What is Captcha

CAPTCHA is an acronym for "Completely Automatic Public Turing Test to Tell Computers and Humans Apart". It is a task, that human can easily solve, but computer not.

It is used as a challenge-response to ensure that the individual submitting information is a human and not an automated process. Typically, a captcha is used with form submissions where authenticated users are not necessary, but you want to prevent spam submissions.

What is Hooto Captcha

hcaptcha is a free, easy-to-use WebService helps enterprises to integrate Captcha into their own business systems. Similar to Google reCaptcha but can be customized and deployment to your private network.

Features

• High Security: using the distorted, bonding, dislocation and random word length, making it difficult to be dismantled, recognition by machine
• High Performance: Based on C/libevent/libgd/memcached, all levels of optimization, upto 500 Requests pre second in single-threaded (120x60 pixels)
• Local Deployment: Similar to Google reCaptcha but can deployment to private network
• Cluster Deployment： Support for large-scale network deployment LVS -> Hooto Captcha Cluster -> Memcached Cluster

Example

Architecture Design

LVS -> Hooto Captcha Cluster -> Memcached Cluster

Install

Debian 6.x

apt-get install gcc g++ libgd2-xpm-dev libevent-dev libmemcached-dev memcached git

CentOS 5.x/6.x

yum install gcc gcc-c++ gd-devel libevent-devel libmemcached-devel memcached git

Download/Make

git clone git://github.com/eryx/hcaptcha.git
cd hcaptcha
make
make insall

Start Server

/opt/hcaptcha/bin/hcaptchad -c /opt/hcaptcha/etc/hcaptchad.conf
Start hcaptcha/1.0.4 [OK]

Stop Server

killall hcaptchad
Signal(15) Stop hcaptcha/1.0.4 [OK]

Confirm the successful installation

http://127.0.0.1:9527/hcaptcha/api/image?hcaptcha_token=123&hcaptcha_opt=refresh

WebService API

Display a CAPTCHA image

• API Request
  URL
  http://127.0.0.1:9527/hcaptcha/api/image
  Parameters (sent via GET)

hcaptcha_token (required)	The random token created by client, Example: hcaptcha_token=abc123
hcaptcha_opt (optional)	Reload a new CAPTCHA image, Example: hcaptcha_opt=refresh

• API Response

  Content-Type:image/png binary data...

Verifying the User's Answer

After your page is successfully displaying CAPTCHA image, you need to configure your form to check whether the answers entered by the users are correct.

• API Requset
  URL
  http://127.0.0.1:9527/hcaptcha/api/verify
  Parameters (sent via GET)

hcaptcha_token (required)	required. The random token created by client
hcaptcha_word (required)	The User's Answer

• API Response
  The response from verify is a series of strings separated by "\n".
  To read the string, split the line and read each field.

Line 1	"true" or "false". True if the CAPTCHA was successful
Line 2	if Line 1 is false, then this string will be an error code. CAPTCHA can display the error to the user/client

Error Code Reference

hcaptcha currently returns the following error codes:

incorrect-hcaptcha-word	the user's answer was incorrect
invalid-request	the parameters of the verify was incorrect
hcaptcha-not-reachable	the hcaptcha service unavailable

Example

false
incorrect-captcha-word

Demo

http://ws.hooto.com/hcaptcha/api/image?hcaptcha_token=123&hcaptcha_opt=refresh

Reference

• http://www.captcha.ru/
• http://www.google.com/recaptcha/