Under attack mode enabled captcha automatically

We enabled cloud-fare under attack mode for the domain and it enabled captcha automatically and we followed the link Using Privacy Pass with Cloudflare – Cloudflare Help Center to disabled captach but it still asking captcha.

We have tried to access website from 5 countries in europe and 1 country inside the Asia
Unfortunately still keep asking to pass captcha challenge
Please provide solution
This is really annoying and affect our client traffic
Our client require under attack mode to be enabled only
But we dont want captcha

Using a firewall rule instead. Something like:
If IP address is not 127.0.0.1
And set it to JS Challenge.

Then you can turn off Under Attack.

Sorry but we need to disable Captcha and would to keep enable under attack

Under Attack is JS Challenge.

Sorry I mean Captcha

What is solution to disable catpcha properly

Look at your Firewall Events activity log and click on any entry that shows Captcha challenge. That will tell you which setting you need to turn off.

We could see 2 chalanges.

1 ) managed challenge
2) JS challaenge

Rule ID

iuam

So where we need to disable it and there is not firewall rule is enabled in cloud-fare.

Turns out it’s Cloudflare decision whether to send a CAPTCHA challenge or JS challenge to the visitors based on their traffic pattern if you have Under Attack mode turned on. At this point disabling Under Attack mode is the only option I’m afraid.

Why not just create a firewall rule to JS challenge traffic like what @sdayman suggested? It works almost the same as Under Attack mode, just without the extra logic to decide whether to send CAPTCHA challenge or JS challenge to the user.

3 Likes

We disabled cloud-fare under-attack mode and added js challenge for website uri /index.php but it still asking captcha.

Able to see something in firewall logs? It’s best to copy the Ray ID displayed at the bottom of the Challenge page, and filter it in the dashboard.

image

Hi,

I could see it saying jschalleng but it asking captcha.

Ray ID

6953e7d78ca360ef

Method

GET

HTTP Version

HTTP/1.1

Host

Path

/

Query string

Empty query string

User agent

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36

IP address

52.88.250.141

ASN

AS16509 AMAZON-02

Country

United States

Service

Firewall rules

Rule ID

df74716d11594889bb2fc7e4cc1f8d9c

Rule name

jsnew

Expression

(http.request.uri eq "/")

Action taken

JS Challenge

That’s interesting. Any @MVP met this before?

Sorry what you mean b MVP?.

Hi,

Any help?

me and my users keep seeing the captcha challenge, when I see in the logs of cloudflare i see that’s happened because the bot fight mode function.

But me, and my customers keep seeing it even we are legitimate users!

How can I solve this?

Attach the log from Cloudflare

28 Sep, 2021 22:16:56
Managed Challenge
Israel
89.237.77.XX (this is the user ip)
Firewall: Managed
Ray ID
695f4f1e7dc5430f
Method
GET
HTTP Version
HTTP/2
Host
feed.b-elect.com
Path
/
Query string
Empty query string
User agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36
IP address
89.237.77.XX (this is the user ip)
ASN
AS12849 HOTNET-IL AMS-IX Admin LAN
Country
Israel
Service
Firewall: Managed
Ruleset ID
48ba18287c544bd7bdbe842a294f1ae2
Ruleset Name
Bot Fight Mode for Definite Bots
Rule ID
874a3e315c344b1281ad4f00046aab6f
Rule name
manage definite bots

That User Agent String is quite similar to what I get in Brave, though I’m not blocked from that URL.

Are they all Windows NT 10.0/ Win64/x64?

Different ISPs?

I merged both of these threads (now a third thread) because it looks to be the same issue.

It could very well be falling back to CAPTCHA due to some JS Challenge failure. Since this is easily reproducible, I suggest you open a ticket and post the ticket # here.

Using a JS challenge as a custom firewall rule for my registration page, I get a JS challenge, but also a captcha challenge from Hcaptcha! What’s the deal? I just want a JS challenge and not inconvenience my members even more.