- Short Description
- Fully self-hosted CAPTCHA solution for WordPress with no external services or API keys. Protects against bot submissions using Slider CAPTCHA, Proof of Work, and Honeypot fields. Secure your login, registration, and comment forms.
A lightweight, fully self-hosted CAPTCHA solution for WordPress that requires **no external services, no AI, and no API keys**. It protects your site against automated bot submissions using three complementary mechanisms:
1. **Slider CAPTCHA** — The user drags a handle to a randomly positioned target zone. A server-side token confirms the action was performed legitimately.
2. **Proof of Work (PoW)** — The browser silently solves a SHA-256 hash puzzle in the background while the user interacts with the slider. Real users don't notice; bots pay a steep CPU cost to flood your forms.
3. **Honeypot field** — A hidden form field that bots fill in automatically, triggering an instant rejection.
### Protected forms
- **Login form** (`/wp-login.php`)
- **User registration form**
- **Comment form** (skipped for logged-in users)
1. **Slider CAPTCHA** — The user drags a handle to a randomly positioned target zone. A server-side token confirms the action was performed legitimately.
2. **Proof of Work (PoW)** — The browser silently solves a SHA-256 hash puzzle in the background while the user interacts with the slider. Real users don't notice; bots pay a steep CPU cost to flood your forms.
3. **Honeypot field** — A hidden form field that bots fill in automatically, triggering an instant rejection.
### Protected forms
- **Login form** (`/wp-login.php`)
- **User registration form**
- **Comment form** (skipped for logged-in users)
