Cap
Self-hosted CAPTCHA without Google, tracking, and visual puzzles
AI Summary
Cap is a self-hosted CAPTCHA alternative to reCAPTCHA and hCaptcha that works completely without visual puzzles, tracking, and third-party services. The tool uses Proof-of-Work (SHA-256) and browser instrumentation for bot detection and is extremely lightweight at only 20kb. Cap is open source (Apache 2.0), GDPR-compliant, and can be run on any server with a Docker container.
✓ Pros
- + Fully self-hosted without external dependencies or tracking
- + Open source (Apache 2.0) and extremely small (20kb vs. 600kb+ for hCaptcha)
- + No visual puzzles, GDPR-compliant, and compatible with reCAPTCHA APIs
✗ Cons
- − Requires own server infrastructure and technical setup (Docker)
- − No cloud solution with immediate use like commercial providers
Use Cases
- → Form protection on websites without sending data to Google or Cloudflare
- → API protection against automated abuse while maintaining a whitelist for trusted clients
- → GDPR-compliant bot defense for European websites and SaaS applications
- → Migration from reCAPTCHA/hCaptcha to a self-hosted privacy-first solution
Who is it for?
Developers and website operators seeking privacy-friendly bot defense without third-party tracking and willing to operate their own infrastructure.
