php post recaptcha http-status-code-403 fsockopen

Google recaptcha API POST request giving 403 Forbidden Error

POST request giving forbidden error for below request.

Code from Google Code archive https://storage.googleapis.com/google-code-archive-downloads/v2/code.google.com/recaptcha/recaptcha-php-1.11.zip

Function Call as below

$response = _recaptcha_http_post (RECAPTCHA_VERIFY_SERVER, "/recaptcha/api/siteverify",
                                      array (
                                             'privatekey' => $privkey,
                                             'remoteip' => $remoteip,
                                             'response' => $response
                                             ) + $extra_params
                                      );

Function is Below

function _recaptcha_http_post($host, $path, $data, $port = 80) {

    $req = _recaptcha_qsencode ($data);

    $http_request  = "POST $path HTTP/1.0\r\n";
    $http_request .= "Host: $host\r\n";
    $http_request .= "Content-Type: application/x-www-form-urlencoded;\r\n";
    $http_request .= "Content-Length: " . strlen($req) . "\r\n";
    $http_request .= "User-Agent: reCAPTCHA/PHP\r\n";
    $http_request .= "\r\n";
    $http_request .= $req;

    echo "HTTP_Request - ";
    echo $http_request;

    $response = '';
    if( false == ( $fs = @fsockopen($host, $port, $errno, $errstr, 10) ) ) {
            die ('Could not open socket');
    }

    fwrite($fs, $http_request);

    while ( !feof($fs) )
            $response .= fgets($fs, 1160); // One TCP-IP packet
    fclose($fs);
    echo "HTTP_Response - ";
    echo $response;
    $response = explode("\r\n\r\n", $response, 2);


    return $response; }

Request and Response as Below

HTTP_Request = POST /recaptcha/api/siteverify HTTP/1.0 Host: www.google.com Content-Type: application/x-www-form-urlencoded; Content-Length: 418 User-Agent: reCAPTCHA/PHP privatekey=6LdWx7AUAAAAANcawRDmFaZ3mto2mR9BPxuO5Q7V&remoteip=91.75.176.244&response=03AOLTBLRSaTq0r_J2gVWzsmxtidDnGAIeIpfM8jga9qmMD9rfKFm-cymLoT6dWhJjAimn7RmPOx1IPTLoUeiAXS1m8qobI8Yk_kPtmPHRm17lxsFbOKMG6b5-nldm4sSNohW02zz9D0sDkymEnGWXej3bTczvv2ah1PePJCIBG-3Ae0IuJP2EwvD4AXtj5mFXZdomcBqe1zGLny4aiO6-KcRy73MRkvGLYxiWGd8BeV3wQvwTPJWhlsoAQjEtBqwFOnbc9ifeWGrMlXCkcXJRGJBsWUqKZ9VkqeKfs00O4RWN9TYDp7d1DGbQFdj7d5iUIpK4MIIRWJeE

HTTP_Response = HTTP/1.0 403 Forbidden Content-Type: text/html; charset=UTF-8 Date: Thu, 15 Aug 2019 07:30:28 GMT Expires: Thu, 15 Aug 2019 07:30:28 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Accept-Ranges: none Vary: Accept-Encoding

Solution

403 Error was due to outbound https connections blocked from the requesting server. When https connection is allowed in server settings. Error went away.

Used below code instead of reachability library.

function isValid() {try {

    $url = 'https://www.google.com/recaptcha/api/siteverify';
    $data = ['secret'   => 'YOUR SECRET KEY',
             'response' => $_POST['g-recaptcha-response'],
             'remoteip' => $_SERVER['REMOTE_ADDR']];

    $options = [
        'http' => [
            'header'  => "Content-type: application/x-www-form-urlencoded\r\n",
            'method'  => 'POST',
            'content' => http_build_query($data) 
        ]
    ];

    $context  = stream_context_create($options);
    $result = file_get_contents($url, false, $context);
    return json_decode($result)->success;
}
catch (Exception $e) {
    echo "Exception";
    return null;
}

}