Hello,
You currently provide built-in integration of Google ReCaptcha, hCaptcha and Turnstile, but my client would like to use the same Captcha as on its other websites: https://www.mtcaptcha.com/
Is it possible, and how?
Thanks
-Nicolas Hoizey
Hi Nicolas 
MTCaptcha is not supported currently, but I can bring this up as a feature request at our next planning meeting.
If anyone else has used MTCaptcha and would like to see it in CloudCannon, please make yourselves known here!! 
Thanks Ryan.
Do you know if there’s any way to use a Captcha you currently don’t support, with your forms?
Not that I’m aware of @nhoizey. The tricky part is that you need a backend server that can authenticate your form submissions.
If you have a server that can do this, you might be able to use your frontend JavaScript to ping the server and validate the request, before the form submission is posted to CloudCannon (so that CloudCannon is uninvolved in the captcha process).
I haven’t seen this kind of a set up before, so I’d be curious to hear if anyone has put anything like this together 
ChatGPT suggests this captcha-less solution:
Recommended Combo (Best Balance)
For most sites:
Honeypot
Time-to-submit
JS token
Rate limiting
Server-side validation
This stops 90–99% of bots with zero user friction.
From experience I know that you can easily get to 99.99% without a captcha (because one thing we always use is missing here, ask me in private…). However, this smart way of detecting bots needs to be implemented on the receiving end of the form, thus by CloudCannon. Something for the roadmap?
1 Like
I think this means something good… Spam detection improvement | CloudCannon Documentation
Care to elaborate?
This was just a small fix, no significant changes to our spam detection approach!
There was an issue where the “Mark as not spam” button on form submissions wasn’t sending “false positive” feedback correctly to Akismet (who we use for spam detection).
2 Likes