BotDetect CAPTCHA Crash Course

On this page we demonstrate how easy it is to integrate BotDetect Captcha in your forms.

We'll use default BotDetect settings; to see how powerful and customizable BotDetect is, check the BotDetect features demo.

1. Add a Reference to BotDetect

The BotDetect.dll assemby (and a sample project made by following these instructions, named "Basic CAPTCHA sample") is included in the BotDetect installation.

2. Show a Captcha Challenge on the Form

On the ASP.NET form you want to protect against bots, add:
<%@ Register Assembly="BotDetect" Namespace="BotDetect.Web.UI" 
  TagPrefix="BotDetect" %>
  
  […]
  
<BotDetect:Captcha ID="SampleCaptcha" runat="server" />
<asp:TextBox ID="CaptchaCodeTextBox" runat="server" />

3. Check User Input During Form Submission

When the form is submitted, the Captcha validation result must be checked:
if (IsPostBack)
{
    // validate the Captcha to check we're not dealing with a bot
    bool isHuman = SampleCaptcha.Validate(CaptchaCodeTextBox.Text);
    
    CaptchaCodeTextBox.Text = null; // clear previous user input

    if (!isHuman)
    {
      // TODO: Captcha validation failed, show error message  
    }
    else
    {
      // TODO: Captcha validation passed, proceed with protected action  
    }
}

4. Configure Your ASP.NET Application

Update your application configuration (the web.config file):
<system.web>
  <httpHandlers>
    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests -->
    <add verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>
  </httpHandlers>
  <!-- Register a custom SessionIDManager for BotDetect Captcha 
    requests -->
  <sessionState mode="InProc" cookieless="AutoDetect" timeout="20" 
    sessionIDManagerType="BotDetect.Web.CustomSessionIdManager, BotDetect"/> 
</system.web>
<system.webServer>
  <validation validateIntegratedModeConfiguration="false"/>
  <handlers>
    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests (IIS 7.0+) -->
    <remove name="BotDetectCaptchaHandler"/>
    <add name="BotDetectCaptchaHandler" preCondition="integratedMode" 
      verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>
  </handlers>
</system.webServer>

BotDetect CAPTCHA Options

To find more about configuring BotDetect and integrating it in various usage scenarios, please check the getting started with BotDetect Captcha page.