Protection of websocket game

Hello, we have a WebSocket connection between a Java app and a backend server. We are facing a problem regarding protecting it with Cloudflare, specifically using GeoIP blocking. Our goal is to require a captcha for players from graylisted countries. But app is not browser.

We attempted a solution by redirecting the player to a browser URL where they could solve the captcha. However, when the player returns to the app, they still encounter a 403 error. I believe this is because Cloudflare recognizes that the “ray” (the request) has passed the captcha, but it doesn’t associate the solved captcha with the player’s IP.

Do you have any ideas on how we can effectively utilize Cloudflare’s protection in this case?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.