Pricing

No plans, no tiers, no surprises. reForge Captcha is completely free.

$0

Forever. No credit card. No rate limits. No paid tiers. Just free bot protection for everyone.

Everything Included — Always Free

All features, all widget types, unlimited sites and verifications. No strings attached.

Widget Types
  • Checkbox widget
  • Invisible widget
  • Managed (adaptive) widget
  • Image challenge widget
  • Dark, light & auto themes
  • 10+ languages supported
Sites & Domains
  • Unlimited registered sites
  • Unlimited verifications/month
  • Subdomain support
  • Per-site configuration
  • Adjustable score thresholds
  • Instant site activation
Risk Engine
  • Real-time scoring
  • Browser fingerprinting
  • Behaviour analysis
  • IP reputation signals
  • Bot pattern detection
  • Score 0.0 – 1.0 returned
Analytics
  • Per-site dashboards
  • Pass / fail / suspicious breakdown
  • 14-day traffic charts
  • Challenge type distribution
  • Recent verification log
  • Average score tracking
Developer API
  • REST verify endpoint
  • JSON response with score
  • Scoped API keys
  • Token expiry & replay protection
  • CORS support
  • Server-side SDK-free
Privacy & Security
  • No visitor cookies
  • GDPR & CCPA compliant
  • No data sold, ever
  • Secret key never exposed
  • Token one-time use
  • 2-minute token TTL
Get Started Free Read the Docs
FAQ
Common questions

Everything you need to know about reForge Captcha.

Is it really free forever?

Yes. reForge Captcha is built and maintained by CodeForgeX Studio as a free tool for the developer community. There are no hidden paid tiers, no usage caps, and no credit card required — ever.

How many sites can I add?

Unlimited. You can register as many domains as you need. Each gets its own site key, secret key, widget configuration, and analytics dashboard.

Is there a verification rate limit?

No rate limits on verifications. Whether your site gets 10 or 10 million submissions per month, reForge Captcha handles them all at no cost.

How does the risk scoring work?

Every challenge submission is scored from 0.0 (bot) to 1.0 (human) based on browser fingerprint, mouse behaviour, timing signals, IP reputation, and user agent analysis. You set the threshold per site.

Does it work without JavaScript?

The widget requires JavaScript to run the risk engine client-side. Invisible and managed modes especially rely on JS behaviour signals. For no-JS environments, fallback to server-side checks is recommended.

Is it GDPR compliant?

Yes. reForge Captcha does not set cookies on your visitors' browsers, does not sell or share visitor data, and processes only the signals necessary to compute a risk score. No personal data is stored beyond the IP address used for scoring.

What frameworks does it support?

Any framework that renders HTML. The widget is a plain JavaScript file loaded via a script tag. It works with React, Vue, Svelte, Angular, Laravel, WordPress, plain PHP, Next.js, and more.

How is it different from reCAPTCHA or Cloudflare Turnstile?

Unlike Google reCAPTCHA, we don't use your visitors to train ML models and we don't track them across the web. Unlike Cloudflare Turnstile, we're not tied to a CDN product. We're a standalone, privacy-first captcha that's free regardless of your hosting setup.

Start protecting your forms today

Free forever. No limits. Setup in under 2 minutes.

Create Free Account