3.1.2 Friendly Captcha Setup

🛡️ Friendly Captcha Setup (ShieldsGuard)

📖 Overview

ShieldsGuard allows full integration with Friendly Captcha, a modern, privacy-friendly CAPTCHA solution. Once integrated, Friendly Captcha can be used as a challenge mechanism within the DDoS Protection module to block automated threats without disrupting legitimate users.

🔐 Unlike traditional CAPTCHA methods, Friendly Captcha offers a user-friendly experience with high resilience against bots and headless browsers.

🧭 Step-by-Step Integration Guide

1️⃣ Create a Friendly Captcha Account

  1. Go to: https://friendlycaptcha.com

  2. Register for an account (free or paid plan)

  1. After login, navigate to the Dashboard

  2. Click on “Create New Application”

  1. Name your application and define the domain (e.g., yourdomain.com)

  2. After creation, you’ll receive:

    • 🔐 Secret Key

    • 🌐 Site Key

2️⃣ Log into ShieldsGuard Panel

  1. Open your ShieldsGuard admin panel

  2. Navigate to: Protection > DDoS Protection

3️⃣ Open Friendly Captcha Configuration

Scroll to the Friendly Captcha section.

Click on the 🔴 Set Key button:

This opens a modal titled Edit Friendly Captcha Key.

4️⃣ Enter Friendly Captcha Keys

In the popup window:

  • Paste your Secret Key in the first field

  • Paste your Site Key in the second field

  • Choose your Endpoint Region from the dropdown (e.g., EU Endpoint, US Endpoint)

  • Click 🔐 Save

✅ Keys are now saved and the system is ready for use.

5️⃣ Enable Friendly Captcha in DDoS Protection Mode

⚠️ Captcha setup is not complete until it’s activated under protection logic.

  1. Go back to Protection > DDoS Protection

  2. Under DDoS Automatic Protection, set:

    • Status = Automatic Protection or Friendly Captcha

    • Protection Type = Friendly Captcha

  3. Configure your desired:

    • Trigger Threshold (requests/sec)

    • Protection Duration

    • IP Limit Rules

  4. Save all changes

🧪 Testing the Integration

To test if Friendly Captcha is active:

  • Simulate rapid browsing or bot-like behavior (multiple refreshes)

  • You should be presented with a Friendly Captcha challenge instead of being blocked directly

This ensures human users are verified with minimal friction.

💡 Best Practices

Area
Tip

Privacy

Friendly Captcha is GDPR-compliant and doesn't use tracking cookies

Performance

Lightweight and ideal for mobile and low-bandwidth environments

Custom Domains

Add both domain.com and www.domain.com to your Friendly Captcha project

Abuse Detection

Combine with IP Reputation and Request Rate in ShieldsGuard

🎯 Friendly Captcha integration offers the perfect balance of strong bot defense and seamless user experience — especially valuable in public login portals, DDoS-prone environments, and signup forms.

Previous3.1.1 Google Recaptcha SetupNext3.2 WAF – Web Application Firewall

Last updated