Skip to content

[BETA!] captcha: NGINX Captcha Module

Installation

CentOS/RHEL 6, 7, 8 or Amazon Linux 2

yum -y install https://extras.getpagespeed.com/release-latest.rpm
yum -y install nginx-module-captcha

Enable the module by adding the following at the top of /etc/nginx/nginx.conf:

load_module modules/ngx_http_captcha_module.so;

This document describes nginx-module-captcha v0 released on Aug 23 2020.

Production stability is not guaranteed.


Example Configuration:

location =/captcha {
    captcha;
}
location =/login {
    set_form_input $csrf_form csrf;
    set_unescape_uri $csrf_unescape $csrf_form;
    set_form_input $captcha_form captcha;
    set_unescape_uri $captcha_unescape $captcha_form;
    set_md5 $captcha_md5 "secret${captcha_unescape}${csrf_unescape}";
    if ($captcha_md5 != $cookie_captcha) {
        # captcha invalid code
    }
}

Directives:

Syntax:  captcha;
Default: ——
Context: location

Enables generation of captcha image.


Syntax:  captcha_case on | off;
Default: off
Context: http, server, location

Enables/disables ignoring captcha case.


Syntax:  captcha_expire seconds;
Default: 3600
Context: http, server, location

Sets seconds before expiring captcha.


Syntax:  captcha_height pixels;
Default: 30
Context: http, server, location

Sets height of captcha image.


Syntax:  captcha_length characters;
Default: 4
Context: http, server, location

Sets length of captcha text.


Syntax:  captcha_size pixels;
Default: 20
Context: http, server, location

Sets size of captcha font.


Syntax:  captcha_width pixels;
Default: 130
Context: http, server, location

Sets width of captcha image.


Syntax:  captcha_charset string;
Default: abcdefghkmnprstuvwxyzABCDEFGHKMNPRSTUVWXYZ23456789
Context: http, server, location

Sets characters used in captcha text.


Syntax:  captcha_csrf string;
Default: csrf
Context: http, server, location

Sets name of csrf var of captcha.


Syntax:  captcha_font string;
Default: /usr/share/fonts/ttf-liberation/LiberationSans-Regular.ttf
Context: http, server, location

Sets font of captcha text.


Syntax:  captcha_name string;
Default: Captcha
Context: http, server, location

Sets name of captcha cookie.


Syntax:  captcha_secret string;
Default: secret
Context: http, server, location

Sets secret of captcha.

GitHub

You may find additional configuration tips and documentation for this module in the GitHub repository for nginx-module-captcha.