Install the Widget
Add SilentShield to your website with just two lines of code. The widget automatically detects forms and starts protecting them.
Basic Integration
Add this code snippet before the closing </body> tag of your website:
<script src="https://api.silentshield.io/client.js?key=YOUR_API_KEY" defer></script>
<script>
document.addEventListener('DOMContentLoaded', function() {
SilentShield.init({ apiKey: 'YOUR_API_KEY' });
});
</script>What Happens Automatically
- The widget detects all forms on the page
- Behavior analysis starts in the background (invisible to users)
- A CAPTCHA appears only when suspicious behavior is detected
- A verification nonce is injected into forms before submission
Server-Side Verification (Recommended)
After a form is submitted, validate the nonce on your server to confirm the submission is from a human.
POST https://api.silentshield.io/api/v1/captcha/verify-nonce
X-Api-Key: YOUR_API_KEY
PHPphp
<?php
$nonce = $_POST['ss_nonce'] ?? '';
$ch = curl_init('https://api.silentshield.io/api/v1/captcha/verify-nonce');
curl_setopt_array($ch, [
CURLOPT_POST => true,
CURLOPT_HTTPHEADER => [
'Content-Type: application/json',
'X-Api-Key: ' . $apiKey,
],
CURLOPT_POSTFIELDS => json_encode(['nonce' => $nonce]),
CURLOPT_RETURNTRANSFER => true,
]);
$result = json_decode(curl_exec($ch), true);
curl_close($ch);
if ($result['verdict'] === 'bot') {
http_response_code(403);
die('Bot detected');
}Node.jsjavascript
const response = await fetch('https://api.silentshield.io/api/v1/captcha/verify-nonce', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-Api-Key': process.env.SILENTSHIELD_API_KEY,
},
body: JSON.stringify({ nonce: req.body.ss_nonce }),
});
const data = await response.json();
if (data.verdict === 'bot') {
return res.status(403).json({ error: 'Bot detected' });
}Testing
Add ?silentshield-debug to your URL to activate the debug overlay. It shows the current behavior score, verdict, and active features in real time.