BotDetect ASP.NET MVC 1 CAPTCHA Integration Quickstart

1. Add a Reference to BotDetect

Run the following command in the Package Manager Console:

PM> Install-Package Captcha

After the command execution, the references to the BotDetect.dll, BotDetect.Web.Mvc.dll, and System.Data.SQLite.dll assemblies will be added to your project.

If your project is not going to be using the Simple API, the System.Data.SQLite.dll assembly reference can be safely removed from it.

2. Show a Captcha Challenge on the Form

In View code: import the BotDetect namespace, include BotDetect styles in page <head>, create a MvcCaptcha object and pass it to the Captcha HtmlHelper:

<%@ Import Namespace="BotDetect.Web.Mvc" %>


  <link href="<%: Url.Content("~/" + BotDetect.Web.CaptchaUrls.LayoutStyleSheetUrl) %>"
  rel="stylesheet" type="text/css" />

<% MvcCaptcha exampleCaptcha = new MvcCaptcha("ExampleCaptcha");
exampleCaptcha.UserInputID = "CaptchaCode"; %>
<%: Html.Captcha(exampleCaptcha) %>

Add the CaptchaCode property to Form's Model:

public string CaptchaCode { get; set; }

3. Check User Input During Form Submission

Mark the protected Controller action with the CaptchaValidationActionFilter attribute to include Captcha validation in ModelState.IsValid checks:

using BotDetect.Web.Mvc;


[CaptchaValidationActionFilter("CaptchaCode", "ExampleCaptcha", "Incorrect CAPTCHA code!")]
public ActionResult ExampleAction(ExampleModel model)
  if (!ModelState.IsValid)
    // TODO: Captcha validation failed, show error message
    // TODO: captcha validation succeeded; execute the protected action

    // Reset the captcha if your app's workflow continues with the same view

4. Configure Your ASP.NET Application

Exclude BotDetect paths from ASP.NET MVC Routing:

public static void RegisterRoutes(RouteCollection routes)

    // BotDetect requests must not be routed
      new { botdetect = @"(.*)BotDetectCaptcha\.ashx" });

Update your application configuration (the web.config file):

    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests -->
    <add verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>
  <!-- make sure Session State is enabled -->
  <pages enableSessionState="true">
      <add namespace="System.Web.Mvc" />
      <add namespace="System.Web.Mvc.Ajax" />
      <add namespace="System.Web.Mvc.Html" />
      <add namespace="System.Web.Routing" />
      <!-- add BotDetect namespaces for coding convenience -->
      <add namespace="BotDetect"/>
      <add namespace="BotDetect.Web"/>
      <add namespace="BotDetect.Web.UI"/>
      <add namespace="BotDetect.Web.Mvc"/>
  <!-- Register a custom SessionIDManager for BotDetect Captcha 
    requests -->
  <sessionState mode="InProc" cookieless="AutoDetect" timeout="20"
    sessionIDManagerType="BotDetect.Web.CustomSessionIdManager, BotDetect"/>
  <validation validateIntegratedModeConfiguration="false"/>
    <!-- Register the HttpHandler used for BotDetect Captcha 
      requests (IIS 7.0+) -->
    <remove name="BotDetectCaptchaHandler"/>
    <add name="BotDetectCaptchaHandler" preCondition="integratedMode"
      verb="GET" path="BotDetectCaptcha.ashx"
      type="BotDetect.Web.CaptchaHandler, BotDetect"/>

In-Depth ASP.NET MVC CAPTCHA Instructions and Explanations

Detailed ASP.NET MVC Captcha instructions and explanations can be found in the ASP.NET MVC Captcha integration how to guide.

Other BotDetect ASP.NET CAPTCHA Quickstarts


ASP.NET Web Pages Basic CAPTCHA.