Captcha Timeout Errors - Why? Can the Settings be Changed?

I’m using Cloudflare to protect our new member registration system from hackers, so we use Cloudflare. However, I continue to receive reports from members who report getting timeout errors, messages indicating they ran out of time and need to refresh the page and start again. Is there a limit to how long someone has to complete our signup form? If yes, is there any way to update the settings to give our members more time to complete the form? It seems unconscionable that someone would fill out a long form and then be told they need to start over from scratch.

Someone told me anyone using a VPN would get this error but that doesn’t sound accurate. I look forward to your thoughts on members who use a VPN to access our site.

Thanks in advance for any help anyone can provide!


P.S. We use Cloudflare Turnstile.

I have Turnstile active on long, multi-page WordPress forms and haven’t experienced any such time outs nor got any such reports from site users (very active sites doing 100k+ page views/month).

Is there a chance you can give us a link to test this?


I’m not a developer, but reading through the client-side rendering documentation, a few details scream at me considering your issue:

  • First, there’s a 300-second (5-minute) timeout between when a challenge token is issued and when it must be validated
  • The challenge token may be obtained automatically when a widget is rendered, or later when a when explicitly called.
  • It’s also possible to refresh the widget to request a new token, either automatically or manually (by the user). So properly implemented, even an expired token shouldn’t prevent the submission of forms.

So I guess the timeout you’re experiencing may boil down to how Turnstile is implemented on your site.

But then it could be something else entirely :smiley:


Hi George,

Thanks so much for your thoughtful reply.

The problem doesn’t happen all the time, I’m trying to track down the OS, browser, etc. but so far I have four reports of the captcha expiring.

We’re building a development environment. If you would like to try to register, please go to the following URL:

Thank you again!


Does anyone else have any ideas?

Thank you very much!