[tor-talk] more sites requiring captchas from Cloudfare (using Google API?)

Öyvind Saether oyvinds at everdot.org
Mon Sep 15 20:42:24 UTC 2014


> These captchas recently started appearing (more often) on all kinds
> of sites.   By far the most common name that pops up associated with
> this security is "Cloudfare," but also some others.
> Aside from being forced to allow scripts in NoScript from Cloudfare
> for the captcha to work (or which ever one it is), it also seems to
> require allowing scripts from... Google.com.

I too have noticed the Cloudflare annoyance on a wide variety of sites
lately (not sure if more sites use Cloudflare or if Cloudfare has begun
asking for a captcha in more cases).

The only solution would be to ask/get Cloudflare to stop doing this so
we will probably just have to live with it. Perhaps someone from the
Tor project could talk to them - but it could be that they have
experienced a lot of abuse and have their reasons (still, you get this
captcha when trying to get to the site, it's not something that only
shows up if you do a HTTP POST or something like that).

I just want to say this to webmasters and website owners: What actually
happens is that I click a link, see the Cloudflare "captcha" message,
interpret the message as "This site is broken when accessed through
Tor, oh well" and CLOSE THE TAB or click "Back".

I am not sure this is something most corporations would care about
since Tor users tend to block their (javascript-using) advertisements
anyway but webmasters, know that I am probably not the only one who
will go somewhere else instead of enabling JavaScript from a bunch
of places & typing in a silly captcha
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140915/dd9c9194/attachment-0001.sig>


More information about the tor-talk mailing list