This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

reCAPTCHA quota seems wrong

Posted on 04-02-2024 08:06 AM
Kally1
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I received the following email about my recaptcha quota :

Summary: You are receiving this email because your site key exceeded the free assessments limit in reCAPTCHA V2 or V3. Please use our new migration path to upgrade to reCAPTCHA Enterprise so you can have unlimited assessments for your site key.

Thank you for being a reCAPTCHA user. Your site key is currently using reCAPTCHA over the quota limit of 1 million calls per month. If you do not migrate to reCAPTCHA Enterprise, within 30 days following this notice, your site key will not protect your webpage after 1 million calls per month.

If a site key exceeds 1000 calls per second, then some requests may not be processed. If a V3 site key exceeds 1 million calls per month, then the site might return a static score of 0.9 and an error message that says `"over free quota."` for the remainder of the month. If a V2 site key exceeds its monthly quota, then the following or a similar message may be displayed to your customers in the reCAPTCHA widget for the remainder of the month: `This site is exceeding reCAPTCHA quota.`

I currently use a V2 invisible recaptcha. The site key is used on one website for the domain mycompany.b2clogin.com. 
I believe my quota usage is wrong since it's only showing ~60K request in the last months on my dashboard.
I think the recaptcha quota consider *.b2clogin.com, which isn't my domain, but one used by many Azure B2C clients.
The solution proposed is to upgrade to enterprise, which I don't want to because I don't want to pay for the 2m+ recaptcha usage which aren't my users.

What should I do in that case ?

0 4 403
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
chhamilton
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

reCAPTCHA engineer here. Sorry for the slow reply!

So, this is due to that website not being on the "(URL Removed by Staff)", which is a record of domains where subdomains actually have different owners and should be treated as distinct sites. Obviously that system is not perfect, so we can override that logic internally. We've made a change in our own quota logic so that each mycompany.b2clogin.com will now be treated as a distinct site with its own quota, so you should no longer be receiving these emails. Thanks for reaching out!

Cheers,

Chris

Posted on --/--/---- --:-- AM
yashsana121
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

I received the following email about my recaptcha quota :

Summary: You are receiving this email because your site key exceeded the free assessments limit in reCAPTCHA V2 or V3. Please use our new migration path to upgrade to reCAPTCHA Enterprise so you can have unlimited assessments for your site key.

Thank you for being a reCAPTCHA user. Your site key is currently using reCAPTCHA over the quota limit of 1 million calls per month. If you do not migrate to reCAPTCHA Enterprise, within 30 days following this notice, your site key will not protect your webpage after 1 million calls per month.

If a site key exceeds 1000 calls per second, then some requests may not be processed. If a V3 site key exceeds 1 million calls per month, then the site might return a static score of 0.9 and an error message that says `"over free quota."` for the remainder of the month. If a V2 site key exceeds its monthly quota, then the following or a similar message may be displayed to your customers in the reCAPTCHA widget for the remainder of the month: `This site is exceeding reCAPTCHA quota.`

I currently use a V3 invisible recaptcha. The site key is used on one website for the domain primaryconnect.my.salesforce-sites.com
I believe my quota usage is wrong since it's only showing ~139K request in the last months on my dashboard.
I think the recaptcha quota consider *.my.salesforce-sites.com, which isn't my domain.
The solution proposed is to upgrade to enterprise, which I don't want to because I don't want to pay for the 2m+ recaptcha usage which aren't my users.

What should I do in that case ?

0 Likes

Posted on --/--/---- --:-- AM
chhamilton
Bronze 1
Bronze 1
In response to yashsana121
Reply posted on --/--/---- --:-- AM

There are a couple things to unpack here:

(1) The sytem that generates over-quota notifications tries to detect traffic to a single domain that has been split across multiple site keys, so in some cases the numbers it calculates are a worse case outcome. In this case, we are mistakenly attributing traffic for other sites to you in the email you are receiving. We can make changes to our pipeline so that *.my.salesforce-sites.com are treated as seperate domains instead of a single domain, which will fix the email notifications.

(2) What actually happens when you add a billing instrument is a little bit orthogonal. You will only be billed for traffic to your site keys that are associated with your billing instrument, and not for traffic to site keys that don't have billing instruments. So the email may sound a little scary but rest assured you'll only be billed for your own traffic when you add a billing instrument.

We'll see what we can do to make the over quota warning emails and subsequent billing behavior more clear. Thanks for the feedback.

0 Likes

Posted on --/--/---- --:-- AM
yashsana121
Bronze 1
Bronze 1
In response to chhamilton
Reply posted on --/--/---- --:-- AM

@chhamilton please confirm that it will not cause any issue with current Recaptch configuration for primaryconnect.my.salesforce-sites.com

0 Likes