As part of our PCI DSS certification we were required to have an automated scan of the site to look for vulnerabilities. The only thing that has come up is that our IIS allows low encryption protocols SSLv3 and TLS1.0.
I have gone through the setup on the server and disabled the old ones that aren't supported any more and now the reCaptcha is failing saying the response isn't well formed. Is this a known bug?
I have currently taken the reCaptcha offline, but I am not happy about it!
Can you be a little more specific about the reCaptcha error? Is it just written to the page? Does it show or can you otherwise capture the response that it's talking about and share it with us? Is a more verbose error written to your site's system log?
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
