DDOS JS Challenge now takes a few attempts to pass

Today it takes multiple JS Challenge attempts to get into my WP Admin section. Before today, it succeeded first time every time. Any idea what can cause this?

The reason I ask, I’m trying to update a WP page by altering the code. For some reason I’m not able to do so, the page keeps flickering (refreshing???) and moves the cursor to the end of the code. Hence I’m unable to make any changes as I can’t get the cursor to stop where I want. This is weird, but I’m wondering if it’s related to the multiple JS Challenges, which is also weird.

From the firewall checks:

I have experienced this in the past as well, I think that it’s when for some reason the challenge you were solving is invalidated and the server sends you a new one.
The reason for this? It’s likely due to a request being made before the previous challenge was solved, I ignore what could cause this, could be a CF update or something from WP.

It’s an automated JS Challenge - there’s no need for me to enter anything

I have JS challenge events on a daily basis at Firewall rules for such as Tor users or some bots (using Bot Fight mode).

Not for wp-admin/wp-login that much because I block all the requests to wp-login excluding only my country (there I have “blocked” events).

Do you have some cache plugin installed at WordPress?

Saw this kind of an issue with a plugin W3 Total Cache and it’s Page Cache setup, and also having Cache Everyting at Cloudflare Dashboard (regarding the Page Rules).

It could be that W3TC somehow cached the page, either the cached one is at a Cloudflare with that JS Challenge.

So, you are kind of in “a loop” because of it.

Cloudflare is the only cache. This only started today and nothing changed…

The strangest thing is not being able to edit a WP page because of the constant refreshing (or whatever is happening - the screen flickers and the cursor pushed to the end of the page multiple times a second). It could be the multiple JS Challanges and the cursor moves aren’t related; today is the first time I’ve ever seen either happening so checking if they’re connected). Using WP 5.7. All plugins and themes are up to date.

You setup the “standard cache” (not using “Cache Everything”) or something more?

Do you have some Firewall rules which could trigger onto some external resource from being loaded up at your Website?

Is the IP address from the events yours or someone elses?

Is the file corrupted or a malware? Have you scanned it?

Standard cache, no firewall rules (apart from the admin pages), my IP and scan reports clean

This topic was automatically closed after 30 days. New replies are no longer allowed.