BOTDEFENSE::captcha_status

Description

Returns the status of the user’s answer to the CAPTCHA challenge. The returned value is one of the following strings:

  • not_received - the answer to the CAPTCHA challenge did not appear in the request; this is the normal result, before the CAPTCHA challenge is sent to the client
  • correct - the answer is correct
  • incorrect - the answer is incorrect
  • empty - an empty answer was given, or if the user clicked on the CAPTCHA Refresh button
  • expired - the answer has expired; in this case, the answer is not validated and may be correct or incorrect
  • invalid - the cookie containing the CAPTCHA answer cannot be parsed; this could mean that it was modified by an attacker, or that it is older than two days, or due to a configuration change

Warning

Deprecated in BIG-IP Next v20.0.1



Syntax
BOTDEFENSE::captcha_status

Syntax

BOTDEFENSE::captcha_status

BOTDEFENSE::captcha_status

Return Value

Returns a string signifying the status of the CAPTCHA challenge.

Valid During

BOTDEFENSE_ACTION

Examples

# EXAMPLE: Send a CAPTCHA challenge on the login page, and only allow the
 # login if the user passed the CAPTCHA challenge
 when BOTDEFENSE_ACTION {
     if {[BOTDEFENSE::action] eq "allow"} {
         if {[BOTDEFENSE::captcha_status] ne "correct"} {
             if {[HTTP::uri] eq "/t/login.php"} {
                 set res [BOTDEFENSE::action captcha_challenge]
                 if {$res ne "ok"} {
                     log local0. "cannot send captcha_challenge: \"$res\""
                     BOTDEFENSE::action tcp_rst
                 }
             } elseif {[HTTP::uri] eq "/t/do_login.php"} {
                 set res [BOTDEFENSE::action custom_response {
                     login failed because you may not be human
                 }]
                 if {$res ne "ok"} {
                     log local0. "cannot send blocking page: \"$res\""
                     BOTDEFENSE::action tcp_rst
                 }
             }
         }
     }
 }

Change Log

  • Introduced: 12.1
  • Deprecated: 20.0.1

The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.