Extension talk:ConfirmEdit

Jump to: navigation, search

About this board


User/Site verify not working - failing Google requirements

2601:646:8481:8584:79CE:D7E2:5C3E:8F9C (talkcontribs)

Env: MW 1.30.0 w/ included ConfirmEdit on a public facing site.

Google reCAPTCHA Dashboard warning: We detected that your site is verifying reCAPTCHA passed solutions less than 50% of the time. This could indicate a problem with your integration with reCAPTCHA. Please see our developer site for more information. (https://developers.google.com/recaptcha/docs/verify#api-request)

Doing some testing on my site it looks as though the extension is not sending the required POST to https://www.google.com/recaptcha/api/siteverify with the required values: secret and response nor with the optional value: remoteip (which was enabled in my environment)

Reply to "User/Site verify not working - failing Google requirements"

Incorrect or missing CAPTCHA

Summary by MarkAHershberger

Have you registered your site with reCaptcha?

Zeteticl (talkcontribs)

reCaptcha mode is correct but it will show nothing in NoCaptch mode, (no i am not robot box or similar) when i press,just have incorrect or missing CAPTCHA.

MarkAHershberger (talkcontribs)

Do you see any errors in your javascript console? Have you registered your site with reCaptcha?

Zeteticl (talkcontribs)

thank you. its fine now

Cant get ConfirmEdit to load

Summary by Epastore

Make sure you're editing the right LocalSettings.php file. Heh.

Epastore (talkcontribs)

Hi. I have tried a few configurations, but ConfirmEdit doesn't seem to load, and Captchas aren't appearing on new account registration. Here is my version page.

ConfirmEdit does not appear; and QuestyCaptcha shows with no version information.

I have tried these different configurations in LocalSettings.php:

wfLoadExtensions([ 'ConfirmEdit', 'ConfirmEdit/QuestyCaptcha' ]);


require_once "$IP/extensions/ConfirmEdit/ConfirmEdit.php";

require_once "$IP/extensions/ConfirmEdit/QuestyCaptcha.php";


wfLoadExtension([ 'ConfirmEdit' ]);

wfLoadExtension([ 'ConfirmEdit/QuestyCaptcha' ]);

On all three tries, my Version page looks the same. I also tried ConfirmEdit for MW 1.29 and 1.27. My MediaWiki version is 1.28.1.

Any ideas what I am missing?

Kghbln (talkcontribs)

The version for 1.28.1 should work with

wfLoadExtensions( [
$wgCaptchaClass = 'QuestyCaptcha';

QuestyCaptcha not showing a version is expected, ConfirmEdit not showing up at all is obviously not.

I assume that you downloaded the tarball for MW 1.28

Epastore (talkcontribs)

Thanks, Kghbin. I have now tried adding the wgCaptchaClass. I also tried a copy/paste of your syntax (with linebreaks) out of an abundance of caution. Still no change. I only see tarballs for 1.27 and 1.29 at Special:ExtensionDistributor/ConfirmEdit but I've tried both with the same result.

It seems really weird that my other extensions are appearing. And that Questy is showing but not ConfirmEdit. I keep looking over, well, everything; and can't see any problem in my config. (File permissions seem fine; no problem with capitalization; no missing files I can identify; etc.) Rrg. Any more ideas?

Kghbln (talkcontribs)

You can currently still download the version for MW 1.28 from GitHub. To tell you the truth: I have no further idea why it is not working for you. You recently changed the script path from "w" to "mw" however this should not really make a difference. You placed the stuff in /mw/extensions/ConfirmEdit, didn't you?

Epastore (talkcontribs)

Argh! I was just starting to figure that out; thank you. Another admin had done a major upgrade, and I did not realize he made a whole new install in a new directory. I was modifying the file in the w directory. Just was noticing that no changes to LocalSettings were working. D'oh!

Thank you for your help!

Ken Roy (talkcontribs)

I am in process of testing an upgrade to MW 1.27.3 with ConfirmEdit reCaptcha set to NoCaptch

Request Account screen shows following text

To help protect against automated account creation, please type the two words you see in the box below:

above the I am Not a Robot check box.

Above text appears to apply to reCaptcha v1. Where is it coming from? I cannot find it in the ConfirmAccount/i18n or in the ConfirmEdit/i18n en.json files

Ken Roy (talkcontribs)

OK, I found that message. It was a residual override to Special:AllMessages before the messages became json files. I have deleted it, but now the message displayed is the ConfirmEdit captcha-createaccount rather than the renocaptcha-createaccount

ConfirmEdit is loaded as follows

wfLoadExtensions([ 'ConfirmEdit', 'ConfirmEdit/ReCaptchaNoCaptcha' ]);

do I need to do anything else to get reCaptchNoCaptcha messages. The I am Not a Robot captcha is being displayed.

Reply to "Where is reCaptcha v2 text"
2003:6F:8B2A:CC00:C3F:355E:4C59:6938 (talkcontribs)

I embed images in $wgCaptchaQuestions, thus I need to configure them with HTML.

This worked in MW 1.25, but in broke in MW 1.27 (I see the plain HTML).

CyberXRef (talkcontribs)

We've just upgraded from 1.25 to 1.27 and ConfirmEdit/QuestyCaptcha is indeed broken. It no longer allows HTML in $wgCaptchaQuestions which is critical for proper operation for us.

Zoglun (talkcontribs)

Any update on using image with wgCaptchaQuestions? We use image questions, too. This error preventing us upgrade to MW1.27.

Hutchy68 (talkcontribs)
This worked in MW 1.25, but in broke in MW 1.27 (I see the plain HTML).

Yes, I see this too and it needs to be addressed. Do we need a tracker? I'll look now.

Added a bug report, task T169124

Reply to "Allow HTML in $wgCaptchaQuestions?"
2604:880:64:2B3:8000:0:0:1000 (talkcontribs)

Does nocaptcha still work with confirmedit for stopping spam? It shows up and works when I test it but, I am getting a huge influx of spam with it on? I am running 1.28.2 with ConfirmEdit 1.4.0 but just getting smashed by account creations and spam. (talkcontribs)

Same problem. Massive influx of new accounts and spam since the end of April. Was using noCAPTCHA for account creation only, then enabled it for every edit and page creation, but it continues. My only recourse has been to disable account creation and remove edit/create permissions for every group and create a new group to add known real people to.

2604:880:64:2B3:0:0:0:2 (talkcontribs)

Same issue, I turned off nocaptcha and switched to some new custom questy captcha and still getting a huge influx of account creation through. It must be some issue with mediawiki/confirmedit that they can bypass everything

MarkAHershberger (talkcontribs)

I'm using it with MW 1.27. (talkcontribs)

and it is working? or it isnt?

MarkAHershberger (talkcontribs)

Sorry. I should have said it is working.

MarkAHershberger (talkcontribs)

Just noticed that the specs say you have to be using https. If you don't have https, I recommend using letsencrypt.

MarkAHershberger (talkcontribs)

Just re-verified that it is working to stop logins. It shows up for ConfirmAccount, but the result is ignored.

2605:A000:1207:608C:DC2D:434F:7CCA:6C68 (talkcontribs)

I am forcing HTTPS, http is redirected

Reply to "recaptcha nocaptcha being bypassed?" (talkcontribs)

The captcha loads and works fine until you click Login.

When clicking Login I receive: CAPTCHA verification failed due to internal error: http

And nothing else. As it's not descriptive I'm at a loss on what to try.

Has anyone seens this happen before?

Florianschmidtwelzow (talkcontribs)

Probably you can't establish http connection to the outside world from your server. Do you use a hosting provider (webspace, e.g.) or do you have ssh access to your server? (talkcontribs)

Yup get the same error, after upgrading to 2.28 from my old 2.22 instance. Firewall is blocking nothing

L Andy (talkcontribs)

I'm getting the same error: "CAPTCHA verification failed due to internal error: http"

This is on MediaWiki 1.27. As with the poster above, the server can make outbound connections on HTTP and HTTPS. Anyone have any ideas?

L Andy (talkcontribs)

This was my resolution to the issue.

The "internal error: http" message means simply that ConfirmEdit failed to execute an http request against the Google servers, which could happen for a number of reasons. The MW and PHP logs don't seem to be helpful in determining why. If you save the following as a PHP script on your web site and browse to it, it will execute an http request, similar to how ConfirmEdit tries to do, and return the result of curl_error() which should give more detailed error information:

<title> cURL Test Script </title>

    if (!function_exists('curl_init'))
        print 'cURL not installed';
        $ch = curl_init($Url);
        curl_setopt($ch, CURLOPT_TIMEOUT, 10);

        if(curl_exec($ch)) { print 'OK';}
        else { print curl_error($ch);}

In my case, the error was "SSL certificate problem: unable to get local issuer certificate". It turns out this is because a default PHP install (at least on Windows) doesn't have access to any trusted root certificates, so can't validate SSL connections. The fix was to download a set of root certificates provided by the cURL project at https://curl.haxx.se/docs/caextract.html, and add the following to php.ini:

curl.cainfo = C:\SomeFolder\cacert.pem
Reply to "reCAPTCHA noCAPTCHA failing" (talkcontribs)

I have weird problem on a private wiki in my company. Placed a NoCaptcha on create account form using ConfirmEdit. Eveyrime people try to create an account with a correct captcha, they get 'Incorrect or missing CAPTCHA.' Is this a bug?

MarkAHershberger (talkcontribs)

Maybe it has something to do with trying to use NoCaptcha on a closed network? (talkcontribs)

Same issue on an open wiki. It used to work but now 'Incorrect or missing CAPTCHA.' comes up when editing pages...

MarkAHershberger (talkcontribs)

I suspect recent changes in Google's CAPTCHA are to blame. Here is a bug with a patch to try: Phab:T160262

Reply to "Correct NoCaptcha's won't get validated"
Invisible Bee (talkcontribs)


Would the module included work for the new Invisible reCAPTCHA?

Google documentation as follows:



MarkAHershberger (talkcontribs)

It looks like support would have to be added. To be sure, I've filed a phabricator task: https://phabricator.wikimedia.org/T160262

Reply to "Invisible reCAPTCHA support"

Fatal error when I try "Log in / create account"

Unikum~mediawikiwiki (talkcontribs)

I use trunk version of this extention and MW 1.18. When I click Log in / create account I recieave fatal error:

Fatal error: Call to undefined method WebRequest::getIP() in /srv/http/wiki/extensions/ConfirmEdit/Captcha.php on line 202

This post was posted by Unikum~mediawikiwiki, but signed as Unikum.

Subfader (talkcontribs)

Try the latest version of ConfirmEdit

Unikum~mediawikiwiki (talkcontribs)

I use trunk version from SVN (last update at 2011-12-17).

This post was posted by Unikum~mediawikiwiki, but signed as Unikum.

JonathanWilliford (talkcontribs)

You need to use the REL1_18 branch for both your main MW install and this extension. You can fix this by going to your ConfirmEdit directory and running:

svn switch http://svn.wikimedia.org/svnroot/mediawiki/branches/REL1_18/extensions/ConfirmEdit

Apparently, the change with getIP() hasn't been propagated to the REL1_18 branch.

Unikum~mediawikiwiki (talkcontribs)

Thanks for the tip.

This post was posted by Unikum~mediawikiwiki, but signed as Unikum.

Unikum~mediawikiwiki (talkcontribs)

Problem appears since r106097.

This post was posted by Unikum~mediawikiwiki, but signed as Unikum. (talkcontribs)

For MW 1.16.5 with r107316 I have solved this problem by changing

$wgRequest->getIP() to wfGetIP() (talkcontribs)

For MW 1.16.5 with r107316 I have solved this problem by changing

$wgRequest->getIP() to wfGetIP()

Platonides (talkcontribs)

You were using a very recent ConfirmEdit with an old MediaWiki.

Brted (talkcontribs)

I got this error when I installed 1.18.3 today. New MW, new ConfirmEdit. I fixed it by bringing over my old copy of captcha.php. That version uses wfGetIP() Brted (talk) 02:01, 29 April 2012 (UTC) (talkcontribs)

In my case it was Asirra that was causing the problem. I manually downloaded the latest version of that and overwrote the files in the ConfirmEdit directory with it. All works fine now. (talkcontribs)

In my case I just changed entire return string with just 'return 1;' becase this line just check bad login key case, so I chose to pass this needless process. It works also.

Reply to "Fatal error when I try "Log in / create account""