CaptchaLaCaptchaLa
本页仅提供英文版。 联系我们申请你的语言。
Migration guide

Migrate from hCaptcha to CaptchaLa

Drop-in replacement in under 10 minutes. Same form shape — faster widget, no image-classification rounds, and your traffic stays your traffic.

Sign up & grab a keyRead the comparison
hhCaptchaCurrent setup~10 minCaptchaLaDrop-in target

代码改动长这样

Before — hCaptcha
<div class="h-captcha" data-sitekey="YOUR_SITE_KEY"></div>
<script src="https://js.hcaptcha.com/1/api.js" async defer></script>
After — CaptchaLa
<button id="login-btn">Sign in</button>
<script src="https://cdn.captcha-cdn.net/captchala-loader.js"></script>
<script>
  loadCaptchala(() => Captchala.init({ appKey: 'YOUR_APP_KEY', action: 'login' })
    .onSuccess(res => onToken(res.token))
    .bindTo('#login-btn'));
</script>
Before — hCaptcha server verify (Node)
const res = await fetch('https://api.hcaptcha.com/siteverify', {
  method: 'POST',
  headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
  body: new URLSearchParams({
    secret: process.env.HCAPTCHA_SECRET,
    response: req.body['h-captcha-response'],
  }),
})
const data = await res.json()
if (!data.success) return res.status(400).json({ error: 'bot' })
After — CaptchaLa server verify (Node)
const res = await fetch('https://apiv1.captcha.la/v1/validate', {
  method: 'POST',
  headers: {
    'X-App-Key': process.env.CAPTCHALA_APP_KEY,
    'X-App-Secret': process.env.CAPTCHALA_APP_SECRET,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({ pass_token: req.body['captchala-token'] }),
})
const { data } = await res.json()
if (!data || !data.valid) return res.status(400).json({ error: 'bot' })

迁移步骤

  1. 1

    Sign up & grab your App Key + Secret

    Create a free CaptchaLa account, add a site, and copy the App Key (public) and App Secret (server-side). No card required.

  2. 2

    Swap the widget tag

    Replace h-captcha class with captchala, data-sitekey with data-app-key, and the script src with our CDN URL. Structure stays identical.

  3. 3

    Update the hidden field name

    hCaptcha injects h-captcha-response; CaptchaLa injects captchala-token. Search-and-replace the field name in your form handler if you reference it by name.

  4. 4

    Update the server verify

    Change the endpoint to apiv1.captcha.la/v1/validate. We use JSON (hCaptcha uses form-urlencoded), so update Content-Type and body. Valid flag (data.valid) still in the response — branching code stays.

  5. 5

    Roll out gradually

    Drop CaptchaLa on one form first, measure conversion and challenge rate for a few hours. Most teams see flat or improved completion immediately because image-classification rounds are gone.

更快:用插件

WordPress + WooCommerce

Replace your hCaptcha WordPress plugin with the official CaptchaLa plugin. Covers login, registration, comments, WooCommerce, CF7, Gravity, WPForms in one install.

View integration →

Flarum

Replace your Flarum hCaptcha extension with the official CaptchaLa extension via Composer.

View integration →

常见问题

What happens to my hCaptcha account?

Nothing — leave it as-is and stop sending requests. There's no contract, no notification step. The account stays dormant. If you want to formally close it, hCaptcha has a self-serve account deletion option.

Will Core Web Vitals improve?

Usually yes. hCaptcha's widget typically adds 400–600ms to LCP on form pages. CaptchaLa's widget targets <100ms. The exact delta depends on your page's other budget, but on form-heavy pages the difference is noticeable.

What about hCaptcha Enterprise features I'm using?

Most enterprise features (custom themes, advanced risk scoring, analytics dashboards) have direct equivalents in CaptchaLa's standard plan. The migration page in the docs lists each feature and its CaptchaLa counterpart.