Support

You must NOT use this extension. It is coded in an incorrect and insecure manner.

The extension you are using is storing the CAPTCHA images in the tmp directory of Joomla! and the instructs your visitor's web browser to read them from there. The tmp directory of Joomla! is NOT supposed to be readable from the web and CAN AND SHOULD be pointed to a directory outside the web root. As a result we can safely conclude that the developer who wrote that CAPTCHA extension does not understand the fundamentals of Joomla! site security and Joomla! architecture. For this reason you should not be using it.

FYI, the temporary CAPTCHA images should be stored in a subdirectory of your site's media folder. This is why this folder exists since Joomla! 1.5 (released in 2007, there are no excuses to not know this by now if someone wants to call themselves a Joomla! extensions developer).

If you don't mind opening a potential backdoor to hackers you CAN make it work by adding

tmp

in the "Directories to allow direct access (except .php files)" setting in .htaccess Maker and then click on Save & Create .htaccess. However I do NOT recommend this AT ALL. It nullifies one of the must-have protections .htaccess Maker has to offer. I would recommend getting in touch with the developer of the extension and ask them to use the correct directory (media) instead.

Very good! For what it's worth, Joomla!'s ReCAPTCHA plugin also uses Google ReCAPTCHA, albeit the old version. Joomla! 3.4 to be released in a few days will have a new ReCAPTCH plugin using the new Google ReCAPTCHA code (also known as "NoCAPTCHA"). So there you go, you will be able to use Google's solution without the need for third party plugins :)