How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers

This page will show you how to add BotDetect CAPTCHA protection to your ASP.NET web application hosted using the Apache web server on a Linux (Red Hat, Fedora, CentOS, SUSE, ...) system.

Prerequisites

  • Apache 1.3.x/2.0.x/2.2.x
  • BotDetect CAPTCHA 2.0.x for ASP.NET

We assume that you have already installed the Apache web server on your system. If not, please download Apache, and follow the Apache installation guide.

At the moment, BotDetect CAPTCHA installations can only be run on Windows systems, but you can copy the BotDetect CAPTCHA assembly (Lanap.BotDetect.dll) and the ASP.NET sample projects to your Linux system. If you don't have a BotDetect CAPTCHA installation, please download the BotDetect CAPTCHA free trial.

Step-by-step guide

This guide describes all steps required to create a new ASP.NET website and add BotDetect CAPTCHA protection to it. If you have your site already created and configured, you can skip steps that don't apply to your server.

Step 1. Install the Mono framework

We will use the Mono framework to run your .NET web application on a Linux system.

Mod_Mono is an Apache 1.3/2.0/2.2 module that provides ASP.NET support for the web's favorite server, Apache. The module passes off requests for ASP.NET pages to an external program, mod-mono-server, which actually handles the requests. The communication between the Apache module and mod-mono-server is established using a Unix socket or a TCP socket.

- Mono Project

Setup Mono-core

Download the appropriate Mono-core package for your system from http://www.go-mono.com/mono-downloads/download.html. It's recommended to setup the following packages in this order:

  • giflib-4.1.3-8.i386.rpm
  • libexif9-0.5.12-3mdk.i586.rpm
  • libgdiplus0-1.9-1.rhel4.novell.i386.rpm
  • mono-core-1.9.1-2.novell.i586.rpm
  • mono-data-1.9.1-2.novell.i586.rpm
  • mono-data-firebird-1.9.1-2.novell.i586.rpm
  • mono-data-oracle-1.9.1-2.novell.i586.rpm
  • mono-data-postgresql-1.9.1-2.novell.i586.rpm
  • mono-data-sqlite-1.9.1-2.novell.i586.rpm
  • mono-data-sybase-1.9.1-2.novell.i586.rpm
  • ibm-data-db2-1.9.1-2.novell.i586.rpm
  • mono-nunit-1.9.1-2.novell.i586.rpm
  • mono-web-1.9.1-2.novell.i586.rpm
  • mono-winforms-1.9.1-2.novell.i586.rpm
  • bytefx-data-mysql-1.9.1-2.novell.i586.rpm
  • xsp-1.9.1-0.novell.noarch.rpm

Setup Mod_Mono

It is recommended to install Mod_Mono from a source package, so you can specify which Apache version you want to use. Some RPM packages (for example, mod_mono-1.9-0.rhel4.novell.i386.rpm) are already compiled for specific Apache versions, so you can also use a compiled package for your system and Apache version.

Download the Mod_Mono source (mod_mono-1.9.tar.bz2) from http://ftp.novell.com/pub/mono/sources-stable/, and follow the Compiling Mod_Mono from source guide.

Configure Apache to load Mod_Mono

Append the following lines to the httpd.conf file (located in /usr/local/apache2/conf by default):

Include conf/mod_mono.conf

<Location /mono>
  SetHandler mono-ctrl
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
</Location>

The first line will load the Mod_Mono module. Make sure that you have mod_mono.conf in the same directory as httpd.conf after installing Mod_Mono.

The remaining lines (which are optional) will add the Mod_Mono control panel so you can control Mod_Mono using http://localhost/mono.

[back to top]

Step 2. Create a new ASP.NET Web Site

Create a new folder for the website (we will use BotDetectSample in these instructions), in the Apache web content folder (/usr/local/apache2/htdocs/ by default)

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 1

Create a new file named Default.aspx in the website folder, with the following content:

<%@ Page Language="C#" AutoEventWireup="true"  
  CodeFile="Default.aspx.cs" Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 
  Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/
    xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" >
<head id="Head1" runat="server">
    <title>BotDetect Demo</title>
</head>
<body>
  <form id="form1" runat="server">
    <div id="PromptDiv">
      <span id="Prompt">Type the characters you see in 
        the picture</span>
    </div>
  </form>
</body>
</html>

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 2

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 3

Create a new file named Default.aspx.cs in the website folder, with the following content:

using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;

public partial class _Default : System.Web.UI.Page 
{

}

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 4

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 5

Append the following lines into httpd.conf (located in /usr/local/apache2/conf/ by default):

Alias /BotDetectSample "/usr/local/apache2/htdocs/BotDetectSample"
AddMonoApplications default "/BotDetectSample:/usr/local/apache2/
  htdocs/BotDetectSample"
MonoServerPath /usr/bin/mod-mono-server2
<Location /BotDetectSample>
    SetHandler mono
</Location>

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 6

Restart Apache:

$httpd –k restart

...and if everything is configured correctly, you should see the page in your browser when you navigate to http://localhost/BotDetectSample/

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 7

[back to top]

Step 3. Configure your site to use BotDetect CAPTCHA

Create a sub-folder named bin in the website folder

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 8

Copy the Lanap.BotDetect.dll file into the newly created bin folder

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 9

Create a new file named Web.config in the website folder, with the following content:

<?xml version="1.0"?>
<configuration>
  <appSettings/>
  <connectionStrings/>
  <system.web>
    <httpHandlers>
      <add verb="*" path="LanapCaptcha.aspx"
        type="Lanap.BotDetect.CaptchaHandler,
        Lanap.BotDetect"/>
    </httpHandlers>
    <sessionState mode="InProc" cookieless="AutoDetect"
      timeout="20" />
   
    <!--
    Set compilation debug="true" to insert debugging
    symbols into the compiled page. Because this
    affects performance, set this value to true only
    during development.
    -->
    <compilation debug="false">
      <assemblies>
       <add assembly="System.Design, Version=2.0.0.0,
         Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A"/>
      </assemblies>
    </compilation>
   
    <!--
    The <authentication> section enables configuration
    of the security authentication mode used by
    ASP.NET to identify an incoming user.
    -->
    <authentication mode="None"/>
  </system.web>
</configuration>

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 10

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 11

Add the following line to the top of the Default.aspx file, just below the <%@Page %> directive:

<%@ Register Assembly="Lanap.BotDetect"
  Namespace="Lanap.BotDetect" TagPrefix="BotDetect" %>

In the same file, add the following code fragment to the form where you want to show the BotDetect CAPTCHA image:

<div id="CaptchaDiv">
  <BotDetect:Captcha ID="SampleCaptcha" runat="server" />
</div>

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 12

Save all changes, and refresh the page in the browser. You will see a CAPTCHA image rendered on your web form.

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 13

[back to top]

Step 4. Add BotDetect CAPTCHA user input validation

In the Default.aspx file, add the following code fragment to the form:

<div id="ValidationDiv">
  <asp:TextBox ID="CodeTextBox" runat="server">
  </asp:TextBox>
  <asp:Button ID="ValidateButton" runat="server"
    Text="Validate" />
  <asp:Label ID="MessageCorrectLabel" runat="server">
  </asp:Label>
  <asp:Label ID="MessageIncorrectLabel" runat="server">
  </asp:Label>
</div>

In the Default.aspx.cs file, add the following code fragment to the class definition:

protected void Page_PreRender(object sender, EventArgs e)
{
  /// initial page setup
  if (!IsPostBack)
  {
    /// set control text
    ValidateButton.Text = "Validate";
    MessageCorrectLabel.Text = "Correct!";
    MessageIncorrectLabel.Text = "Incorrect!";
 
    /// these messages are shown only after validation
   MessageCorrectLabel.Visible = false;
    MessageIncorrectLabel.Visible = false;
  }
       
  if (IsPostBack)
  {
    /// validate the input code, and show the appropriate
    /// message
    string code = CodeTextBox.Text.Trim().ToUpper();
       
    if (SampleCaptcha.Validate(code))
    {
      MessageCorrectLabel.Visible = true;
      MessageIncorrectLabel.Visible = false;
    }
    else
    {
      MessageCorrectLabel.Visible = false;
      MessageIncorrectLabel.Visible = true;
    }
 
    CodeTextBox.Text = null;
  }
}

Save all changes, and refresh the page in the browser. You can then try CAPTCHA validation in action.

How To use BotDetect ASP.NET CAPTCHA on Linux/Apache servers: screenshot 14

On production web sites you will typically change the validation code to redirect the user to the resource requested if CAPTCHA validation succeeds.

[back to top]

Sample ASP.NET BotDetect CAPTCHA Projects

The BotDetect CAPTCHA installation also includes a number of sample code projects demonstrating how to use BotDetect CAPTCHA. You can get a result equivalent to the above step-by-step guide by copying the BotDetect CAPTCHA Validation sample project files to your Linux server and publishing it on Apache using Mod_Mono in the same way as described above.

[back to top]

logo Lanapsoft Inc. © 2004-2008
all rights reserved