENTICATE PLAIN: Authentication failed." seems like the pass is wrong...