Migrating from Cloudflare Turnstile

This guide helps you transition from Cloudflare Turnstile to ALTCHA Sentinel, a self-hosted, privacy-friendly alternative that ensures protection without relying on external cloud services or data logging.

Why Switch?

While Turnstile is less intrusive than traditional CAPTCHAs, it still requires a dependency on Cloudflare’s infrastructure and global network. ALTCHA provides a sovereign alternative, allowing you to run the entire verification process on your own hardware while maintaining a frictionless user experience.

Key Differences

Feature	Cloudflare Turnstile	ALTCHA Sentinel
User Experience	Frictionless	Frictionless PoW (Proof-of-Work)
Implementation	Requires Cloudflare service	Self-hosted; runs on your infrastructure
Privacy	Cloudflare logs and tracks data	Zero tracking, privacy-focused
Accessibility	Generally accessible	Fully WCAG-compliant
Compliance	Varies by region/usage	GDPR, CCPA, HIPAA, LGPD, & PIPL compliant
Verification	Server-to-Cloudflare API call	Fast, local cryptographic verification
Limits	Tiered usage limits	Unlimited usage

Implementation Comparison

Previous Implementation (Turnstile)

• Frontend: Required loading an external script from challenges.cloudflare.com and adding a container with a data-sitekey.
• Backend: Involved a mandatory outgoing POST request to Cloudflare’s siteverify endpoint, often requiring the user’s IP address and a secret key for validation.

New Implementation (ALTCHA)

ALTCHA keeps the verification loop within your own environment, improving privacy and reducing external dependencies.

Frontend: Import the package and add the widget to your form.

import "altcha";

<form action="/submit" method="post">
  <altcha-widget
    challenge="https://your-challenge-url">
  </altcha-widget>
  <button type="submit">Submit</button>
</form>

For a deep dive into customization, see the Widget Integration guide.

Backend: Verification is performed locally using your server-side secret, removing the need for an external API round-trip to Google.

TypeScript

Dart

PHP

Go

Python

Java

Ruby

Elixir

Rust

C++

Learn more about validating payloads in the Server Integration guide.

Migration Steps

1. Remove Turnstile Dependencies

   • Remove the Turnstile script tag and the .cf-turnstile container from your HTML.
   • Clear out Cloudflare secret keys from your backend configuration.

2. Deploy ALTCHA Sentinel

   • Set up ALTCHA Sentinel or integrate the challenge generation into your existing backend.

3. Update Frontend

   • Replace the Turnstile widget with the <altcha-widget> as described in the Widget Integration guide.

4. Update Server-Side Verification

   • Swap the Cloudflare API request for a local verification check using one of our Server Integration libraries.

Benefits After Migration

• Infrastructure Independence: No dependency on Cloudflare’s uptime or service changes.
• Data Privacy: Eliminates external logging of user metadata and IP addresses.
• Low Latency: Local verification removes the delay of cross-network API calls.

Resources

• Troubleshooting Integration
• Server-Side Libraries
• API Reference