phillipj
commented
9 years ago I'm no Tor expert, how can I reproduce this issue? Trying TorBrowser now and havent seen a CAPTCHA anywhere on nodejs.org yet..
Closed bnvk closed 9 years ago
phillipj
commented
9 years ago I'm no Tor expert, how can I reproduce this issue? Trying TorBrowser now and havent seen a CAPTCHA anywhere on nodejs.org yet..
bnvk
commented
9 years ago @phillipj it does not happen 100% of the time for me. My hunch is some Tor exit nodes seem to trigger CAPTCHA's (perhaps due to IP reputations or such) others do not. Here is what I see through one of my Tor circuits
I believe CloudFlare has a sliding scale that determines when to show CAPTCHAs. I've found the only way to not make this show up for Tor is to have it at the lowest! It would be much appreciated by Tor users :-)
phillipj
commented
9 years ago @rvagg could you have a look at the CloudFare firewall settings?
Some background on the captcha protection: https://support.cloudflare.com/hc/en-us/articles/203306930-Does-CloudFlare-block-Tor-
rvagg
commented
9 years ago fair 'nuff, we're not doing ecommerce or anything, turned off(ish)
bnvk
commented
9 years ago Awesome. Thanks @rvagg @phillipj :+1: :smile:
Users who try to access your website over Tor for anonymity / privacy reasons get presented with a really annoying CAPTCHA which is sometimes unsolvable or flat out doesn't render. The CAPTCHA being served looks like the standard one served by CloudFlare.
Please consider changing your settings in CloudFlare to not show this CAPTCHA at all. I can't imagine Nodejs.org being a high target for botnets or ddos attacks!