What do the CloudFlare CAPTCHA and Challenge pages look like for users?

captcha firewall cloudflare
Greg Bray picture Greg Bray · Jan 5, 2016 · Viewed 11.4k times · Source

In the CloudFlare Web Application Firewall you are able to block, whitelist, CAPTCHA, or JavaScript Challenge traffic based on IP address, country name, or ASN. The only note provided on the CAPTCHA section is:

If you are unsure whether suspicious web visitor behavior is illegitimate traffic, you can set up a challenge page. This page asks visitors to submit a CAPTCHA successfully to continue their action. If the web visitor fails the challenge, they will be blocked from your website.

What do the CAPTCHA and challenge pages looks like?

Answer

Greg Bray picture Greg Bray · Mar 9, 2016

Recently CloudFlare added another option to their Firewall section called JavaScript Challenge, which will display a loading page with three animated dots for up to 5 seconds:

CloudFlare JavaScript Challenge

It appears to also use cookies to save the results and allow future access without re-testing.

Related questions

How does Google reCAPTCHA v2 work behind the scenes?

This post refers to Google ReCaptcha v2 (not the latest version) Recently Google introduced a simplified "captcha" verification system (video) that enables users to pass the "captcha" just by clicking on it. But how can it differentiate a bot from …

Read More
How do I show multiple recaptchas on a single page?

I have 2 forms on a single page. One of the forms has a recaptcha displaying all the time. The other should display a recaptcha only after a certain event such as maxing out login attempts. So there are times when …

Read More
ReCaptcha API v2 Styling

I have not had much success finding how to style Google's new recaptcha (v2). The eventual goal is to make it responsive, but I am having difficulty applying styling for even simple things like width. Their API documentation does not …

Read More