Docs
FAQ

FAQ

Note

This is a technical FAQ. If you’re looking for product FAQ, click here .

API

Captcha widget does not load the puzzle

aka “Maximum number of attempts exceeded” error

Please check if you have an active subscription (or active trial period) in the Billing settings .

Verification requests fail, but I did everything correctly

We need request ID to tell the exact reason why your request was rejected.

Each request to Private Captcha API returns request ID, available in each integration as a method traceID() (or similar) of the response object (or in the exception object) or, if you’re using HTTP API directly, in the response header X-Trace-ID.

Please also check our status page to see if there’re any ongoing incidents.

HTTP 400/403 to all verification requests
Chances are, you’re not using a correct API key (e.g. you’re using a sitekey instead of API key, or your API key is expired or has invalid scope). Check our Getting Started guide.
Test solution passes verification for any sitekey

Test solution passes verification by design to enable testing.

Private Captcha verify API returns success and code fields and both fields should be used for verification, which is done in all integrations by using method OK() (or similar).

Additionally, you can specify sitekey argument with each /verify request which will cause success field to fail even without code check.

Check our security guide for details.

Can we proxy/CNAME the API endpoints without self-hosting?
Yes, please check the DNS Proxy docs.

Widget

‘Invisible’ mode does not stop bots
If you’re using auto mode for captcha widget together with “invisible” mode, this offers the least protection (only resource utilization cost). Check our security guide in the client section.
I want to use the same sitekey on multiple domains

This scenario is not possible as it compromises security of Private Captcha solution, not to mention inherent problems like “noisy neighbor” (load of one domain affects the other domains puzzle difficulty).

Private Captcha allows to have the same sitekey on multiple subdomains only (which is also not recommended for the same reasons).

Does WordPress integration support widget popup mode?
Currently widget only works in default mode, particularly for security reasons, but it is possible this will be available in future. Please contact support with your use-case.

Misc

Best practices for using Private Captcha during development

Create a separate property and set Allow localhost setting. Use a different sitekey and API key for prod.

Alternatively you can use a stub sitekey which always passes verification.

Is it possible to import domains in bulk to Private Captcha?
Yes, please check our Platform API docs.
Last updated on
Getting started