Configure hCaptcha

hCaptcha is a privacy-preserving security service that helps protect your website's contact forms and other interactive elements from bots and spam. It verifies that a user is human without compromising their personal data.

Follow these steps to set up your free hCaptcha account and get your API keys:

To get started with hCaptcha, you'll need to register for an account:

• Navigate to the hCaptcha website: Go to <https://www.hcaptcha.com/pricing>
• Choose a plan: Select the "Basic (Free)" plan, which is typically free for most personal and small business use cases.
• Complete the registration: Provide your email address and create a password. You may need to verify your email.

Once your account is created and you're logged into the hCaptcha dashboard, you can add your website:

• Add a new site: <https://dashboard.hcaptcha.com/sites/new>
• Enter site details:
  • Site Name: Provide a descriptive name for your website (e.g., "My Website Contact Form").
  • Domains: Enter your website's domain name (e.g., yourwebsite.com).
  • Settings: You can adjust other settings like difficulty, look, and security features (defaults are fine).

• Retrieve your keys: After saving your site, hCaptcha will provide you with two essential keys:
  • Site Key (Public Key): This key is publicly visible on your website and you get it at <https://dashboard.hcaptcha.com/sites>.
  • Secret Key (Private Key): This key must be kept confidential and is available at <https://dashboard.hcaptcha.com/settings/secrets>.

Once you have your Site Key and Secret Key, you will need to add them to your application .env file:

HCAPTCHA_SITEKEY="..."
HCAPTCHA_SECRET="..."

Now, the contact form is protected againt bot and spam attacks.