Even though I have yet to publicize this blog in any way, I was already getting multiple spam comments per day. Spammers are amazingly resourceful for being evil bastards. Anyways I wanted to get reCAPTCHA working for comments. This post describes what it took more me to incorporate reCAPTCHA with BlogEngine.NET.
I chose reCAPTCHA mostly because that service because it seems popular, and because Google is a big name that I use for a lot of web services. After a bit of research, it turns out that BlogEngine.NET supports reCAPTCHA out of the box starting in version 1.6.1. But, the BlogEngine.NET installer from my host, CrystalTech, installs version 1.6.
So, I ran through the instructions on this post to manually upgrade 1.6 to 1.6.1. Once that was done, the ReCAPTCHA extension was available in my blog settings. I signed up for ReCAPTCHA, got my public and private keys, entered them into the extension settings, and reCAPTCHA was suddenly protecting my comments form. Pretty easy.
However, when I tried to submit a comment, even when the captcha text was correct, I would get a ASP.NET exception related to System.Net.WebPermission. After some more research, this turns out to be related to a web application trying to do something that requires full trust when it is only running in partial trust. It seems that by default CrystalTech runs ASP.NET apps in partial trust. The trust web.config element can be used to change the trust level of an application. So, I added this in the system.web node of the BlogEngine.NET web config:
And lo and behold it is now working! Nothing is ever simple. :-)