I was having problems with security warnings when I enabled recaptcha. I use mod_rewrite with apache2 to force ssl on some of my pages (like registration and ucp). I do not know if other server configurations suffer from this.

I fixed it by editing the recaptcha plugin file that comes with 3.0.6 phpbb_recaptcha_plugin.php

On line 30: I changed it from setting $recaptcha_server to the url and just initialized the variable instead.

Then in the init function around line 44ish I added:

$this->recaptcha_server = $_SERVER['HTTPS'] ? 'https://api-secure.recaptcha.net' : 'http://api.recaptcha.net';

It is working for me. May not be the best solution but I think the plugin module should detect if the page is being requested over https or http and act accordingly.

Here is a snippit:

class phpbb_recaptcha extends phpbb_default_captcha
{
var $recaptcha_server;
var $recaptcha_verify_server = 'api-verify.recaptcha.net';
var $challenge;
var $response;

function init($type)

{ global $config, $db, $user; $user->add_lang('captcha_recaptcha'); parent::init($type); $this->challenge = request_var('recaptcha_challenge_field', ''); $this->response = request_var('recaptcha_response_field', ''); //set recaptcha url if https here instead of as a constant up top $this->recaptcha_server = $_SERVER['HTTPS'] ? 'https://api-secure.recaptcha.net' : 'http://api.recaptcha.net'; }