CaptchaLaCaptchaLa
Migration guide

Migrate from hCaptcha to CaptchaLa

Drop-in replacement in under 10 minutes. Same form shape — faster widget, no image-classification rounds, and your traffic stays your traffic.

Sign up & grab a keyRead the comparison
hhCaptchaCurrent setup~10 minCaptchaLaDrop-in target

What the code change looks like

Before — hCaptcha
<div class="h-captcha" data-sitekey="YOUR_SITE_KEY"></div>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
After — CaptchaLa
<div class="captchala" data-app-key="YOUR_APP_KEY"></div>
<script src="https://cdn.captcha.la/v1/captchala.js" async defer></script>
Before — hCaptcha server verify (Node)
const res = await fetch('https://api.hcaptcha.com/siteverify', {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    secret: process.env.HCAPTCHA_SECRET,
    response: req.body['h-captcha-response'],
  }),
})
const data = await res.json()
if (!data.success) return res.status(400).json({ error: 'bot' })
After — CaptchaLa server verify (Node)
const res = await fetch('https://api.captcha.la/v1/verify', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    appSecret: process.env.CAPTCHALA_SECRET,
    token: req.body['captchala-token'],
  }),
})
const data = await res.json()
if (!data.success) return res.status(400).json({ error: 'bot' })

Migration steps

  1. 1

    Sign up & grab your App Key + Secret

    Create a free CaptchaLa account, add a site, and copy the App Key (public) and App Secret (server-side). No card required.

  2. 2

    Swap the widget tag

    Replace h-captcha class with captchala, data-sitekey with data-app-key, and the script src with our CDN URL. Structure stays identical.

  3. 3

    Update the hidden field name

    hCaptcha injects h-captcha-response; CaptchaLa injects captchala-token. Search-and-replace the field name in your form handler if you reference it by name.

  4. 4

    Update the server verify

    Change the endpoint to api.captcha.la/v1/verify. We use JSON (hCaptcha uses form-urlencoded), so update Content-Type and body. Success boolean still in the response — branching code stays.

  5. 5

    Roll out gradually

    Drop CaptchaLa on one form first, measure conversion and challenge rate for a few hours. Most teams see flat or improved completion immediately because image-classification rounds are gone.

Faster: use a plugin

WordPress + WooCommerce

Replace your hCaptcha WordPress plugin with the official CaptchaLa plugin. Covers login, registration, comments, WooCommerce, CF7, Gravity, WPForms in one install.

View integration →

Flarum

Replace your Flarum hCaptcha extension with the official CaptchaLa extension via Composer.

View integration →

Frequently asked questions

What happens to my hCaptcha account?

Nothing — leave it as-is and stop sending requests. There's no contract, no notification step. The account stays dormant. If you want to formally close it, hCaptcha has a self-serve account deletion option.

Will Core Web Vitals improve?

Usually yes. hCaptcha's widget typically adds 400–600ms to LCP on form pages. CaptchaLa's widget targets <100ms. The exact delta depends on your page's other budget, but on form-heavy pages the difference is noticeable.

What about hCaptcha Enterprise features I'm using?

Most enterprise features (custom themes, advanced risk scoring, analytics dashboards) have direct equivalents in CaptchaLa's standard plan. The migration page in the docs lists each feature and its CaptchaLa counterpart.