Community Tip - Best Practices For Captcha Challenges

firewall
CommunityTip
#1

Error
Try the suggestions in this Community Tip for best practices for dealing with captcha challenges.

Background
The IP address you are on has shown problematic activity online in one of our data sources. When visiting a site that uses Cloudflare, you’re presented with a screen that reads "One more step Please complete the security check to access example.com" and then presented a series of captcha challenges.

Quick Fix Ideas

  1. Check your IP reputation at Project Honeypot. If the IP address shows data for malicious activity, you can see why there. You can also attempt to whitelist your IP directly on that page by connecting from that IP.

  2. The site owner decided to block the country from which you are visiting. Contact the site owner to remove the block.

  3. Your actions are triggering a Web Application Firewall rule that the website owner has turned on. Contact the site owner to let them know and request access.

  4. You have a computer/IoT device that is infected with malware or some kind of virus. Scan for malware to ensure your devices are not infected.

  5. Scripts or bots (e.g., scrapers) carrying out automated tasks. Contact the site owner to inspect logs.

  6. The site security level setting is too aggressive. Security Level uses your IP reputation to decide whether to present a challenge. The IP reputation is calculated by an internal algorithm on our end and ranges from 0 to 100. Contact the site owner and ask if they can reduce the security level for the site.

  7. Take no action and allow your reputation to reset by itself - if the issue is related to IP reputation, this is the safest option, wait 5 days with no bad acts. If the challenge is caused by a security setting, contact the site owner, waiting won’t help.

  8. Reset devices over night and hope for a different IP.

  9. Contact your ISP and ask for a new IP.

  10. If after taking remediation steps your IP reputation score does not increase, the likelihood is something is infected on your infrastructure.

  11. If it’s happening on a site you control, whitelist the IP address in your IP firewall. This will allow visitors to access the site. This also means that they will be able to bypass the WAF and as such isn’t ideal.

  12. If you are constantly failing the challenge and are running anti-virus or firewall on your computer, check to make sure that they aren’t blocking access to the captcha image.

  13. Run Privacy Pass.

Lite Reading

Background Resources
Knowledge Base
YouTube

Research The Issue
Community
Google

If You Need More Help
The challenge is happening due to your IP reputation and/or the settings the site owner has implemented. While this community of other Cloudflare users may be able to assist you to adjust your site security settings, they cannot assist with IP reputation. If you need additional assistance, login to Cloudflare and then contact Cloudflare Support. When you contact support, make sure to include as much of this information as possible: domain name, screen shots, IP address, and/or HAR file(s).

Expert Comments Appreciated
This Community Tip will remain open for input from Community experts and those familiar with this issue. We really appreciate comments that start with words like: “The three things I always try”, or “Do this first”, or “In my experience”.

This is a Cloudflare Community Tip, to review other tips click here.

Çevirmek…traduzir…翻译…traducir…Traduire…Übersetzen…:globe_with_meridians: Translate

4 Likes
Cloudflare blocking my IP?
How to know why IP is on the black list?
Getting lots of CAPTCHA since 01/21/2019
Getting lots of CAPTCHA since 01/21/2019
Community Tip - All Published Tips
Getting a captcha on every site I go on
Authentication issues, URGENT
Cant add my alert box and my stream doesnt let me add stuff
IP Blocked
Cloudflare blocking my IP?
Captcha on every Cloudflare protected website
Cloudflare blocking my IP?
Black listed by Cloudflare
#2

With some cable Internet providers you can expedite #8 with the following,

  1. Turn off your cable modem. (not router)
  2. From your router’s WAN config page, release the IP.
  3. Change the WAN MAC address.
  4. Turn on your cable modem.
  5. Renew WAN IP.
    *Note: Before modifying any settings, please take a minute to document the existing ones!

if you have a spare router laying around, you can also try this

  1. Turn off your cable modem and main router.
  2. Place the Ethernet cable from your main router WAN port in to your spare router WAN port.
  3. Turn on your spare router.
  4. Wait a minute then turn on your modem.
  5. After another minute, turn off your modem.
  6. Plug the Ethernet cable back in to your main router WAN port.
  7. Turn on the main router.
  8. Wait 1 minute and turn on your Modem.
1 Like
closed #3

This topic was automatically closed after 30 days. New replies are no longer allowed.