What is the name of the domain?
not.yet
What is the issue you’re encountering
I am testing using Turnstile on my website, and I wonder what is the reason the “remoteip” parameter is not strictly validated, it seems a good countermeasure against bots that use CAPTCHA farms.