I was having one heck of a time getting ReCaptcha V3 working with Cloudflare. It turned out to a be a programming problem. Not a Cloudflare problem. It’s fixed, but I still have a problem…
ReCaptcha V3 works well AFTER it has seen your clicking around the website. But often somebody might just go direct to a URL without ever having been to your website. For example if another domain is being redirected to a page on your website, it is quite possible for somebody to visit your website and get rejected by ReCatcha. Emulating what a bot is doing, in fact. I’ve had to turn my settings to 0 on this page, meaning everyone get to visit that page, including the bots. The problem is Google leave the resolution to this completely blank. Something like, “if a real person gets rejected, you need to introduce some testing for human activity before letting them thru” ie another (re)Captcha solution. I also see this kind of activity on new registrations. Potential users are being blocked. And so again this is also set to 0. Setting ReCaptcha V3 to 0 is basically disabling it. So I need to increase these settings, so that real people can join.
What I need is a clear solution should visitors fail because Google has no activity for these visitors and gives them a low score. By using some kind of old fashioned captcha to let them thru but still spoil it for the bots. I would prefer to see any suggestion with code, if it’s not too much to ask.
Thank you.
