In Laravel 7 / blade app using "albertcht/invisible-recaptcha": "^1.9" I added rule 'g-recaptcha-response' => 'required|captcha' to pages with common access as login, regsiter, contact_us and added captcha in for definition of all these forms, like:
<form method="POST" action="{{ route('login') }}" aria-label="{{ __('Login') }}">
{{ csrf_field() }}
@captcha('en')
Can I consider all these pages safe from externall attacks? Have I to take some additive steps? If yes, which ?
Thanks!
All captchas will protect your forms only from spam attacks.
There are also many other ways for attacking which you may consider other methods for protecting your forms.
But captcha (even invisible-recaptcha) will protect your forms from spammers.