BotDetect ASP.NET & ASP.NET Core CAPTCHA Generator

BotDetect CAPTCHA works in China -- and it does not stalk you around! Read more...

CAPTCHA Generator Features:

Quickstarts:

BotDetect ASP.NET Captcha generator allows you to easily add Captcha protection to various types of ASP.NET based forms.

We'll use default Captcha generator settings; to see how powerful and customizable BotDetect is, check the BotDetect features demo.

Use THIS nuget in:

  • ASP.NET applications running on the legacy .NET (non-Core) Frameworks
  • ASP.NET Core applications running on the .NET Core Frameworks

1. Add CAPTCHA NuGet Package

  • Open the NuGet Package Manager.

    BotDetect ASP.NET Core Add Nuget Package
  • Choose nuget.org package source and search for CAPTCHA.

    BotDetect ASP.NET Core Nuget Package Description

2. Configure Your ASP.NET Application

Open Startup.cs and update it in the way demonstrated in the following:

  • Locate the ConfigureServices method
    public void ConfigureServices(IServiceCollection services)
    {
      services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
      services.AddMemoryCache(); // Adds a default in-memory 
                             // implementation of 
                             // IDistributedCache
      // Add framework services.
      services.AddMvc();
      services.AddSession(options =>
      {
        options.IdleTimeout = TimeSpan.FromMinutes(20);
      });
    }
    
  • Locate the Configure method and add a call to app.UseCaptcha.

    public void Configure(IApplicationBuilder app, 
    IHostingEnvironment env, ILoggerFactory loggerFactory)
    {
      ...
      app.UseSession();
      //configure BotDetectCaptcha
      app.UseCaptcha(Configuration);
      ...
    }
    
  • Add @addTagHelper directive makes Tag Helpers available to the view. To expose BotDetect Captcha Tag Helper in your project, you would use the following in Views/_ViewImports.cshtml file:

    @using AspNetCoreWebApplicationExample
    @addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
    @addTagHelper "BotDetect.Web.Mvc.CaptchaTagHelper, BotDetect.Web.Mvc"
    

3. Show a Captcha Challenge on the Form

In View code: import the BotDetect namespace, include BotDetect styles in page <head>, create a MvcCaptcha object and pass it to the Captcha TagHelper:
@using BotDetect.Web.Mvc
[…]
@section header {
    <environment names="Development,Staging,Production">
        <link href="@BotDetect.Web.CaptchaUrls.Absolute.LayoutStyleSheetUrl"
              rel="stylesheet" type="text/css" />
[…]
}

[…]

<label asp-for="CaptchaCode">Retype the code from the picture:</label>
@{ var exampleCaptcha = new MvcCaptcha("ExampleCaptcha") 
{ UserInputID = "CaptchaCode" }; }
<captcha mvc-captcha="exampleCaptcha" />
<div class="actions">
  <input asp-for="CaptchaCode" />
  <input type="submit" value="Validate" />
  <span asp-validation-for="CaptchaCode"></span>
  @if (ViewContext.IsPost() && ViewData.ModelState.IsValid)
  {
    <span class="correct">Correct!</span>
  }
</div>

[…]

4. Check User Input During Form Submission

Mark the protected Controller action with the CaptchaValidation attribute to include Captcha validation in ModelState.IsValid checks:
using BotDetect.Web.Mvc;
  
  […]

[HttpPost]
[AllowAnonymous]
[CaptchaValidation("CaptchaCode", "ExampleCaptcha", "Incorrect CAPTCHA code!")]
public ActionResult ExampleAction(ExampleModel model)
{
    if (!ModelState.IsValid)
    {  
      // TODO: Captcha validation failed, show error message      
    }  
    else
    {  
      // TODO: Captcha validation passed, proceed with protected action  
	  MvcCaptcha.ResetCaptcha("ExampleCaptcha");
    }  

BotDetect ASP.NET CAPTCHA Free Version

You can download BotDetect ASP.NET CAPTCHA Control for free and use it immediately! Your ASP.NET forms can be protected from spam (and bots in general) in minutes.

Keep in mind that we offer basic email support for free to all BotDetect users. So if you need any assistance integrating BotDetect or have any questions or feedback, our Support department is at your disposal.

Once the BotDetect Captcha generator control has been integrated into your ASP.NET application and you're satisfied with how it works, it's easy to upgrade your license if you need the extra features and options offered by commercial BotDetect versions.

BotDetect ASP.NET Captcha Free Download

BotDetect ASP.NET CAPTCHA System Requirements

OS IIS .NET Browser

Supported Operating Systems:

  • Windows 2016 Server
  • Windows 10
  • Windows 2012 Server R2
  • Windows 2012 Server
  • Windows 8
  • Windows 2008 Server R2
  • Windows 7
  • Windows 2008 Server
  • Windows Vista
  • Windows 2003 Server
  • Windows XP
  • Windows 2000 Server
  • Windows 2000 Professional

Supported Internet Information Services:

  • IIS 10
  • IIS 8.5
  • IIS 8.0
  • IIS 7.5
  • IIS 7.0
  • IIS 6.0
  • IIS 5.1
  • IIS 5.0

Supported .NET Framework versions:

  • .NET Core 2.x
  • .NET Core 1.x
  • .NET 4.7
  • .NET 4.6
  • .NET 4.5
  • .NET 4.0
  • .NET 3.5
  • .NET 3.0
  • .NET 2.0

Officially Supported Browsers*:

  • Chrome 49+
  • Edge 20+
  • Firefox 52+
  • IE 8+
  • Opera 36+
  • Safari (OSX) 5+
  • Safari (iOS 6+)

Numerous other browsers are not officially supported but the captcha still works.

Read the notes below!

*

'Officially Supported Browsers' are those browsers for which we do the testing in order to ensure that both the image and audio captcha options are working properly.

Nonetheless, both the image and audio captcha options are working properly in the most of non-archaic ** browsers anyway -- officially-supported, or not -- while the image captcha option alone works in all of them!

If you find our 'Officially Supported Browsers' policy too-restrictive check Recaptcha the Stalker's one that says:

  • We support the two most recent major versions of the following:

    • desktop (Windows, Linux, Mac): Chrome, Firefox, Safari, IE

    • mobile: Chrome, Safari, Android native browser (4.0+)

We guess that after checking the Recaptcha's policy -- you will consider ours as the accommodative one :).

**

Archaic browsers?

At present, our 'Archaic Browsers' policy works this way:

  • Those last remaining few real humans still browsing around using the WinXP should update their browsers to the latest version that still works on the XP.

Or, in the less nice words:

  • If those last remaining few laggards cannot be bothered to update their browsers -- we cannot be bothered neither -- nor you should be!

  • Half of the Internet is broken for them since years ago anyway -- and they do not seem to care!