This is not a Cloudflare captcha it’s a Google captcha.
How have you determined the response is being cached by Cloudflare? What is the value for cf-cache-status: header in a request which displays the captcha?
Hi @cscharff - You’ve already been very helpful in pointing out that this is Google’s CAPTCHA Challenge
To check header status I need to refresh the page and I’ve already cleared cache so would need to check it when the this problem happens again and this CAPTCHA page is cached again
However luckily I did have a tab open from earlier so I’ve had a quick look at the elements and there are definitely signs it’s coming from Cloudflare
Any ideas how this is even happening? We never had this issue prior to switching to Cloudflare and we don’t have anything on our website that even trigger Google.s CAPTCHA challenges so multiple things I am confused about.
On the network tab for the page in your screenshot if it’s still up you should be able to view the headers for the request for the main page itself to see the Cloudflare cache status.
I don’t doubt the page is being served by Cloudflare or that the user is being presented with a captcha from Google (I did a test to the website and traffic is definitely going through Cloudflare so that makes sense)… the question is really… is Cloudflare presenting a captcha page that it has somehow cached? (not sure thats even possible TBH) And the header mentioned previously would be one part of determining that.
The more likely scenario is users are being prompted by Google to prove they are human because… I have no idea really, I don’t use Google recaptcha. But it’s my understanding that’s a client side validation.
@cscharff Thanks for your help again, here’s another picture of network tab
We’re on wordpress and don’t have any plugins (WordFence) or anything a like that would be doing this. Not even sure how google captcha is being put into the website.
If you even try to solve the captcha it sends you in an infinite loop which was the first clue it’s something cached version perhaps
two get rid of it only two ways
a) Clear cache
b) ctr + shift + r (on the page to grab a fresh version)
So I have made some progress, the bot detection reCAPTCHA is coming from Litespeed/Hostinger side, however, their support team refuse to switch it completely off as it will show for some users based on thresholds.
Big question is, is it possible to configure Cloudflare to not cache it?
