How To Configure BotDetect PHP CAPTCHA Options (BotDetect v3.0; deprecated)

BotDetect PHP Captcha allows detailed customization of many Captcha properties, both through the custom botdetect/CaptchaConfig.php configuration file and PHP form source code.

BotDetect CAPTCHA PHP Configuration Mechanisms

BotDetect Captcha properties can be set in several different ways, depending on the type of value you are customizing.

Captcha PHP Library Configuration File

When you copy the BotDetect PHP Captcha library to your PHP website folder, you can edit the botdetect/CaptchaConfig.php file. This file contains global BotDetect settings which apply to all Captcha object instances in the website.

This is the preferred method of Captcha configuration if you are only placing Captcha protection on one form in the PHP website, or you want Captcha instances on separate forms to all use the same settings.

For example, to set Captcha image style and code length, you would make the following changes in the botdetect/CaptchaConfig.php file:
// Captcha code configuration
// ---------------------------------------------------------
$LBD_CaptchaConfig->CodeLength = 4;
  
  ...
  
// Captcha image configuration
// ---------------------------------------------------------
$LBD_CaptchaConfig->ImageStyle = ImageStyle::Lego;

Captcha PHP Object Instance Properties

This option is suitable if you want to place Captcha protection on multiple forms in the same PHP website, but have them use different, mutually incompatible Captcha settings (for example, a Captcha code length of 6 for the registration form Captcha, and a Captcha code length of 3 for the comment form Captcha).

The use of this option should be carefully considered and used sparingly, as the parameter values set this way have to be persisted in PHP Session state. Besides consuming additional server memory for each visitor, this option is also less reliable than the global settings (since they won't apply to users with expired Sessions or disabled cookies).

For example, to set Captcha image style and code length, you would specify them in your PHP form code after the Captcha object has been initialized and before it's added to the page:
<?php // Adding BotDetect Captcha to the page 
  $SampleCaptcha = new Captcha('SampleCaptcha');
  $SampleCaptcha->UserInputID = 'CaptchaCode';
  $SampleCaptcha->CodeLength = 4;
  $SampleCaptcha->ImageStyle = ImageStyle::Lego;
  echo $SampleCaptcha->Html(); 
?>

Captcha Settings Randomization

Randomizing Captcha properties such as image style and code length significantly improves Captcha security, since any automated analysis first has to determine how many characters are in each generated Captcha image or sound, and which of the many obfuscation methods was used.

You can see this approach to BotDetect Captcha property setting implemented in the Captcha randomization code sample coming with the BotDetect download package.

Captcha properties can be randomized whether you are setting them in the BotDetect configuration file or object instance properties. The BotDetect PHP Captcha library includes the CaptchaRandomization helper, which you can use in your code:

// Captcha code length randomization
$LBD_CaptchaConfig->CodeLength =
  CaptchaRandomization::GetRandomCodeLength(4, 6);

// Captcha code style randomization: randomly use all possible code styles
$LBD_CaptchaConfig->CodeStyle = CaptchaRandomization::GetRandomCodeStyle();

// Captcha code style randomization, option 2: randomly choose from the given 
// set of code styles
/*$LBD_CaptchaConfig->CodeStyle = 
  CaptchaRandomization::GetRandomCodeStyle(
    array(CodeStyle::Numeric, CodeStyle::Alpha)
  );*/

// Captcha image style randomization, randomly choose from the given set of 
// image styles
$imageStyles = array(
  ImageStyle::Chipped, 
  ImageStyle::Negative, 
  ImageStyle::Radar, 
  ImageStyle::Fingerprints, 
  ImageStyle::Graffiti2, 
  ImageStyle::Bullets, 
  ImageStyle::Collage
);
$LBD_CaptchaConfig->ImageStyle = 
  CaptchaRandomization::GetRandomImageStyle($imageStyles);

As you can see, if you call the GetRandomCodeStyle and GetRandomImageStyle functions without parameters, all available values are used for randomization - and if you specify an array of possible values, only they will be used for random selection.

How to Use BotDetect Captcha Library Internationalization

BotDetect 3 supports Captcha localization, using character sets and sound pronunciation languages appropriate to the active locale setting. Locale strings can be set through the Locale property. For example, you can set the Captcha locale in the BotDetect configuration file:

$LBD_CaptchaConfig->Locale = 'fr-CA';

Alternatively, if you want to change the Captcha locale dynamically (for example, depending on the visitor's browser language setting, or user choice from a language dropdown you added to the page etc.), you can use the Captcha object's instance property:

<?php 
  $SampleCaptcha = new Captcha("SampleCaptcha");
  $SampleCaptcha->UserInputID = "CaptchaCode";
  // Set the Captcha object instance Locale to French
  $SampleCaptcha->Locale = 'fr-FR';
  echo $SampleCaptcha->Html(); 
?>

Locale strings can specify the language (for example en, ru, cmn, ...), charset (for example ja-Hira uses Japanese Hiragana characters, while ja-Kana uses Japanese Katakana characters) and country (for example en-US and en-GB differ in the pronunciation used).

For this to work, you have to choose a locale combination supported by BotDetect, and copy the appropriate pronunciation sound package to the lib/botdetect/Resources/Sounds subfolder of your BotDetect library copy.

If you use a right-to-left locale setting like Arabic or Hebrew, you should also set the appropriate text direction on the textbox element used for Captcha code retyping:

<input name="CaptchaCode" type="text" id="CaptchaCode" dir="rtl" />

BotDetect CAPTCHA Code Settings

BotDetect exposes a number of settings which affect the randomly generated Captcha codes.

CAPTCHA Code Style

Captcha code style can be set in the BotDetect configuration file or as an instance property.
$LBD_CaptchaConfig->CodeStyle = CodeStyle::Alpha;

CAPTCHA Code Length

Captcha code length can be set in the BotDetect configuration file or as an instance property.
$LBD_CaptchaConfig->CodeLength = 4;

Custom CAPTCHA Code Character Set

The character set used to generate BotDetect Captcha codes can also be customized, via the $LBD_CaptchaConfig->CustomCharset value. If you use this setting, any CodeStyle settings are ignored and all provided characters are used for random Captcha code generation.
$LBD_CaptchaConfig->CustomCharset = 'A,B,C,D,1,2,3';

CAPTCHA Code Timeout

Captcha codes can be set to expire after a user-defined period (in seconds):
$LBD_CaptchaConfig->CodeTimeout = 300;

This setting is usually paired with the auto-reloading setting.

Generated CAPTCHA Code Filtering

BotDetect also allows you to filter certain unwanted sequences from randomly generated Captcha codes. This is useful for keeping your Captchas free of swear words and other potentially undesirable values.

Since Captcha codes are generally short (usually between 3 and 8 characters long), it doesn't make sense to use a list of actual banned words, but simple "banned character sequences" which cover multiple undesirable values. For example, to prevent the random generator from using both "man" and "manners" in Captcha codes, it's enough to ban the "man" sequence.

$LBD_CaptchaConfig->BannedSequences = 'aa,bb,cc';

BotDetect CAPTCHA Image Settings

BotDetect exposes a number of settings which affect Captcha image generation.

CAPTCHA Image Style

It's best to randomize the BotDetect Captcha image style, since that option provides the highest Captcha image security. You can choose a set of image styles that will be used randomly:
$imageStyles = array(
  ImageStyle::Chipped, 
  ImageStyle::Negative, 
  ImageStyle::Radar, 
  ImageStyle::Fingerprints, 
  ImageStyle::Graffiti2, 
  ImageStyle::Bullets, 
  ImageStyle::Collage
);
$LBD_CaptchaConfig->ImageStyle = 
  CaptchaRandomization::GetRandomImageStyle($imageStyles);

CAPTCHA Image Size

BotDetect Captcha image size can be controlled by setting the ImageWidth and ImageHeight properties.
$LBD_CaptchaConfig->ImageWidth = 200;
$LBD_CaptchaConfig->ImageHeight = 50;

CAPTCHA Image Format

Since the Captcha image format won't change for different Captcha object instances, you can set it in the BotDetect PHP configuration file:
$LBD_CaptchaConfig->ImageFormat = ImageFormat::Png;

CAPTCHA Image Custom Color Scheme

BotDetect allows color scheme customization though two color points: a custom dark color and a custom light color. Since many Captcha drawing styles randomize the actual color used, the user-defined values are used as randomization starting points instead of absolute values.

Furthermore, since some drawing styles use light text on a dark background, while other draw dark text on a light background, text and background colors are not set directly, but are referred to as simply the "dark" and the "light" color. This allows you to randomize the image drawing style, for example, and still keep a consistent color scheme adjusted to your website design.

The color are specified as Html color values, so you can use both predefined color names and custom color hex values. For example, you would use:
$LBD_CaptchaConfig->CustomDarkColor = 'SeaGreen';
$LBD_CaptchaConfig->CustomLightColor = '#9966FF';

CAPTCHA Image Tooltip

This setting can be used to control the the Captcha image alt text:
$LBD_CaptchaConfig->ImageTooltip = 'CAPTCHA';

BotDetect Audio CAPTCHA Sound Settings

BotDetect exposes a number of settings which affect audio Captcha sound generation.

Audio CAPTCHA Sound Style

BotDetect Captcha sound style is best randomized for highest audio Captcha sound security. You can choose a set of sound styles that will randomly be used:
$soundStyles = array(
  SoundStyle::Dispatch, 
  SoundStyle::RedAlert, 
  SoundStyle::Synth
);

$LBD_CaptchaConfig->SoundStyle = 
  CaptchaRandomization::GetRandomSoundStyle($soundStyles);

Audio CAPTCHA Sound Format

Since the audio Captcha sound format won't change for different Captcha object instances, you can set it in the BotDetect PHP configuration file:
$LBD_CaptchaConfig->SoundFormat = SoundFormat::WavPcm16bit8kHzMono;

Disabling Audio CAPTCHA

Audio Captcha can be disabled entirely in the BotDetect PHP configuration file:
$LBD_CaptchaConfig->SoundEnabled = false;

Audio CAPTCHA Sound Package Settings

Settings related to BotDetect sound packages apply to the whole application, and can be changed in the BotDetect PHP configuration file.

Missing Sound Package Behavior

When BotDetect can not find the pronunciation sound package required for the current locale settings, a warning is displayed by default. This helps during development and deployment, so you don't mistakenly forget to copy the needed files.

However, this warning is not meant for site visitors, so if you didn't copy a particular sound package because you don't want to support audio Captcha sounds in that language, you can disable the warning (and the sound icon for such locales) by specifying:
$LBD_CaptchaConfig->WarnAboutMissingSoundPackages = false;

Audio CAPTCHA Icon

BotDetect allows you to use a custom sound icon, which can be specified as an application-relative or an absolute Url. The default icon size is 22 x 22 pixels. You can specify your own sound icon tooltip as well:
$LBD_CaptchaConfig->SoundIconUrl = 'custom_sound_icon.gif';
$LBD_CaptchaConfig->SoundTooltip = 'Speak the CAPTCHA code';

Audio CAPTCHA Sound Start Delay

BotDetect allows you to set the starting delay of audio Captcha JavaScript playback (in milliseconds). This can be useful for improving usability of the Captcha audio for blind people using JAWS or similar readers, which will read the label associated with the Captcha code textbox and start sound playback simultaneously when the sound icon is activated. Setting this delay to e.g. 2000 (2 seconds) will give the user time to hear both the pronounced label and the Captcha sound clearly:

L$LBD_CaptchaConfig->SoundStartDelay = 2000;

Audio CAPTCHA Sound Regeneration Mode

How will multiple consecutive requests for audio Captcha with the same Captcha code ("sound regeneration") be handled by BotDetect - a trade-off of security, usability, and storage requirements.

$LBD_CaptchaConfig->SoundRegenerationMode = SoundRegenerationMode::Limited;
Sound Regeneration Mode None Limited Unlimited
Security ★★★★★ ★★★★☆ ★☆☆☆☆
Usability ★★★★★ ★★★★☆ ★★★★★
Storage Requirements ★★★★★ ★☆☆☆☆ ★☆☆☆☆

Sound Regeneration Mode "None"

Generate only one sound response per Captcha code, cache it on the server, and serve it for all consecutive sound requests.

  • High security: Comparative analysis of multiple sounds is impossible since only one sound response exists per Captcha code.
  • High usability: Works consistently across all browsers, regardless of their Html5 audio support and without depending on JavaScript functionality.
  • High storage requirements: The generated sound bytes must be stored in Session state, consuming server memory or other storage medium for each Captcha code requested as Captcha audio.

Sound Regeneration Mode "Limited"

Allow generation of a limited number of different sound responses (the minimum required to make Captcha audio work in all supported client browsers and devices), and automatically change the Captcha code on the client for consecutive sound requests if needed and possible.

  • Good security: Comparative analysis of multiple sounds is severely hampered, since the small number of sound responses available does not provide enough information to seriously undermine Captcha security.
  • Good usability: Since Captcha sound will only be served a small number of times for the same Captcha code (returning an error after the limit has been hit), observed behavior depends on client browser capabilities:
    • Modern Html5 Wav audio compatible browsers will always replay the same sound on consecutive sound icon clicks, without requesting a regenerated sound from the server.
    • Older browsers without support for client-side audio replay must detect consecutive sound icon clicks that might trigger the sound regeneration limit on the server and automatically change the Captcha code (by reloading the Captcha image) to ensure sound will play properly. For each sound icon click after the first one, the Captcha image will be changed before audio is played.
    • Browsers without JavaScript capability (and bots) will have to reload the form to get a new Captcha code to make the sound work again after the regeneration limit had been hit.
  • Low storage requirements: Generated sound responses don't need to be stored on the server.

Sound Regeneration Mode "Unlimited"

Each audio request will generate a new Captcha sound response (previous BotDetect version behavior).

  • Low security: Comparative analysis of multiple sounds for the same Captcha code allows for higher accuracy of automated recognition.
  • High usability: Works consistently across all browsers, regardless of their Html5 audio support and without depending on JavaScript functionality.
  • Low storage requirements: Generated sound responses don't need to be stored on the server.

Considerations

BotDetect defaults to limited sound regeneration as the most reasonable overall trade-off. At user discretion, higher security and usability can be achieved at the cost of significant amounts of server-side storage space. Unlimited sound regeneration is not recommended due to low security, but is left as an option for backwards-compatibility.

BotDetect CAPTCHA Reloading Settings

BotDetect exposes a number of settings which affect Captcha reloading behavior.

Disabling CAPTCHA Reloading

Captcha reloading can be disabled entirely in the BotDetect PHP configuration file:
$LBD_CaptchaConfig->ReloadEnabled = false;

CAPTCHA Reload Icon & Tooltip

The icon used for BotDetect Captcha reloading is located in the botdetect/public folder of the Captcha library. In case you want to use a different icon, you can either:

  • Modify or replace the lbd_reload_icon.gif file
  • Change the BotDetect Url configuration to point to a different icon at the Url of your choice

Keep in mind that the icon is 22x22 px large by default, and that icons of other sizes might result in layout issues (which you can resolve by making CSS adjustments).

BotDetect also allows you to customize the reload icon tooltip:

$LBD_CaptchaConfig->ReloadTooltip = 'Change the CAPTCHA code';

CAPTCHA Automatic Reloading

Captcha images are automatically reloaded when the Captcha code expires, but only within a certain interval from their first generation.

This allows you to have a short Captcha code timeout (e.g. 5 minutes) to narrow the window of opportunity for Captcha reusing on other sites or human-solver-powered bots, and actual visitors can still fill out your form at their own pace and without rushing (since the Captcha image will be reloaded automatically when it is no longer valid).

Since we don't want infinite sessions when the user leaves the form open in a background browser tab over the weekend (for example), you should also set a reasonable upper limit on the auto-reload period (e.g. 2 hours = 7200 seconds).
$LBD_CaptchaConfig->AutoReloadExpiredCaptchas = true;
$LBD_CaptchaConfig->AutoReloadTimeout = 7200;

BotDetect CAPTCHA Web Settings

BotDetect exposes a number of settings which affect the Captcha Html markup, client-side behavior, and Http behavior.

CAPTCHA User Input Processing

The Captcha user input textbox client ID should be registered for each Captcha instance in your PHP forms:
$SampleCaptcha = new Captcha('SampleCaptcha');
$SampleCaptcha->UserInputID = 'CaptchaCode';
Several client-side behaviors are enabled by default when this is done, which can optionally be disabled in the BotDetect PHP configuration file:
$LBD_CaptchaConfig->AutoFocusInput = true;
$LBD_CaptchaConfig->AutoClearInput = true;
$LBD_CaptchaConfig->AutoUppercaseInput = true;

AutoUppercase

Anything the users type in the input textbox will be lowercased on the fly, since Captcha validation is not and should not be case-sensitive. This is a small usability improvement that helps communicate that fact to the users clearly.

AutoClear

The input textbox will be cleared on all Reload icon clicks and auto-reloads, since any previous input in the textbox will be invalidated by Captcha reloading. This is a small usability improvement that helps users avoid having to delete the previous input themselves.

AutoFocus

The input textbox will be assigned focus on all Captcha Sound and Captcha Reload icon clicks, allowing the users to more easily type in the code as they hear it or as the new image loads. This does not apply to auto-reloading of expired Captchas, since the user might be filling out another field on the form when the auto-reload starts and shouldn't be distracted.

The Captcha markup can include a link to a Captcha help page. The help link is added to Captcha image markup, so its settings are placed next to Captcha image ones:
$LBD_CaptchaConfig->HelpLinkEnabled = true;
$LBD_CaptchaConfig->HelpLinkMode = HelpLinkMode::Text;
$LBD_CaptchaConfig->HelpLinkUrl = 'captcha.html';
$LBD_CaptchaConfig->HelpLinkText = '';

The help link can be controlled with four settings: Enabled, Mode, Url and Text.

Help Link Enabled

The help link is turned on by default, and this settings allows disabling it completely ($LBD_CaptchaConfig->HelpLinkEnabled = false). Please note that this setting is ignored in the free version of BotDetect.

Help Link Mode

There are two modes of rendering the Captcha help link available:

  1. HelpLinkMode::Image: the Captcha image is a link to the help page; clicking the Captcha image opens the help page in a new browser tab. This mode takes less space, but can lead to accidental clicks (particularly by mobile visitors).
  2. HelpLinkMode::Text: a text link to the help page is rendered in the bottom 10 px of the Captcha image. This mode makes the Captcha help link more explicit, but reduces the effective height of Captcha images by 10px. If this makes the Captcha images less readable, you can compensate by increasing the Captcha image height.

Help Link Url

The Captcha help link points to the defined help page, which can be set as an absolute or relative Url of the page. Please note that this setting is ignored in the free version of BotDetect.

Help Link Text

The text used in the Captcha help link, added to the text link or as the tooltip of the image link (depending on the help link mode used). If it's left empty, the default (image width-dependent) text is used. Please note that the text set needs to contain at least 4 non-whitespace characters in the free version of BotDetect.

CAPTCHA Tabindexes

You can set the starting tabindex used for Captcha Html elements through a Captcha object instance property:
$SampleCaptcha = new Captcha('SampleCaptcha');
$SampleCaptcha->TabIndex = 12;

The keyboard-selectable Captcha markup elements are: the Captcha reload icon, the Captcha sound icon, and (only in the free version of BotDetect) the BotDetect website link.

Depending on your settings (is Captcha reloading enabled, are Captcha sounds enabled) and the version of BotDetect you are using (free or paid), the next available tabindex on the page can be from 0 to 3 greater than this value.

To disable tabbing over Captcha elements in most browsers, set the TabIndex property to -1:

$SampleCaptcha->TabIndex = -1;

CAPTCHA Icon Layout

By default, BotDetect tries to adjust the built-in icons to the Captcha image height, switching to smaller (17 x 17 px) icons if the image is less than 50 pixels tall, and displaying the icons horizontally instead of vertically if the image is less than 40 pixels tall.

You can override this default behavior using several Captcha object instance properties:

  • Setting UseSmallIcons allows you to control whether BotDetect uses the smaller built-in icons.
  • Setting UseHorizontalIcons allows you to control whether BotDetect displays the icons one next to the other (instead of one below the other).
$SampleCaptcha->UseSmallIcons = true;
$SampleCaptcha->UseHorizontalIcons = true;

CAPTCHA Remote Script Configuration

By default, BotDetect also adds a remote JavaScript include (remote.captcha.com/include.js) loaded from the captcha.com server, which is currently used only for stats, but is planned to develop into additional Captcha functionality. This include can be disabled in BotDetect configuration:

$LBD_CaptchaConfig->RemoteScriptEnabled = false;

Please note that this setting is ignored in the free version of BotDetect.

CAPTCHA CSS Styles

Default BotDetect CSS declarations can be found in the botdetect/public/lbd_layout.css stylesheet included from the Captcha library folder copied to your PHP website. If you want to expand or modify the CSS style declarations used, you can simply edit the deployed stylesheet.

CAPTCHA Url Configuration

BotDetect Urls by default point to the botdetect.php include file as Captcha image/sound/validation request handler, and static resources located in the botdetect/public folder of the Captcha library.

// Captcha URL configuration
// ---------------------------------------------------------------------------
$LBD_CaptchaConfig->HandlerUrl = 'botdetect.php';
$LBD_CaptchaConfig->ReloadIconUrl = LBD_URL_ROOT . 'lbd_reload_icon.gif';
$LBD_CaptchaConfig->SoundIconUrl = LBD_URL_ROOT . 'lbd_sound_icon.gif';
$LBD_CaptchaConfig->LayoutStylesheetUrl = LBD_URL_ROOT . 'lbd_layout.css';
$LBD_CaptchaConfig->ScriptIncludeUrl = LBD_URL_ROOT . 'lbd_scripts.js';

If you need to implement a custom handler for Captcha requests (for example, to conform to conventions of a MVC framework), you can change the base Url of Captcha image/sound/validation requests through the HandlerUrl config property.

Static BotDetect resources (icons, client-script lib, stylesheet) are referenced by Urls that can be changed as well. In case you're just moving the contents of the botdetect/public folder to a different location, you should change the $LBD_Url_Root value at the top of the botdetect.php include file (which will be propagated to the configuration file as the LBD_URL_ROOT constant) and leave CaptchaConfig.php Urls as they are.

However, in case you want to change individual Urls (for example, use custom Captcha sound and reload icons and load them from a CDN), the above configuration properties can be used to control Urls embedded in BotDetect markup.

CAPTCHA Persistence Configuration

By default, BotDetect uses PHP session storage to persist Captcha codes and other Captcha data.

In case you want to use a different storage medium for Captcha data in your website (e.g. a database), you can customize the persistance functions used by BotDetect code defining three functions implementing core persistence operations (Save, Load, and Clear) in your medium of choice and specifying their names in BotDetect configuration:

// Captcha persistence configuration
// ---------------------------------------------------------------------------
$LBD_CaptchaConfig->SaveFunctionName = 'PHP_Session_Save';
$LBD_CaptchaConfig->LoadFunctionName = 'PHP_Session_Load';
$LBD_CaptchaConfig->ClearFunctionName = 'PHP_Session_Clear';

Your custom functions should behave the same as the default Session persistence functions defined in BotDetect code:

function PHP_Session_Save($p_Key, $p_Value) {
  // save the given value with the given string key
  $_SESSION[$p_Key] = serialize($p_Value);
}

function PHP_Session_Load($p_Key) {
  // load persisted value for the given string key
  if (isset($_SESSION) && array_key_exists($p_Key, $_SESSION)) {
    return unserialize($_SESSION[$p_Key]); // NOTE: returns false in case of 
    failure
  }
}

function PHP_Session_Clear($p_Key) {
  // clear persisted value for the given string key
  if (isset($_SESSION) && array_key_exists($p_Key, $_SESSION)) {
    unset($_SESSION[$p_Key]);
  }
}

Please note that BotDetect code calls these functions when the Captcha generation & validation workflow requires it, and doesn't know the details of the underlying persistence medium. Due to the nature of the data stored (Captcha codes & similar), the persistence medium should be visitor-specific and automatically cleared when a "visit" ends (just like PHP Sessions are).

In your implementation, you should take care that data is kept separate for different visitors (so any Captcha code can be validated only by the same visitor that caused it to be generated in the first place – otherwise you'd reduce Captcha security), and cleared when appopriate (if you just save Captcha data in a Session-like SQL database but never clear it, the database will grow in size infinitely!).

CAPTCHA Client-Side Events

BotDetect includes a custom client-side event system, allowing you to specify your own client-side handlers for certain BotDetect actions.

For example, you would add your handler to the BotDetect.PostReloadImage client-side event by using:
BotDetect.RegisterCustomHandler('PostReloadImage',
  function() {
    // your code goes here
  }
);

Please Note

The information on this page is out of date and applies to a deprecated version of BotDetect™ CAPTCHA (v3.0).

An up-to-date equivalent page for the latest BotDetect Captcha release (v4) is BotDetect v4 Captcha documentation index.

General information about the major improvements in the current BotDetect release can be found at the What's New in BotDetect v4.0 page.