Constant security checks on discourse ajax requests


we run a small discourse forum with Cloudflare.
Whenever people post Code (PHP, HTML, JS), but also regular “text only” posts, Cloudflare intercepts requests and serves the 403-captcha-security-check page, but since discourse works mainly with ajax request handled in background, the visitors never see this secutiry checks, therefore they can not complete captcha and publish their posts.

Since you also use discourse for your community, may i ask you if you did some special configuration to make discourse run?

(we have a vps with discourse docker container without additional nginx proxy)


Until you get an official reply, what’s your Security Level set to in your Cloudflare Firewall page? You could try lowering it to see if that helps.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.