What ways exist to reduce CF challenges visiting a Forum?

A forum I’m participating in has an increased number of CF challenges happening. This has an overall negative impact on my (and others) experience, as mondain tasks such as writing a reply, checking notifications, etc can trigger a site-update, causing a CF check, which then causes an error as the forum is unable to properly handle this behaviour…

The site owner unfortunately cannot tone down these checks (i.e. by lowering the security level in CF) due to their site being a victim of frequent attacks including DDoS.

I was now wondering what options I as an end-user have to reduce the overall numbers of checks happening when viewing and navigating the site.
I’ve seen a browser extension (Silk - Privacy Pass) which should help reduce these checks, but unfortunately does it cause a break of the forum, as it now assumes I want to reset my password, asking me for my old, only to not accept it, so this extension is not a possible solution for me right now.

I am using Firefox as my browser with default security settings and as DNS proxy.

If there are possible options the site owner can take to reduce the overall checks while keeping the site protected (Again, they get regular DDoS attacks and alike) would I like to forward these suggestions to them, so ideas for those would be appreciated too.

Tho, I do want to emphasize, that I - as mentioned before - am only an end-user, not a site admin or alike, so I cannot tell what their actual setup is right now, nor what CF plan they are using (Safest would be to assume they utilize the free plan).

None - otherwise such security features would be useless if they can be trivially bypassed.

The default challenge passage is 30 minutes before another challenge is issued. The site owner can increase that up to 1 year in their dashboard here…

Well, the value must be significantly lower then, because I get these challenges mere seconds appart from each other, which is rather puzzling for me.
And it can’t be my IP changing as I use a LAN connection to my router, so unless the DNS proxy setting changes things here is this something that confuses me quite a bit.

The lowest it can be set is 5 minutes and changing IP address doesn’t affect it. Check that you are not blocking the cf_clearance cookie.

By the looks of it is the cf_clearance cookie saved on the browser. Created October 2nd, 2022 and expires April 25th, 2025 (In one year apparently).

Could the issue perhaps be the age of this cookie?

Also, not sure about some of its values. Like it has httpOnly:true, does that mean the cookie/clearance only applies on a http-only connection (no https)?

I for now deleted the cookie and hard-refreshed the site. Hopefully this may help…

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.