XenForo Add-on
Protect XenForo 2.x forums with Crovly captcha. Drop-in reCAPTCHA replacement — registration, login, and contact forms.
Requirements
- XenForo 2.2 or later
- PHP 7.4 or later
- A Crovly account (app.crovly.com)
Installation
-
Download the latest release from GitHub
-
Upload the
src/addons/Crovly/directory to your XenForo installation'ssrc/addons/directory -
Install the addon from Admin CP:
- Go to Admin CP → Add-ons → Install/upgrade from archive
- Or navigate to Admin CP → Add-ons and click Install next to "Crovly Captcha"
-
Configure the addon:
- Go to Admin CP → Setup → Options → Crovly Captcha
- Enter your Site Key and Secret Key from the Crovly dashboard
- Set the widget theme (
auto,light, ordark)
-
Enable Crovly as your CAPTCHA provider:
- Go to Admin CP → Setup → Options → Basic board information
- Set Use CAPTCHA for guests to Yes
- Set CAPTCHA type to Crovly (Privacy-first PoW Captcha)
Configuration
| Setting | Description | Default |
|---|---|---|
| Site Key | Your public site key (crvl_site_...) | (required) |
| Secret Key | Your secret key (crvl_secret_...) | (required) |
| Theme | Widget appearance: auto, light, or dark | auto |
Protected Forms
Once enabled, Crovly automatically protects all forms where XenForo uses CAPTCHA:
- Registration form
- Login form (after failed attempts)
- Contact form
- Guest posting (threads and replies)
- Any addon that uses XenForo's built-in captcha system
How It Works
- Form loads → Crovly widget appears
- Browser solves a Proof of Work challenge (~200ms)
- Fingerprint + environment checks run (no personal data collected)
- Token is submitted with the form
- Server validates the token with Crovly's API
Uninstallation
- Go to Admin CP → Add-ons
- Click Uninstall next to "Crovly Captcha"
- Delete the
src/addons/Crovly/Captcha/directory