What is Captcha
CAPTCHA is an acronym for "Completely Automatic Public Turing Test to Tell Computers and Humans Apart". It is a task, that human can easily solve, but computer not.
It is used as a challenge-response to ensure that the individual submitting information is a human and not an automated process. Typically, a captcha is used with form submissions where authenticated users are not necessary, but you want to prevent spam submissions.
What is Hooto Captcha
hcaptcha is a free, easy-to-use WebService helps enterprises to integrate Captcha into their own business systems. Similar to Google reCaptcha but can be customized and deployment to your private network.
Features
- High Security: using the distorted, bonding, dislocation and random word length, making it difficult to be dismantled, recognition by machine
- High Performance: Based on C/libevent/libgd/memcached, all levels of optimization, upto 500 Requests pre second in single-threaded (120x60 pixels)
- Local Deployment: Similar to Google reCaptcha but can deployment to private network
- Cluster Deployment: Support for large-scale network deployment
LVS -> Hooto Captcha Cluster -> Memcached Cluster
Example
Architecture Design
LVS -> Hooto Captcha Cluster -> Memcached Cluster
Install
Debian 6.x
apt-get install gcc g++ libgd2-xpm-dev libevent-dev libmemcached-dev memcached git
CentOS 5.x/6.x
yum install gcc gcc-c++ gd-devel libevent-devel libmemcached-devel memcached git
Download/Make
git clone git://github.com/eryx/hcaptcha.git
cd hcaptcha
make
make insall
Start Server
/opt/hcaptcha/bin/hcaptchad -c /opt/hcaptcha/etc/hcaptchad.conf
Start hcaptcha/1.0.4 [OK]
Stop Server
killall hcaptchad
Signal(15) Stop hcaptcha/1.0.4 [OK]
Confirm the successful installation
http://127.0.0.1:9527/hcaptcha/api/image?hcaptcha_token=123&hcaptcha_opt=refresh
WebService API
Display a CAPTCHA image
- API Request
URL
http://127.0.0.1:9527/hcaptcha/api/image
Parameters (sent via GET)
hcaptcha_token (required) | The random token created by client, Example: hcaptcha_token=abc123 |
hcaptcha_opt (optional) | Reload a new CAPTCHA image, Example: hcaptcha_opt=refresh |
-
API Response
Content-Type:image/png binary data...
Verifying the User's Answer
After your page is successfully displaying CAPTCHA image, you need to configure your form to check whether the answers entered by the users are correct.
- API Requset
URL
http://127.0.0.1:9527/hcaptcha/api/verify
Parameters (sent via GET)
hcaptcha_token (required) | required. The random token created by client |
hcaptcha_word (required) | The User's Answer |
- API Response
The response from verify is a series of strings separated by "\n".
To read the string, split the line and read each field.
Line 1 | "true" or "false". True if the CAPTCHA was successful |
Line 2 | if Line 1 is false, then this string will be an error code. CAPTCHA can display the error to the user/client |
Error Code Reference
hcaptcha currently returns the following error codes:
incorrect-hcaptcha-word | the user's answer was incorrect |
invalid-request | the parameters of the verify was incorrect |
hcaptcha-not-reachable | the hcaptcha service unavailable |
false
incorrect-captcha-word
Demo
http://ws.hooto.com/hcaptcha/api/image?hcaptcha_token=123&hcaptcha_opt=refresh