CAPTCHA page is designed to block the botnet requests.

CAPTCHA page have to be located behind the VAS Experts DPI¹⁾ and the service 10 with security profile should be activated for this page. The base settings should be done in the profile, so the ddos_check_server and the ddos_security_key options should be specified. For simplicity, you can use the same profile as for the protected site.

In order to handle the numerous requests from attacking computers CAPTCHA page should be lightweight.

The UrlRedir parameter is passed to the page from the url of the protected site accessed by the user.

After the CAPTCHA test is passed the internal redirect to a CAPTCHA site with an encrypted parameter should be performed. It indicates to the DPI the test succeeded and it can be followed by the redirection to the targeted protected site using the UrlRedir parameter.

Successful completion of the CAPTCHA test indicates the site is visited by the human being. The servise 8 will be assigned to his IP address and activated automatically. After that the user can access the protected site without re-entering the CAPTCHA. Occasionally it makes sense to reset this service to prevent the infecting of previously secured computers.

The rules for security token creation and the CAPTCHA page pattern can be accessed through the our technical support center.