Cloudflare protected websites over Squid Proxy

Heyo,

I have a problem with Cloudflare protected websites over proxy.
The verification method after validation’s going back to the beginning.
I’ve tried using WARP, but there’s the same problem.

What should I do?

Also here’s the config:

http_port 3127 transparent ssl-bump \
   generate-host-certificates=on \
   cert=/server/squid/conf/certs/crt.pem \
   key=/server/squid/conf/certs/key.pem \
   dynamic_cert_mem_cache_size=16MB
https_port 3126 transparent ssl-bump \
   generate-host-certificates=on \
   cert=/server/squid/conf/certs/crt.pem \
   key=/server/squid/conf/certs/key.pem \
   dynamic_cert_mem_cache_size=16MB
http_port 3130 ssl-bump \
   generate-host-certificates=on \
   cert=/server/squid/conf/certs/crt.pem \
   key=/server/squid/conf/certs/key.pem \
   dynamic_cert_mem_cache_size=16MB

sslcrtd_program /server/squid/app/libexec/security_file_certgen -s /server/squid/app/var/ssl_db -M 2048
sslcrtd_children 20

on_unsupported_protocol tunnel all

acl cloudflared dstdomain *.cloudflare.com
acl cloudflared dstdomain cloudflare.com

ssl_bump client-first
ssl_bump bump !cloudflared
ssl_bump peek !cloudflared
ssl_bump splice !cloudflared

refresh_pattern ^ftp:		1440	20%	10080
refresh_pattern ^gopher:	1440	0%	1440
refresh_pattern -i (/cgi-bin/|\?) 0	0%	0
refresh_pattern .		0	20%	4320

acl localnet src 192.168.4.0/24
acl localnet src 192.168.0.0/24
acl localnet src 192.168.6.0/24
acl localnet src 192.168.3.0/24
acl localnet src 192.168.2.0/24
acl localnet src 127.0.0.0/8

acl SSL_ports port 443         # https

acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl Safe_ports port 8080        # http proxy
acl Safe_ports port 3127
acl CONNECT method CONNECT

http_upgrade_request_protocols OTHER allow all
http_upgrade_request_protocols WebSocket allow all

via off
forwarded_for off

http_access deny CONNECT !Safe_ports
http_access deny !localnet
dns_nameservers 192.168.2.9
httpd_suppress_version_string on
shutdown_lifetime 30 seconds
cache_mem 1024 MB

cache_dir aufs /server/squid/app/var/cache/squid 1024 16 256

maximum_object_size 8 MB
read_ahead_gap 64 KB

error_directory /server/squid/conf/pages/

coredump_dir /server/squid/app/var/coredump

acl QUERY urlpath_regex cgi-bin \? asp aspx jsp
cache deny QUERY

access_log /server/squid/app/var/logs/access.log

pid_filename /server/squid/conf/squid.pid

acl local-servers dstdomain *.dank-me.me
acl local-servers dstdomain *.forgejo.xaviama.dank-me.me
acl local-servers dstdomain *.xaviama.dank-me.me
acl local-servers dstdomain dank-me.me
always_direct allow local-servers

acl no-cache dstdomain *.forgejo.xaviama.dank-me.me
cache deny no-cache

max_stale 7 day

request_header_access Allow allow all
request_header_access Authorization allow all
request_header_access WWW-Authenticate allow all
request_header_access Proxy-Authorization allow all
request_header_access Proxy-Authenticate allow all
request_header_access Cache-Control allow all
request_header_access Content-Encoding allow all
request_header_access Content-Length allow all
request_header_access Content-Type allow all
request_header_access Date allow all
request_header_access Expires allow all
request_header_access Host allow all
request_header_access If-Modified-Since allow all
request_header_access Last-Modified allow all
request_header_access Location allow all
request_header_access Pragma allow all
request_header_access Accept allow all
request_header_access Accept-Charset allow all
request_header_access Accept-Encoding allow all
request_header_access Accept-Language allow all
request_header_access Content-Language allow all
request_header_access Mime-Version allow all
request_header_access Retry-After allow all
request_header_access Title allow all
request_header_access Connection allow all
request_header_access Proxy-Connection allow all
request_header_access User-Agent allow all
request_header_access Cookie allow all
request_header_access Access-Control-Allow-Origin allow all
request_header_access allow all