In cPGuard the Captcha protection works at the ModSec [ HTTP ] level to detect the bad traffic and redirect to the Captcha page. There are two cases where the visitor will be forwarded to the Captcha page
1. If the IP address exceeds the POST threshold:- If we detect an unusual amount of POST requests against WP/Joomla login page or XMLRPC, we will force the visitor to the Captcha page to ensure that the requester is not a bot. Once the Captcha is verified, the visitor's IP address will be whitelisted in the system. If the IP address continuous to send the traffic without verifying the Captcha, we will mark it as DoS attack and block the IP address in CSF if it is enabled.
2. If the IP address is listed in our central blacklist:- We analyze the traffic against certain URLs and constantly detect IP addresses sending traffic from web bot. From each server where cPGuard is installed, we collect such abusive IP addresses and add it to our central database with 30 days grace period. This list is shared across all the servers in the cPGuard network, which helps to prevent brute-force DDoS on the servers we protect. So whenever the traffic is received from an IP address which is marked as bad in our central database, the traffic will be redirected to verify Captcha to continue to the website.
How to turn ON/OFF Captcha:- You can turn ON/OFF Capctha protection from cPGuard >> Settings >> WAF page
How to select Captcha page locale:- Right now the Captcha page can display in 3 English, Spanish and Portuguese [ BR ]. You can select the language from cPGuard >> Settings >> WAF page
As always...please feel free to reach our support team if you need any further clarifications regarding this.