Display captcha instead of fully blocking access from outdated browsers

Hello. I created a rule on the firewall whose action is the manage challange, but if the user’s browser is out of date (it doesn’t have to be very out of date) Cloudflare completely blocks access, preventing the user from browsing the site.
The action is very radical.
Even switching to interactive challenge or JS challenge, if the browser is out of date, the user cannot access the site at all.
Is there any way to really display the interactive challenge (such as captcha) or another way to prevent users with slightly outdated browsers from being completely blocked from accessing the site?
Thank you!

1 Like

I believe Cloudflare has stopped using hCaptcha altogether, setting the “interactive” challenge will only force customers to click the button and not show a hCaptcha challenge.

Turnstile and CF challenges have been receiving a lot of updates in the previous months so it’s likely that bugs or unwanted flags have been introduced in between, if you feel like that’s the case, RayIDs and browser information would help.

Not at all.

Yup, depends on how old the browser is though. In some cases old browsers may represent a small portion of traffic, out of which 99% are bots and 1% are human.

If this annoys you, the best approach would be collecting logs and posting them here. 1 report won’t change anything but if more people are being affected by this trend report similar issues, it’s likely to get attention.

2 Likes

Hi jnperamo, thank you for your attention!

Yes, most users use up-to-date browsers, but it is sad that some legitimate users using older devices with out-of-date browsers are simply unable to access the site. Part of the accesses are from low-income people who use old devices, increasing the percentage of outdated browsers.
eg:
Ray ID 7b637ed188faa667

Even disabling the Browser Integrity Check in Security > Settings, users with outdated browsers only get the message:
Seu navegador está desatualizado! Atualize seu navegador para visualizar este site corretamente.
(Your browser is out of date! Update your browser to view that website correctly.)

Even switching rule action from managed challenge to interactive challenge, Cloudflare does not show any hCaptcha or Turnstile for outdated browsers, instead, only a message asking the human user to update the browser, without any additional options.

Yeah, its unlikely that they have any chance at passing any challenge if the browser is outdated.

Do you know what browsers the affected visitors are using?

Hi!
Here is one example of user agent:
Mozilla/5.0 (Linux; Android 8.1.0; Redmi 6A Build/O11019) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.91 Mobile Safari/537.36

Can you confirm that this is the correct rayid? I shared it internally but they weren’t able to find it. Is it recent?

Yes, it is correct.
One more example:
Ray ID

7b641216a9d86019

Is from today

Could you let me know, please, if Cloudflare could send me a list of user agents that are not able to support any type of challenge and are completely blocked? I understand that it will open a loophole for the fake user agent, but, in my case, it’s better than losing real access.

Chrome 68 and below are blocklisted by user agent string, when the challenge is delivered, the “.ua0” or “.uaO” flag, Chrome 69 and up dont see outdated warning.

Turnstyle can’t pass on Chrome 49 anyways because of RangeError Infinite recursion in

"use strict";
(function() {
    function h(e, r) {
        return r != null  && typeof Symbol != "undefined" && r[Symbol.hasInstance] ? !!r[Symbol.hasInstance](e) : h(e, r)
    }

in

https://challenges.cloudflare.com/turnstile/v0/b/e6489737/api.js?onload=PyE3&render=explicit because Symbol.hasInstance was added in Chrome 50. Chrome 69 DOES NOT have the outdated warning but loops forever in challenge (broken). I use this URL as a test, https://www.tabascohoy.com/favicon.ico Chrome 70 passes the challenge in 5 secs or less, 1 pass. This info is current July 2023.