My webserver provide only http, so we use the wonderful Cloudflare certificate and “always https” ! Without captcha it works for any kind of entry
- typing mydomain.com[/abc/xyz] to in browser url bar
- from Google search
The final destination will always be :
it has been like that for quite sometime. But recently, attackers were able to overcome “under attack mode” and js_challenge so we have to use captcha Challenge. The problem is captcha only work when user fully enter https://mydomain.com. The captcha loop will occur in the following case:
- typing mydomain.com[/abc/xyz] to in browser url bar : tested on Chrome and safari ( iOs and Android)
This would affect alot of our legit users.
Any suggestions guys ?
- my domain : gai [dot] to
- I have read similar topic but not right for me