---
title: Google reCAPTCHA Genel Bakis
title_en: Google reCAPTCHA Overview
description_tr: Guncel CMS panelinden Google reCAPTCHA ayarlarini yonetme, Site Key ve Secret Key ile korumayi kaydetme akisi.
description_en: Configure Google reCAPTCHA from the current CMS security panel, manage site and secret keys, and save protection changes.
order: 30
product: cms
section_tr: Security
section_en: Security
owner: CMS Operations Team
lastReviewed: 2026-04-01
productVersion: v1
status: live
cardImage: /img/cms/security/google-recaptcha/cms-security-recaptcha-poster.webp
---
# Google reCAPTCHA Overview

Use `Security > Google reCAPTCHA` to enable or disable reCAPTCHA protection across the website.

<video src="/video/cms-security-recaptcha.mp4"></video>

## Current Panel Overview

The page shown in the video contains:

- `reCAPTCHA Protection` toggle
- `Site Key`
- `Secret Key`
- `Save Configuration`
- setup notes and Google reCAPTCHA guidance links

## Fields and What to Enter

- `Site Key`: paste the public site key generated in Google reCAPTCHA Admin Console
- `Secret Key`: paste the private secret key generated for the same domain and same reCAPTCHA setup

Important:
- `Site Key` and `Secret Key` must be generated from the same Google reCAPTCHA project.
- The configured domain in Google Admin Console must match your production website domain.
- Use the key pair for the exact reCAPTCHA type expected by your frontend implementation.

## Configure and Apply reCAPTCHA

1. Open `Security > Google reCAPTCHA`.
2. Turn the protection toggle `ON`.
3. Enter:
- `Site Key`
- `Secret Key`
4. Click `Save Configuration`.
5. Verify the protected flow on the website after saving.

To disable protection, switch the toggle `OFF` and save again.

## How to Generate Site Key and Secret Key

- Admin Console: `https://www.google.com/recaptcha/admin`

1. Open reCAPTCHA Admin Console.
2. Create a new site or select an existing one.
3. Select the reCAPTCHA type required by your project.
4. Add the correct production domain.
5. Generate the keys.
6. Copy the `Site Key` and `Secret Key` into the CMS panel.
7. Enable protection and save.

## Best Practices

- Keep `Secret Key` private and never expose it on frontend pages.
- Use correct domain mapping in Google console to avoid verification failure.
- Verify reCAPTCHA behavior after enabling on the actual website flow.
- If issues occur, disable the toggle temporarily and recheck key and domain setup.

## Notes

- `Site Key` is used in frontend integration.
- `Secret Key` is used server-side to validate reCAPTCHA responses.