captcha_length
The 'captcha_length' directive specifies the length of the generated captcha text.
Description
The 'captcha_length' directive defines how many characters will be included in the captcha string generated by the NGINX Captcha Module. This directive can be placed in http, server, or location contexts, allowing for flexible configuration across different sections of your NGINX setup. When you specify a value for this directive, it directly influences both the difficulty and the usability of the captcha, with shorter captchas being easier for bots to decipher and longer ones providing better security against automated submissions.
The parameter provided to 'captcha_length' should be a positive integer that represents the number of characters in the captcha text. Once defined, this length will be used during the captcha generation process, where a random selection of characters from the specified charset is drawn to create the captcha. This ensures that each generated captcha is unique and fits the defined length, which can enhance user experience while protecting against malicious bot activities.
It's important to choose an appropriate length for the captcha based on the intended audience and the security requirements of the application. Longer captchas generally provide stronger security by increasing the complexity for any attempting automated exploitations. However, excessively long captchas may frustrate legitimate users, so a balance must be achieved based on other factors like visual readability and response time.
Config Example
location =/captcha {
captcha;
captcha_length 6;
}
location =/login {
set_form_input $captcha_form captcha;
# Additional processing related to captcha verification...
}Ensure that the length specified is a positive integer, as negative values or zero will result in unexpected behavior.
Remember to choose a length that is appropriate for your audience; too long may frustrate users, while too short may be easily breached by bots.