BotDetect CAPTCHA Crash Course (BotDetect v3.0; deprecated)

On this page we demonstrate how easy it is to integrate BotDetect Captcha in your forms.

We'll use default BotDetect settings; to see how powerful and customizable BotDetect is, check the BotDetect features demo.

1. Add a Reference to BotDetect

The BotDetect.dll assemby (and a sample project made by following these instructions, named "Basic CAPTCHA sample") is included in the BotDetect installation.

2. Show a Captcha Challenge on the Form

On the ASP.NET form you want to protect against bots, add:
<%@ Register Assembly="BotDetect" Namespace="BotDetect.Web.UI" 
  TagPrefix="BotDetect" %>
  
  […]
  
<BotDetect:Captcha ID="SampleCaptcha" runat="server" />
<asp:TextBox ID="CaptchaCodeTextBox" runat="server" />

3. Check User Input During Form Submission

When the form is submitted, the Captcha validation result must be checked:
if (IsPostBack)
{
    // validate the Captcha to check we're not dealing with a bot
    bool isHuman = SampleCaptcha.Validate(CaptchaCodeTextBox.Text);
    
    CaptchaCodeTextBox.Text = null; // clear previous user input

    if (!isHuman)
    {
      // TODO: Captcha validation failed, show error message  
    }
    else
    {
      // TODO: captcha validation succeeded; execute the protected action  
    }
}

4. Configure Your ASP.NET Application

Update your application configuration (the web.config file):
<system.web>
  <httpHandlers>
    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests -->
    <add verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>
  </httpHandlers>
  <!-- Register a custom SessionIDManager for BotDetect Captcha 
    requests -->
  <sessionState mode="InProc" cookieless="AutoDetect" timeout="20" 
    sessionIDManagerType="BotDetect.Web.CustomSessionIdManager, BotDetect"/> 
</system.web>
<system.webServer>
  <validation validateIntegratedModeConfiguration="false"/>
  <handlers>
    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests (IIS 7.0+) -->
    <remove name="BotDetectCaptchaHandler"/>
    <add name="BotDetectCaptchaHandler" preCondition="integratedMode" 
      verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>
  </handlers>
</system.webServer>

BotDetect CAPTCHA Options

To find more about configuring BotDetect and integrating it in various usage scenarios, please check the getting started with BotDetect Captcha page.

Please Note

The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).

An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.

General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.