Using Turnstile in firewalled environments; all http requests to site using Turnstile

Hi,
We used reCaptcha on our login pages, but because some users are in firewall restricted environments that allow just IT approved hostnames, it’s not working. IT also need to allow some additional rules that it works. FirewallsAndRecaptcha.wiki
Wondering if Turnstile will somehow support also this cases. For example that Turnstile all http requests goes through site that is using it.

Hi,

We would recommend IT to allow list challenges.cloudflare.com:443 (or *.cloudflare.com:443), just like they allow reCAPTCHA today.

For example that Turnstile all http requests goes through site that is using it.

This is not something that is supported by reCAPTCHA, to my knowledge. And not something we can offer for all websites today (if anything, it would only be for websites using the Cloudflare CDN).

1 Like

I understand your position.
It’s more like feature request that would make Turnstile
more usable comparing to other solutions like reCAPTCHA.

IT decides to use this technology, and also chooses which domains to allow/block. Allowing Turnstile in a specific environment is a feature request (or bug) for the IT department, not for Turnstile.

IT not always decide. They get request from applications users/business users that must open some additional ips/ports that some app works. And sometimes this makes decision what will you use in app as part of it. If there is no additional external resources other than your site, it is additional plus. For example, sometimes you must also include fronts that are served from your site, not from public endpoints.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.