I’ve been running a manual script to access the API of a website I do not control. Recently, the website’s operators started using Cloudflare to protect against DDoS attacks from bots. However, this also prevents the my manual script’s user agent from accessing the API; it only receives the managed-challenge page that requires a browser to complete.
Is there any way to receive a CAPTCHA that I can complete by hand and submit from my script without requiring a browser? Or is the only option to attempt to register my script as a verified bot?
Your best bet would be to contact the owners of the site. Even if you get your bot verified, there is no way to guarantee that it would make it through the sites’ firewall.
I have already contacted the operators; they have Bot Fight Mode enabled to defend against DDoS attacks on the API and other pages, and almost all legitimate users access the API from the browser, so they are unwilling to bypass the managed challenge. I’m primarily wondering if there’s any way for a non-automated, non-browser user agent to present a challenge for the user to complete; this script is not used as a bot by Cloudflare’s definition.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.