Captcha loop for http

My webserver provide only http, so we use the wonderful Cloudflare certificate and “always https” ! Without captcha it works for any kind of entry

  • https://www.mydomain.com[/abc/xyz]
  • https://mydomain.com[/abc/xyz]
  • http://mydomain.com[/abc/xyz]
  • typing mydomain.com[/abc/xyz] to in browser url bar
  • from Google search

The final destination will always be :

  • https://www.mydomain.com[/abc/xyz]

it has been like that for quite sometime. But recently, attackers were able to overcome “under attack mode” and js_challenge so we have to use captcha Challenge. The problem is captcha only work when user fully enter https://mydomain.com. The captcha loop will occur in the following case:

  • http://mydomain.com[/abc/xyz]
  • typing mydomain.com[/abc/xyz] to in browser url bar : tested on Chrome and safari ( iOs and Android)

This would affect alot of our legit users.

Any suggestions guys ?

P/s:

  • my domain : gai [dot] to
  • I have read similar topic but not right for me

the hCaptcha did mark the check-box at “I am not human” and force me to try the captcha again and again. After 7-9 times, I got through. Annoying !

So, it is not really a loop but I decide to keep this topic instead of deleting it

This topic was automatically closed after 30 days. New replies are no longer allowed.