1. Add sitekey
2. Add client-side code snippets to protect pages
3. Add server-side verification logic