Sitekey Configuration
To open a sitekey's configuration, go to the Dashboard, find the sitekey in the list, and click Details/HowTo.
Configuration tabs
The sitekey detail view is divided into tabs:
| Tab | Purpose |
|---|---|
| Details | View the sitekey, secret key(s), and additional secrets |
| Configuration | Advanced protection settings |
| Integration | Step-by-step integration instructions tailored to your technology |
| Permissions | Manage user access (visible to owners only) |
Details tab
| Field | Description |
|---|---|
| Label | Display name for this sitekey (editable in the Configuration tab) |
| Public Sitekey | The identifier used in data-sitekey on your frontend — safe to expose publicly |
| Secret Key | Private key for server-side verification — never expose in frontend code |
| Created | Timestamp when the sitekey was created |
The secret key is masked by default. Click the visibility toggle to reveal it. Copy it to a secure location such as an environment variable on your server.
Never expose the secret key in frontend code
The secret key is for server-side use only. Hardcoding it in JavaScript, committing it to a public repository, or sending it to the browser exposes your sitekey to abuse.
Integration tab
The Integration tab contains an interactive wizard that generates tailored setup instructions for your technology stack, with your sitekey pre-filled in every code snippet.
How the wizard works
- Pick a category — CMS / Website Builder, Frontend Framework, Backend / API, Mobile App, or Infrastructure.
- Pick your technology — choose from the options shown for that category (e.g. React, WordPress, Django, Android). A fallback option covers cases not listed.
- Follow the guide — ready-to-use snippets and links to the relevant documentation are shown with your sitekey already inserted.
Your selection is saved to the sitekey and reopened automatically the next time you visit this tab. To start over, click ← Change selection.
The categories and technologies available are:
| Category | Technologies |
|---|---|
| CMS / Website Builder | WordPress, Joomla, Drupal, TYPO3, Other CMS |
| Frontend Framework | React, Next.js, Gatsby, Vue 3, Nuxt, Angular, Svelte, SolidJS, Plain HTML / JS |
| Backend / API | Python, Django, PHP, Symfony, Laravel, Ruby, Java, Other / Generic API |
| Mobile App | Android, iOS, Flutter, Other mobile framework |
| Infrastructure | Caddy, Traefik, CrowdSec, Other proxy or gateway |
Configuration tab — Protection settings
The Configuration tab exposes advanced protection settings. Some settings are restricted to paid plans.
EU CAPTCHA Protection
Toggles protection on or off for this sitekey. When set to Off, the EU CAPTCHA widget renders but all requests pass through without challenge — useful for temporary debugging.
Initial difficulty value (0–3)
Sets the starting difficulty level assigned to a new IP address.
| Value | Behaviour |
|---|---|
0 |
Easiest — minimal challenge |
1 |
Low difficulty |
2 |
Medium difficulty |
3 |
Hardest — maximum challenge |
Higher values increase friction for all visitors, including legitimate users. Use with caution. Available on paid plans only.
Initial delay in seconds (3–30)
Sets the waiting time (in seconds) before a visitor can submit the challenge. Adds a time-based hurdle for bots that attempt to solve challenges instantly. Available on paid plans only.
Max parallel challenges per IP (1–10)
Limits the number of concurrent challenges that can be active from the same IP address. Reduces the impact of coordinated bot attacks from a single origin. Available on paid plans only.
Users with read-only access to a sitekey can view these settings but cannot change them.
Changing the sitekey label
Open the Configuration tab, edit the Label field, then press Enter or click away — the value is saved automatically. The label is used only for display in the dashboard.
Deleting a sitekey
See Deleting a Sitekey.