Want to integrate hCaptcha on a site with PHP? It only takes a few seconds.
Step 1: Sign up on hCaptcha.com
You’ll need your “site key” and “secret” in order to proceed.
Step 2: Add hCaptcha to your site HTML.
B. Add this HTML code where you want to show the hCaptcha button, for example inside a login form. Remember to replace “your_site_key” with your actual site key!
Step 3: Validate the result on your backend server.
In order to confirm the user sent you a real passcode, and in order to get credited for the answer, you must check the result from your server while providing your secret.
The simplest way to do this with PHP is something like the following. Remember to replace “your_secret_key” with your actual secret!
if you prefer the cURL style, you could use:
We do not suggest using a GET request with URL parameters, like this:
As this may break now or in the future due to the length of the URL.
.. and you’re done!
Q: How do I know if it’s working?
A: You’ll see the “served” / “solved” / “verified” counters on your hCaptcha.com dashboard go up.
Served when captcha is being shown to users, solved when somebody solved the challenge and verified once you successfully send the hCaptcha token the user gave you to siteverify.
If you don’t see “verified” going up after making your backend call, make sure that you are sending the siteverify request correctly.
Q: How do I prevent the user from submitting a form to my server without a valid hCaptcha response?
Q: What does a complete PHP contact form example look like?
A: here’s a complete example. Put this in contact-form.php and add your secret and site key.