### Run Sentinel Installation Script Source: https://altcha.org/docs/v2/sentinel/install/docker-compose Download and execute the installation script on your Ubuntu 24.04 server. This script handles package updates, Docker setup, user creation, firewall configuration, and Fail2ban installation. ```bash bash <(curl -s https://raw.githubusercontent.com/altcha-org/sentinel-install-scripts/main/install-ubuntu-24-04.sh) ``` -------------------------------- ### Install Altcha Sentinel with Default Settings Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Install the Altcha Sentinel chart using default configuration values. ```bash helm install altcha-sentinel altcha-org/sentinel ``` -------------------------------- ### Nuxt Setup for ALTCHA Widget Source: https://altcha.org/docs/v2/migration/widget-v2 Configure ALTCHA in a Nuxt application using the Composition API with a script setup block. This example includes importing 'altcha' and declaring the 'altcha-widget' component globally. ```html ``` -------------------------------- ### Switch to Altcha User and Start Sentinel Source: https://altcha.org/docs/v2/sentinel/install/docker-compose Switch to the dedicated 'altcha' user and navigate to the installation directory to start Sentinel. The default password is 'altcha123'. ```bash su - altcha ``` ```bash cd ~/altcha ./start.sh ``` -------------------------------- ### Install ALTCHA Package Source: https://altcha.org/docs/v2/how-to/captcha-react-example Commands to install the ALTCHA library using npm or yarn. ```bash npm install altcha ``` ```bash yarn add altcha ``` -------------------------------- ### Install Altcha Sentinel with Customized Settings Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Install Altcha Sentinel with specific configurations for namespace, image tag, service type, ingress, and persistence. ```bash helm install altcha-sentinel altcha-org/sentinel \ --namespace sentinel \ --create-namespace \ --set image.tag="1.0.0" \ --set service.type=LoadBalancer \ --set ingress.enabled=true \ --set ingress.hosts[0].host=sentinel.yourdomain.com \ --set persistence.enabled=true \ --set persistence.size="20Gi" ``` -------------------------------- ### Readiness Probe Response Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Example JSON response from the /.ready endpoint indicating server readiness. ```json { "status": "ready", "timestamp": "2025-05-12T14:06:08.460Z", "version": "1.0.0" } ``` -------------------------------- ### POST /v1/similarity - Match Against Examples Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity Compares a given input text against a list of provided examples to determine similarity scores. ```APIDOC ## POST /v1/similarity ### Description Compares a given input `text` against a list of `examples` to determine semantic similarity scores. ### Method POST ### Endpoint `/v1/similarity` ### Parameters #### Request Body - **examples** (array of strings) - Required - A list of example strings to compare against. - **text** (string) - Required - The input text to be analyzed. ### Request Example ```json { "examples": [ "Claim your exclusive reward now by clicking the link below!", "Get your exclusive prize now by visiting this link!", "Don't miss out—claim your unique prize by clicking below!", "The weather today is sunny and perfect for a walk in the park." ], "text": "Claim your exclusive prize now by clicking the link below!" } ``` ### Response #### Success Response (200) - **matches** (object) - Contains the similarity matching results. - **examples** (object) - Results for example matching. - **matches** (array of objects) - List of matched examples with their scores. - **example** (string) - The example text that was matched. - **score** (number) - The similarity score (0-1). - **time** (number) - The time taken for the matching process in milliseconds. #### Response Example ```json { "matches": { "examples": { "matches": [ { "example": "Claim your exclusive reward now by clicking the link below!", "score": 0.85 }, { "example": "Get your exclusive prize now by visiting this link!", "score": 0.9 }, { "example": "Don't miss out—claim your unique prize by clicking below!", "score": 0.74 }, { "example": "The weather today is sunny and perfect for a walk in the park.", "score": 0 } ], "time": 24.833 } } } ``` ``` -------------------------------- ### Configure PostgreSQL with TLS/SSL Source: https://altcha.org/docs/v2/sentinel/advanced/performance-tuning Example connection string for connecting to a PostgreSQL instance with mandatory TLS/SSL encryption. ```text postgresql://user:password@localhost:5432/altcha_sentinel?sslmode=require ``` -------------------------------- ### Request Challenge with Parameters Source: https://altcha.org/docs/v2/sentinel/advanced/custom-parameters Example of a GET request to the challenge endpoint with multiple custom parameters. ```http GET /v1/challenge?params.abc=123¶ms.def=456 ``` -------------------------------- ### Match Input Text Against Examples Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity Compare a specific input string against a provided list of spam-like examples using a POST request. ```bash curl -X POST http://localhost:8080/v1/similarity \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {API_KEY}" \ -d '{ "examples": [ "Claim your exclusive reward now by clicking the link below!", "Get your exclusive prize now by visiting this link!", "Don'\''t miss out—claim your unique prize by clicking below!", "The weather today is sunny and perfect for a walk in the park." ], "text": "Claim your exclusive prize now by clicking the link below!" }' ``` ```json { "matches": { "examples": { "matches": [ { "example": "Claim your exclusive reward now by clicking the link below!", "score": 0.85 }, { "example": "Get your exclusive prize now by visiting this link!", "score": 0.9 }, { "example": "Don't miss out—claim your unique prize by clicking below!", "score": 0.74 }, { "example": "The weather today is sunny and perfect for a walk in the park.", "score": 0 } ], "time": 24.833 } } } ``` -------------------------------- ### Install ALTCHA Sentinel Helm Chart Source: https://altcha.org/docs/v2/sentinel/advanced/clustering Install the ALTCHA Sentinel Helm chart using your customized `values.yaml` file. This command deploys the Sentinel application to your Kubernetes cluster. ```bash helm install altcha-sentinel altcha-org/sentinel -f values.yaml ``` -------------------------------- ### Install ALTCHA using npm Source: https://altcha.org/docs/v2/how-to/captcha-angular-example Install the ALTCHA package in your Angular project using npm. This command fetches and installs the necessary libraries. ```bash npm install altcha ``` -------------------------------- ### SvelteKit Integration with ALTCHA Source: https://altcha.org/docs/v2/migration/widget-v2 Integrate ALTCHA into a SvelteKit application by importing the 'altcha' package and its Svelte types. This example shows the basic setup within a Svelte component. ```html ``` -------------------------------- ### Liveness Probe Response Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Example JSON response from the /.live endpoint confirming the server is running. ```json { "status": "alive", "timestamp": "2025-05-12T14:06:57.007Z", "version": "1.0.0" } ``` -------------------------------- ### ClickHouse Connection URL Example Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse Example format for the ClickHouse connection URL. Set the CLICKHOUSE_URL environment variable to this value to enable logging. ```plaintext http://user:password@localhost:8123/altcha_sentinel ``` -------------------------------- ### Install ALTCHA Package via NPM Source: https://altcha.org/docs/v2/widget-integration Install the latest version of the altcha package using NPM. This is the recommended method for Node.js projects. ```bash npm install altcha ``` -------------------------------- ### Configure Custom Base URL Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers Example of providing a custom API endpoint via the AI_PROVIDER_OPTIONS variable. ```bash AI_PROVIDER_OPTIONS={"apiKey":"abc123...","baseURL":"https://api.openai.com/v1"} ``` -------------------------------- ### Install ALTCHA using yarn Source: https://altcha.org/docs/v2/how-to/captcha-angular-example Install the ALTCHA package in your Angular project using yarn. This command fetches and installs the necessary libraries. ```bash yarn add altcha ``` -------------------------------- ### Example URL for Context Override Source: https://altcha.org/docs/v2/sentinel/advanced/context-override Pass the encrypted context data as a URL query parameter to override context. ```plaintext /v1/verify?context={ENCRYPTED_CONTEXT_DATA} ``` -------------------------------- ### Import ALTCHA Widget and Basic Usage Source: https://altcha.org/docs/v2/migration/widget-v2 Import the 'altcha' npm package to register the Web Component for basic usage. This example shows how to include the script and use the altcha-widget with a challenge URL. ```html ``` -------------------------------- ### Minimal ENV Configuration for ALTCHA Sentinel Source: https://altcha.org/docs/v2/sentinel/advanced/clustering This is a minimal environment configuration example for ALTCHA Sentinel, including license, database URLs, and secret seed. ```env # License LICENSE_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX # Databases POSTGRES_URL=postgresql://user:password@localhost:5432/altcha_sentinel REDIS_URL=redis://default@localhost:6379 # Auto-generate secrets from the seed (CHANGE THE SEED VALUE) SECRET_SEED=3Wtd47Um6JxIYUO9Wz27g448 ``` -------------------------------- ### Start ALTCHA Container Source: https://altcha.org/docs/v2/sentinel/install/docker Runs the container in detached mode, mapping port 8080 and mounting the persistent volume. ```bash docker run -d -p 8080:8080 -v altcha_sentinel_data:/data ghcr.io/altcha-org/sentinel:latest ``` -------------------------------- ### Download Attachment Request Source: https://altcha.org/docs/v2/sentinel/how-to/email-spam-filter Example of the GET request used to download an attachment using the key extracted from the contentUri. ```http GET /v1/blobs/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png ``` -------------------------------- ### Configure ALTCHA Sentinel values.yaml for Kubernetes Source: https://altcha.org/docs/v2/sentinel/advanced/clustering This is an example `values.yaml` file for deploying ALTCHA Sentinel on Kubernetes. It configures the number of replicas, persistence settings, and loads environment variables from a Kubernetes secret. ```yaml # Set the number of pods to run replicaCount: 3 # (Optional) Disable persistent volumes. # Keep persistence enabled for efficient caching of external data sources such as threat intelligence data. persistence: enabled: false # Load ENV variables from the secret envFrom: - secretRef: name: altcha-sentinel-secrets ``` -------------------------------- ### Configure Environment Variables via CLI Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Set environment variables for Altcha Sentinel during installation using CLI parameters. ```bash helm install altcha-sentinel altcha-org/sentinel \ --set env[0].name=LOG_LEVEL \ --set env[0].value=debug ``` -------------------------------- ### Loading Translations via CDN Source: https://altcha.org/docs/v2/internationalization-i18n Example URL for loading a specific language translation file from the CDN. ```text https://cdn.jsdelivr.net/gh/altcha-org/altcha/dist/i18n/fr-fr.min.js ``` -------------------------------- ### Configure Environment Variables via values.yaml Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Define environment variables for Altcha Sentinel in a values.yaml file and apply it during installation. ```yaml env: - name: LOG_LEVEL value: "debug" ``` -------------------------------- ### POST /v1/similarity - Using Predefined Training Data Groups Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity Matches input text against predefined training data groups instead of direct examples. ```APIDOC ## POST /v1/similarity (Using Training Groups) ### Description Matches the input `text` against predefined training `groups` instead of passing `examples` directly. This is useful for leveraging existing spam datasets. ### Method POST ### Endpoint `/v1/similarity` ### Parameters #### Request Body - **groups** (array of strings) - Required - Names of the predefined training data sets to use. - **text** (string) - Required - The input text to analyze. - **partial** (boolean) - Optional - Set to `true` to enable partial matching. ### Request Example ```json { "groups": ["chat_spam"], "text": "Don't waste your money on expensive sneakers! Text me on WhatsApp +123123123 for better deals.", "partial": true } ``` ### Response #### Success Response (200) - **matches** (object) - Contains the similarity matching results. - **examples** (object) - Results for matching against the specified group. - **matches** (array of objects) - List of matched items from the group with their scores. - **example** (string) - The example text from the group that was matched. - **score** (number) - The similarity score (0-1). - **time** (number) - The time taken for the matching process in milliseconds. #### Response Example ```json { "matches": { "examples": { "matches": [ { "example": "message me on WhatsApp", "score": 0.73 }, { "example": "text me on Telegram", "score": 0.47 }, { "example": "contact me on Facebook", "score": 0.33 } ], "time": 44.407 } } } ``` ``` -------------------------------- ### Set Context via JSON Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules Configure the context for AI evaluation using a JSON structure. This example sets 'attribute1' and 'attribute2' as context attributes. ```json [ { "action": "set", "set": [ { "field": "context", "value": "attribute1=value&attribute2=123" } ] } ] ``` -------------------------------- ### Security Question Example with AI Rule Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules Implement a security question challenge using AI rules. This configures a context attribute for the security question and an AI rule to evaluate the answer. ```json [ { "action": "set", "set": [ { "field": "context", "value": "security_question=Name an animal that lives in the ocean." }, { "field": "ai", "value": "Allow only if the field 'security_answer' contains a correct answer to the 'security_question'." } ] } ] ``` -------------------------------- ### URL Variable Example Source: https://altcha.org/docs/v2/sentinel/features/redirects Demonstrates how to use URL variables to insert field values into the destination URL. The `{field_name}` format is used, where `{email}` is replaced by the value from the 'email' field. ```html https://example.com/form?email={email} ``` -------------------------------- ### Registering External Algorithms with Vite Source: https://altcha.org/docs/v2/migration/widget-v2 When using 'altcha/external', you must import worker modules separately and register them using the $altcha.algorithms.set method. This example demonstrates setting up Argon2id, PBKDF2, and Scrypt workers. ```javascript import 'altcha/external'; import Argon2idWorker from 'altcha/workers/argon2id?worker'; import Pbkdf2Worker from 'altcha/workers/pbkdf2?worker'; import ScryptWorker from 'altcha/workers/scrypt?worker'; import ShaWorker from 'altcha/workers/sha?worker'; $altcha.algorithms.set('PBKDF2/SHA-256', () => new Pbkdf2Worker()); $altcha.algorithms.set('PBKDF2/SHA-384', () => new Pbkdf2Worker()); $altcha.algorithms.set('PBKDF2/SHA-512', () => new Pbkdf2Worker()); $altcha.algorithms.set('SHA-256', () => new ShaWorker()); $altcha.algorithms.set('SHA-384', () => new ShaWorker()); $altcha.algorithms.set('SHA-512', () => new ShaWorker()); $altcha.algorithms.set('ARGON2ID', () => new Argon2idWorker()); $altcha.algorithms.set('SCRYPT', () => new ScryptWorker()); ``` -------------------------------- ### Define Rate Limiter with Advanced Parameters Source: https://altcha.org/docs/v2/sentinel/features/rate-limiters Example of a rate limiter with custom key, alert message, and error code. This allows for fine-grained control over rate limiting behavior. ```string 100/1h(key=ip&alert=Too many requests from IP&code=429_TOO_MANY) ``` -------------------------------- ### Monitor Deployment Rollout Status Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Check the status of a Kubernetes deployment rollout to ensure the upgrade or installation is successful. ```bash kubectl rollout status deployment/altcha-sentinel -n sentinel ``` -------------------------------- ### Health Check Endpoint Response Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Example JSON response from the /.health endpoint indicating system status. ```json { "status": "healthy", "checks": { "database": { "ok": true }, "redis": { "ok": true }, "clickhouse": { "ok": true } }, "timestamp": "2025-05-12T14:05:54.464Z", "version": "1.0.0" } ``` -------------------------------- ### External Widget Integration with PBKDF2 Worker Source: https://altcha.org/docs/v2/widget-v3 Integrates the ALTCHA widget using the external bundle and configures PBKDF2/SHA-256 algorithm with a Web Worker. This setup is useful for optimizing performance by offloading cryptographic operations. ```html ``` -------------------------------- ### Match Against Predefined Training Groups Source: https://altcha.org/docs/v2/sentinel/how-to/detect-spam-with-similarity Reference existing training data groups instead of providing raw examples in the request body. ```bash curl -X POST http://localhost:8080/v1/similarity \ -H "Content-Type: application/json" \ -H "Authorization: Bearer {API_KEY}" \ -d '{ "groups": ["chat_spam"], "text": "Don'\''t waste your money on expensive sneakers! Text me on WhatsApp +123123123 for better deals.", "partial": true }' ``` ```json { "matches": { "examples": { "matches": [ { "example": "message me on WhatsApp", "score": 0.73 }, { "example": "text me on Telegram", "score": 0.47 }, { "example": "contact me on Facebook", "score": 0.33 } ], "time": 44.407 } } } ``` -------------------------------- ### Get Service IP Address Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Retrieve the service IP address for the deployed Altcha Sentinel instance. ```bash kubectl get svc altcha-sentinel ``` -------------------------------- ### Provide License Key Source: https://altcha.org/docs/v2/sentinel/advanced/env Enter your license key for the application. ```bash LICENSE_KEY="YOUR_LICENSE_KEY" ``` -------------------------------- ### Importing ALTCHA TypeScript Types Source: https://altcha.org/docs/v2/migration/widget-v2 Explicitly import framework-specific type definitions for ALTCHA when using TypeScript. This example shows how to import types for React, or alternatively for Svelte or JSX. ```typescript import type {} from 'altcha/types/react'; // or /svelte, /jsx import type { WidgetAttributes, Challenge } from 'altcha/types'; ``` -------------------------------- ### Configure AI Rule via JSON Source: https://altcha.org/docs/v2/sentinel/how-to/ai-security-rules Define an AI rule using JSON to set a field based on AI evaluation. This example sets the 'ai' field with a prompt to check for meaningful text in the 'message' field. ```json [ { "action": "set", "set": [ { "field": "ai", "value": "Allow if the field 'message' contains meaningful text." } ] } ] ``` -------------------------------- ### Programmatically Trigger Verification Source: https://altcha.org/docs/v2/overlay-ui Use JavaScript to get the altcha-widget element and call its 'verify()' method to trigger verification programmatically. This is useful for advanced use cases outside of form submissions. ```javascript // Get the element by tag or ID const altcha = document.querySelector('altcha-widget'); // Trigger verification altcha.verify(); ``` -------------------------------- ### Optional SMTP Parameters for Email Notifications Source: https://altcha.org/docs/v2/sentinel/configuration/forms Append optional parameters as query strings to the SMTP connection URL to customize sender information and TLS settings. For example, to enable TLS and set the 'from' address. ```plaintext smtp://smtp.example.email?secure=true&from=test@example.com ``` -------------------------------- ### Deploy with Custom Parameters Source: https://altcha.org/docs/v2/sentinel/install/aws-ecs Command to deploy the stack while overriding default configuration parameters like domain name, certificate ARN, and resource allocation. ```bash aws cloudformation deploy \ --template-file altcha-sentinel-aws-ecs.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAM \ --parameter-overrides \ DomainName=sentinel.example.com \ CertificateArn=arn:aws:acm:us-east-1:123456789012:certificate/xxxx-xxxx-xxxx \ TaskCPU=4096 \ TaskMemory=8192 ``` -------------------------------- ### SSH into the Server Source: https://altcha.org/docs/v2/sentinel/install/docker-compose Connect to your server using SSH. If using a non-default SSH key, specify its path with the -i flag. ```bash ssh root@{SERVER_IP} ``` ```bash ssh -i ~/.ssh/my_key root@{SERVER_IP} ``` -------------------------------- ### Configure AI Provider Environment Variables Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers Basic configuration for an AI provider including model selection and API key. ```bash AI_PROVIDER=mistral AI_PROVIDER_MODEL=mistral-large-latest AI_PROVIDER_OPTIONS={"apiKey":"abc123..."} ``` -------------------------------- ### Provide License JSON Source: https://altcha.org/docs/v2/sentinel/advanced/env Provide the license file contents directly as a JSON string to disable the call-home mechanism. ```bash LICENSE_JSON="{\"license_key\": \"YOUR_LICENSE_KEY\", \"expiry\": \"2025-12-31\"}" ``` -------------------------------- ### Import Modular ALTCHA Assets Source: https://altcha.org/docs/v2/content-security-policy-csp For strict CSP compliance, import ALTCHA's modular assets separately. This approach avoids the need for 'blob:' in your CSP. ```javascript import "altcha/external"; import "altcha/altcha.css"; ``` -------------------------------- ### Add Helm Repository Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Add the official Altcha Helm charts repository to your local Helm configuration. ```bash helm repo add altcha-org https://altcha-org.github.io/helm-charts ``` -------------------------------- ### Run Sentinel Update Script Source: https://altcha.org/docs/v2/sentinel/install/docker-compose Navigate to the Altcha directory and execute the update script to pull the new Docker image and restart Sentinel. ```bash cd /home/altcha/altcha ./update.sh ``` -------------------------------- ### Vue.js Widget Integration Source: https://altcha.org/docs/v2/widget-v3 Integrates the ALTCHA widget in Vue.js applications. This setup declares the `altcha-widget` component globally to ensure it's recognized within the Vue template. ```html ``` -------------------------------- ### Adjust Log Retention Policy Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse Modify the TTL clause in your ClickHouse table definition to change the data retention period. This example sets logs to be deleted after 1 year. ```sql TTL time + INTERVAL 1 YEAR DELETE ``` -------------------------------- ### Create ClickHouse Database Source: https://altcha.org/docs/v2/sentinel/advanced/clickhouse Use this SQL command to create the 'altcha_sentinel' database if it does not already exist. The 'Atomic' engine is recommended for ClickHouse. ```sql CREATE DATABASE IF NOT EXISTS altcha_sentinel ENGINE = Atomic; ``` -------------------------------- ### Downloading Attachments Source: https://altcha.org/docs/v2/sentinel/how-to/email-spam-filter Instructions on how to download attachments when `X-Attachments-Upload` is enabled. ```APIDOC ## Downloading Attachments When using `X-Attachments-Upload: true`, attachments will be uploaded to configured upload storage and the parameter `contentUri` will be returned with each attachment in the following format: ``` blob://uploads/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png ``` To download an attachment using `contentUri`, use the `GET /v1/blobs/{key}` endpoint and pass the path returned in `contentUri` as the `key` parameter: For example, from the blob URI above, the download URL will be: ``` GET /v1/blobs/eml/attachments/2025-09-01/2c39908c3aa32a6484fd405a7c2f782e.png?size=11998&type=image%2Fpng&filename=image.png ``` ``` -------------------------------- ### Configure OpenTelemetry Environment Variables Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Set these environment variables to enable OTLP HTTP exporter for traces and logs. ```bash OTEL_SERVICE_NAME="altcha-sentinel" OTEL_EXPORTER_OTLP_ENDPOINT="https://localhost:4318" OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key" ``` -------------------------------- ### Login to Azure CLI Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services Authenticate with your Azure account using the Azure CLI. This is the first step for any manual deployment or management via the command line. ```bash az login ``` -------------------------------- ### Configure Okta OIDC SSO Source: https://altcha.org/docs/v2/sentinel/advanced/sso Environment variable configuration for Okta OIDC integration. ```text SSO_OKTA=https://{your-account}.okta.com/?clientId={clientId}&clientSecret={clientSecret} ``` -------------------------------- ### Programmatic Widget Configuration Source: https://altcha.org/docs/v2/widget-integration Manage default widget settings or update specific instances dynamically using the global `$altcha` object. This method is preferred for complex configurations. ```javascript // Set defaults for all future widget instances: $altcha.defaults.set({ challenge: 'https://api.example.com/challenge', debug: true }); // Update a specific instance dynamically: const widget = document.querySelector('altcha-widget'); widget.configure({ workers: 2, language: 'fr' }); ``` -------------------------------- ### Verify Solution with PBKDF2 Source: https://altcha.org/docs/v2/widget-v3 Verifies the solution provided for a challenge using the 'PBKDF2/SHA-256' algorithm. This function is used on the server-side to confirm the validity of the user's input. ```javascript import { verifySolution, pbkdf2 } from 'altcha/lib'; const result = await verifySolution({ challenge, deriveKey: pbkdf2.deriveKey, solution }); ``` -------------------------------- ### Configure Automated Azure Blob Storage Backups Source: https://altcha.org/docs/v2/sentinel/advanced/backups Environment variables required to enable scheduled database snapshots using Azure Blob Storage. ```bash SNAPHOSTS_CRON_SCHEDULE="0 0 * * *" SNAPHOSTS_STORAGE_PROVIDER=azure SNAPHOSTS_STORAGE_AZURE_CONTAINER=backups SNAPHOSTS_STORAGE_AZURE_CONNECTION_STRING=DefaultEndpointsProtocol=https;AccountName=test;AccountKey=XXXX;EndpointSuffix=core.windows.net ``` -------------------------------- ### Define Custom Parameters Source: https://altcha.org/docs/v2/sentinel/advanced/custom-parameters Use the params. prefix in URL query parameters to include metadata in the challenge. ```http ?params.param_name=param_value ``` -------------------------------- ### Basic Widget Integration Source: https://altcha.org/docs/v2/widget-v3 Integrates the ALTCHA widget using the default all-in-one bundle. Ensure this script is included in your project to display the widget. ```html ``` -------------------------------- ### Configure Google Workspace OIDC SSO Source: https://altcha.org/docs/v2/sentinel/advanced/sso Environment variable configuration for Google Workspace OIDC integration. ```text SSO_GOOGLE=?clientId={clientId}&clientSecret={clientSecret} ``` -------------------------------- ### Allow All Paths for a Plugin Source: https://altcha.org/docs/v2/wordpress/how-to Use a wildcard to include all requests from a specific plugin's REST API paths. ```text /wp-json/some-plugin/* ``` -------------------------------- ### Enabling Redis in ALTCHA Sentinel Source: https://altcha.org/docs/v2/sentinel/advanced/clustering Configure the REDIS_URL environment variable to enable Redis, used for shared state like rate-limiting and pub-sub. Redis version 7 or later is recommended. ```env REDIS_URL=redis://default@localhost:6379 ``` -------------------------------- ### Enabling PostgreSQL in ALTCHA Sentinel Source: https://altcha.org/docs/v2/sentinel/advanced/clustering Configure the POSTGRES_URL environment variable to enable PostgreSQL, which serves as the primary database for Sentinel. Ensure PostgreSQL version 15 or later is used. ```env POSTGRES_URL=postgresql://user:password@localhost:5432/altcha_sentinel ``` -------------------------------- ### Configure LDAP Authentication Source: https://altcha.org/docs/v2/sentinel/advanced/sso Environment variable configuration for LDAP/Active Directory integration. ```text SSO_LDAP=ldap://your-ldap-server:389?userDn=dc=your-domain,dc=com ``` ```text SSO_LDAP=ldap://ldap.forumsys.com:389?userDn=dc=example,dc=com&name=SSO ``` -------------------------------- ### Configure JWT Time-to-Live Source: https://altcha.org/docs/v2/sentinel/advanced/env Set the time-to-live for JWT tokens using a human-readable duration format. ```bash JWT_TTL="48h" ``` -------------------------------- ### Deploy ALTCHA Sentinel with AWS CLI Source: https://altcha.org/docs/v2/sentinel/install/aws-ecs Standard command to deploy the CloudFormation stack using the provided template file. ```bash aws cloudformation deploy \ --template-file altcha-sentinel-aws-ecs.yml \ --stack-name altcha-sentinel-stack \ --capabilities CAPABILITY_IAM ``` -------------------------------- ### Create Challenge with PBKDF2 Source: https://altcha.org/docs/v2/widget-v3 Generates a new challenge using the 'PBKDF2/SHA-256' algorithm with a specified cost. This function is used on the server or client to initiate a verification process. ```javascript import { createChallenge, pbkdf2 } from 'altcha/lib'; const challenge = await createChallenge({ algorithm: 'PBKDF2/SHA-256', cost: 5_000, deriveKey: pbkdf2.deriveKey }); ``` -------------------------------- ### Configure IP Whitelist Source: https://altcha.org/docs/v2/sentinel/advanced/env Restrict access to application and admin endpoints by providing a comma-separated list of IP addresses or network masks. ```bash APP_IP_WHITELIST="127.0.0.1/32,::1/128,fd00::/8" ``` -------------------------------- ### Register Argon2id and Scrypt Workers (No Bundler Support) Source: https://altcha.org/docs/v2/widget-integration Register Argon2id and Scrypt workers by loading prebuilt worker files directly when your environment does not support '?worker' imports. Ensure the path to the worker files is correct. ```javascript import 'altcha'; $altcha.algorithms.set('ARGON2ID', () => new Worker('/path/to/node_modules/altcha/dist/workers/argon2id.js')); $altcha.algorithms.set('SCRYPT', () => new Worker('/path/to/node_modules/altcha/dist/workers/scrypt.js')); ``` -------------------------------- ### Widget Methods Source: https://altcha.org/docs/v2/widget-integration Available methods for controlling and interacting with the ALTCHA widget programmatically. ```APIDOC ## Widget Methods ### Description These methods allow you to control and interact with the ALTCHA widget programmatically after it has loaded. ### Methods - **`configure(options)`**: Configures the widget with the given options. - **`getConfiguration()`**: Returns the current configuration of the widget. - **`getState()`**: Returns the current state of the widget. - **`show()`**: Displays the widget. - **`hide()`**: Hides the widget. - **`reset(state?, err?)`**: Resets the internal state of the widget, optionally with an error. - **`setState(state, err?)`**: Manually sets the widget's state, optionally with an error. - **`updateUI()`**: Forces a UI update or reposition. - **`verify()`**: Initiates the verification process. ``` -------------------------------- ### Enable Password Login Source: https://altcha.org/docs/v2/sentinel/advanced/env Enable or disable password-based login. Set to '1' to enable, '0' to disable. ```bash PASSWORD_LOGIN_ENABLED="0" ``` -------------------------------- ### Configure Keycloak OIDC SSO Source: https://altcha.org/docs/v2/sentinel/advanced/sso Environment variable configuration for Keycloak OIDC integration. ```text SSO_KEYCLOAK=https://your-keycloak-domain:8080/?realm={realm}&clientId={clientId}&clientSecret={clientSecret} ``` -------------------------------- ### Enabling ClickHouse in ALTCHA Sentinel (Enterprise Plan) Source: https://altcha.org/docs/v2/sentinel/advanced/clustering Configure the CLICKHOUSE_URL environment variable to integrate with ClickHouse for analytics and logs on the Enterprise plan. Ensure the database and tables are created as per ClickHouse documentation. ```env CLICKHOUSE_URL=http://user:password@localhost:8123/altcha_sentinel ``` -------------------------------- ### Attribute-Based Widget Configuration Source: https://altcha.org/docs/v2/widget-integration Configure the ALTCHA widget using HTML attributes for simple implementations. The `configuration` attribute accepts a JSON-encoded string for complex settings. ```html ``` -------------------------------- ### Import ALTCHA Source: https://altcha.org/docs/v2/how-to/captcha-react-example Import the ALTCHA library into your React component. ```javascript import 'altcha'; ``` -------------------------------- ### OpenTelemetry Configuration Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Configuration details for enabling OpenTelemetry support using the OTLP HTTP exporter. ```APIDOC ## OpenTelemetry Configuration ### Description Sentinel supports the OTLP HTTP exporter for OpenTelemetry collectors, enabling both traces and logs. To enable OpenTelemetry, set the `OTEL_EXPORTER_OTLP_ENDPOINT` environment variable. ### Supported Environment Variables - **OTEL_EXPORTER_OTLP_ENDPOINT** (string) - The URL of the OpenTelemetry collector (e.g., `https://localhost:4318`). Required. - **OTEL_EXPORTER_OTLP_HEADERS** (string) - Custom headers to include in OTLP requests (e.g., API keys or authentication tokens). - **OTEL_EXPORTER_OTLP_TIMEOUT** (string) - The timeout value for all outgoing data in milliseconds. - **OTEL_SERVICE_NAME** (string) - The logical name of the service that will appear in traces and logs (defaults to `altcha-sentinel`). ### Example Configuration ```bash OTEL_SERVICE_NAME="altcha-sentinel" OTEL_EXPORTER_OTLP_ENDPOINT="https://localhost:4318" OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key" ``` ``` -------------------------------- ### Enable Overlay UI Source: https://altcha.org/docs/v2/overlay-ui Add the 'overlay' attribute to the altcha-widget configuration within a form element to enable the Overlay UI. This automatically sets 'auto=onsubmit'. ```html
``` -------------------------------- ### CSP Directive for Default ALTCHA Bundle Source: https://altcha.org/docs/v2/content-security-policy-csp When using the default Web Component bundle, which executes the worker from a Blob, ensure your CSP allows the 'blob:' source for workers. ```http Content-Security-Policy: script-src 'self'; worker-src 'self' blob: ``` -------------------------------- ### Show Container Configuration via Azure CLI Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services Retrieve the current Docker image configuration for your Azure Web App. This command helps verify the deployed image tag. ```bash az webapp config container show --name \ --resource-group \ --query "docker_image_name" ``` -------------------------------- ### Apply Cyberpunk Theme Source: https://altcha.org/docs/v2/widget-v3 Import and apply the cyberpunk theme to the ALTCHA widget using the `theme` attribute. ```javascript import "altcha/themes/cyberpunk.css"; ; ``` -------------------------------- ### Add to Threat List Immediately Source: https://altcha.org/docs/v2/sentinel/how-to/threat-intelligence Immediately add an IP address to the threat list, bypassing the limit-based blocking. ```APIDOC ## POST /v1/threat-list ### Description Immediately add an IP address to the threat list. This endpoint is used to block an IP directly, rather than waiting for it to exceed a defined limit. ### Method POST ### Endpoint /v1/threat-list ### Parameters (Specific parameters for this endpoint are not detailed in the source text, but it is implied to accept IP address information for immediate blocking.) ### Request Example (Example not provided in source text.) ### Response (No specific response details provided in the source text.) ``` -------------------------------- ### Import ALTCHA Package Source: https://altcha.org/docs/v2/migration/hcaptcha Import the ALTCHA package to use its functionalities in your frontend application. This is a prerequisite for integrating the ALTCHA widget. ```javascript import "altcha"; ``` -------------------------------- ### Configure Inject Paths for ALTCHA Scripts Source: https://altcha.org/docs/v2/wordpress/how-to Specify paths in ALTCHA settings to limit script injection to only required pages. The default `*` wildcard is removed. ```text /contact /shop/* ``` -------------------------------- ### ALTCHA Widget with Sentinel Source: https://altcha.org/docs/v2/widget-integration Configure the ALTCHA widget to use ALTCHA Sentinel for challenge generation. Provide your Sentinel endpoint URL and API key. ```html ``` -------------------------------- ### Register All Supported Workers with altcha/external Source: https://altcha.org/docs/v2/widget-integration Use 'altcha/external' to exclude bundled workers and explicitly register all desired algorithms. This provides full control over loaded workers, including PBKDF2, SHA, Argon2id, and Scrypt. ```javascript import 'altcha/external'; import Argon2idWorker from 'altcha/workers/argon2id?worker'; import Pbkdf2Worker from 'altcha/workers/pbkdf2?worker'; import ScryptWorker from 'altcha/workers/scrypt?worker'; import ShaWorker from 'altcha/workers/sha?worker'; $altcha.algorithms.set('PBKDF2/SHA-256', () => new Pbkdf2Worker()); $altcha.algorithms.set('PBKDF2/SHA-384', () => new Pbkdf2Worker()); $altcha.algorithms.set('PBKDF2/SHA-512', () => new Pbkdf2Worker()); $altcha.algorithms.set('SHA-256', () => new ShaWorker()); $altcha.algorithms.set('SHA-384', () => new ShaWorker()); $altcha.algorithms.set('SHA-512', () => new ShaWorker()); $altcha.algorithms.set('ARGON2ID', () => new Argon2idWorker()); $altcha.algorithms.set('SCRYPT', () => new ScryptWorker()); ``` -------------------------------- ### Create Kubernetes Secret for ALTCHA Sentinel Source: https://altcha.org/docs/v2/sentinel/advanced/clustering Use this command to create a Kubernetes secret containing essential connection strings and a secret seed for ALTCHA Sentinel. Ensure all placeholder values are replaced with your actual credentials. ```bash kubectl create secret generic altcha-sentinel-secrets \ --from-literal=LICENSE_KEY=XXXXXXXXXXXXXXXXXXXXXXXXX \ --from-literal=POSTGRES_URL=postgresql://... \ --from-literal=REDIS_URL=redis://... \ --from-literal=SECRET_SEED=... ``` -------------------------------- ### Adjust AI Request Parameters Source: https://altcha.org/docs/v2/sentinel/advanced/ai-providers Configure specific request parameters like max_tokens and temperature using AI_PROVIDER_REQUEST_OPTIONS. ```bash AI_PROVIDER_REQUEST_OPTIONS={"max_tokens":300,"temperature":1,"stop":["\n\n"]} ``` -------------------------------- ### Solve Challenge with PBKDF2 Source: https://altcha.org/docs/v2/widget-v3 Solves a given challenge using the 'PBKDF2/SHA-256' algorithm. This function is typically used on the client-side to provide the solution to the challenge. ```javascript import { solveChallenge, pbkdf2 } from 'altcha/lib'; const solution = await solveChallenge({ challenge, deriveKey: pbkdf2.deriveKey }); ``` -------------------------------- ### Upgrade Altcha Sentinel to a New Version Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Upgrade an existing Altcha Sentinel deployment to a new image tag. ```bash helm upgrade altcha-sentinel altcha-org/sentinel \ --set image.tag="1.2.3" ``` -------------------------------- ### Configure Overlay Content Source: https://altcha.org/docs/v2/overlay-ui Specify a CSS selector for 'overlaycontent' to display additional HTML content before the overlay widget appears. Ensure the selected element is properly defined. ```html
``` -------------------------------- ### Use Switch Toggle Input Source: https://altcha.org/docs/v2/widget-v3 Configure the ALTCHA widget to use an animated switch (toggle) style for user interaction. ```html ``` -------------------------------- ### View Helm Release History Source: https://altcha.org/docs/v2/sentinel/install/kubernetes List the revision history of a Helm release to identify available versions for rollback. ```bash helm history altcha-sentinel --namespace sentinel ``` -------------------------------- ### Restart Azure Web App via CLI Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services Restart your Azure Web App service using the Azure CLI. This is often necessary after configuration changes, such as updating the container image. ```bash az webapp restart --name --resource-group ``` -------------------------------- ### Create Persistent Docker Volume Source: https://altcha.org/docs/v2/sentinel/install/docker Creates a named volume to persist data for the ALTCHA sentinel container. ```bash docker volume create altcha_sentinel_data ``` -------------------------------- ### Configure Authorization for Threat Sources Source: https://altcha.org/docs/v2/sentinel/how-to/threat-intelligence Methods for providing credentials when accessing protected threat intelligence sources. ```http Authorization: Basic ZXhhbXBsZTpleGFtcGxl ``` ```url https://{username}:{password}@example.com ``` -------------------------------- ### Live Log Streaming Source: https://altcha.org/docs/v2/sentinel/advanced/monitoring-logging Provides real-time access to server logs via HTTP, with an option for JSON formatting. ```APIDOC ## GET /.logs ### Description Streams server logs in real-time. Supports optional JSON formatting. ### Method GET ### Endpoint `/.logs` ### Query Parameters - **format** (string) - Optional. If set to `json`, outputs logs in JSON format. ### Examples - Default stream: `GET /.logs` - JSON stream: `GET /.logs?format=json` ### Response #### Success Response (200) - **Log Stream** (string) - A continuous stream of log entries. Each entry can be a plain text line or a JSON object depending on the `format` query parameter. ``` -------------------------------- ### Integrate ALTCHA Script Tag Source: https://altcha.org/docs/v2/widget-integration Add the script tag to your website to integrate the ALTCHA widget. Placing it in the `` section is recommended for optimal performance. ```html ``` -------------------------------- ### Client-side Key Derivation Loop Source: https://altcha.org/docs/v2/proof-of-work-captcha The client repeatedly derives a key by incrementing a counter and appending it to the nonce until the output matches the server's requirements. This process is central to solving the PoW challenge. ```javascript DerivedKey=KDF(Algorithm, Salt, Cost, Password) Where Password is the nonce appended with the counter. ``` -------------------------------- ### Use Invisible Display Mode Source: https://altcha.org/docs/v2/widget-v3 Integrate the ALTCHA widget invisibly into your UI, suitable for minimal footprint requirements. ```html ``` -------------------------------- ### Configure Azure OIDC SSO Source: https://altcha.org/docs/v2/sentinel/advanced/sso Environment variable configuration for Microsoft Azure OIDC integration. ```text SSO_AZURE=?clientId={clientId}&clientSecret={clientSecret}&tenantId={tenantId} ``` -------------------------------- ### Mount Persistent Storage Volume Source: https://altcha.org/docs/v2/sentinel/install Configure a persistent storage volume for ALTCHA Sentinel by mounting it to the /data directory. This is required for database data unless PostgreSQL is used as the backend. ```yaml volumes: - altcha_sentinel_data_volume:/data ``` -------------------------------- ### Upgrade Altcha Sentinel with Custom Namespace and Reused Values Source: https://altcha.org/docs/v2/sentinel/install/kubernetes Upgrade Altcha Sentinel, specifying a custom namespace and ensuring previous configurations are reused. ```bash helm upgrade altcha-sentinel altcha-org/sentinel \ --namespace sentinel \ --set image.tag="1.2.3" \ --reuse-values ``` -------------------------------- ### Sentinel Management Scripts Source: https://altcha.org/docs/v2/sentinel/install/docker-compose These scripts are located in /home/altcha/altcha/ and provide essential management functions for Sentinel. ```bash ./start.sh ``` ```bash ./stop.sh ``` ```bash ./status.sh ``` ```bash ./update.sh ``` ```bash ./logs.sh ``` -------------------------------- ### Listen for Widget State Changes Source: https://altcha.org/docs/v2/widget-integration Attach an event listener to the widget to react to state changes. The new state is available in the event's detail property. ```javascript const widget = document.querySelector('altcha-widget'); widget.addEventListener('statechange', (ev) => { // See enum State above console.log('state:', ev.detail.state); }); ``` -------------------------------- ### Import Modular ALTCHA Worker Source: https://altcha.org/docs/v2/content-security-policy-csp Separately import the ALTCHA Web Worker when using the modular asset approach for strict CSP compliance. ```javascript import "altcha/worker"; ``` -------------------------------- ### Include ALTCHA via CDN Source: https://altcha.org/docs/v2/widget-integration Alternatively, include the ALTCHA script in your HTML using a CDN link. This method is suitable for static websites. ```html ``` -------------------------------- ### Integrate ALTCHA Widget in HTML Form Source: https://altcha.org/docs/v2/migration/hcaptcha Add the `` component to your HTML form to enable ALTCHA's challenge mechanism. Ensure the `challenge` attribute points to your challenge URL. ```html
``` -------------------------------- ### Rollback ALTCHA Sentinel Container Version Source: https://altcha.org/docs/v2/sentinel/install/azure-app-services Use this command to revert the web app container to a specific previous version. Replace placeholders with your actual Azure resource names and the desired version tag. ```bash az webapp config container set --name \ --resource-group \ --docker-custom-image-name ghcr.io/altcha-org/sentinel: ``` -------------------------------- ### Allow Specific Origins with Wildcard Support Source: https://altcha.org/docs/v2/sentinel/configuration/security-groups Use an 'allow' rule with the 'origin' condition and 'conditionsOperator': 'or' to permit requests from specific domains or subdomains. Wildcards (*) can be used to match multiple subdomains. ```json { "action": "allow", "conditionsOperator": "or", "conditions": [ { "field": "origin", "operator": "=", "value": [ "https://example.com" ] }, { "field": "origin", "operator": "=", "value": [ "https://*.example.com" ] } ], "name": "Allow origins" } ``` -------------------------------- ### Configure Global Rate Limiter Source: https://altcha.org/docs/v2/sentinel/features/rate-limiters Sets a rate limit of 100 requests per hour globally for all users. This configuration is part of a Security Group Rule. ```json { "action": "set", "conditions": [], "name": "Rate Limiter", "set": [ { "field": "rateLimit", "value": "100/1h" } ] } ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.