Imunify360’s firewall, tightly integrated with the WAF, can stop the majority of web application attacks even before they start, but of course, we want to make sure that valid visitors can always reach your website.
We use an advanced Google reCaptcha system (or you can enable the Invisible reCAPTCHA) as it dramatically reduces false positives and improves usability for ‘blocked’ visitors while making it harder for bots to bypass.
If a visitor violates the Imunify360 security rules, tries to enter the wrong password, for example, then Imunify360 automatically blocks the access to your server from their IP address, adding it to the Gray List. It will then redirect the visitor to the Captcha.
If the information requested is entered correctly, Imunify360 will promptly remove that visitor from the Gray List.
You can dramatically enhance the visitor experience by enabling the Invisible reCAPTCHA within the Imunify360 software. Just go to Settings tab -> General section, click the "Install Invisible CAPTCHA" button. Confirm the installation in the pop-up.
In a nutshell, the Invisible reCAPTCHA uses Google’s Advanced Risk Analysis technology and Artificial Intelligence to determine whether it is a human or not. For example, if a real person had tried to enter their password multiple times, then the user will be redirected to the destination page automatically, with just a few seconds delay, without an annoying validation screen.
Of course, security is still key, and when the Invisible reCAPTCHA detects bot-related requests, it will still trigger the CAPTCHA challenge. This will block the automated software from reaching the website or a page.
You can modify the footer, the header or the body of the CAPTCHA. You can also change the text of the Imunify360 CAPTCHA and update a localization text to support various languages. To learn more about modifying the template and how to localize it, read this documentation article.