Cloudflare DDOS protection hCaptcha issue, loop in isolation mode
search cancel

Cloudflare DDOS protection hCaptcha issue, loop in isolation mode

book

Article ID: 247463

calendar_today

Updated On:

Products

Web Isolation Cloud Web Isolation

Issue/Introduction

When trying to reach webpage secured by hCaptcha Cloudflare anti-DDoS/Anti-bot protection under web isolation mode, client gets constant human verification loop and not able to see the site's content.

 

Environment

Web Isolation: 1.13, 1.14, 1.15

Cause

  • multiple requests from one Web Isolation TIE external IP triggers Cloudflare DDOS protection hCaptcha;
  • Web Isolation 1.13-1.15, implemented CEF engine cannot properly render the http headers related to hCaptcha;

Resolution

WORKAROUND FOR WEB ISOLATION 1.13-1.15 VERSION:

Create a rule and PASS for the website that uses hCaptcha. Please go to Threat Isolation Management > Policies > <your policy> > new or existing rule. Fill in the destination URL address and set Action to PASS.

Then activate the new rule by Pushing the settings:

NOTE: Action mode PASS will make the URL transparent to Web Isolation.

 

FINAL SOLUTION

Migrate to the cloud Web Isolation 1.16 which have a browser impersonation patch implemented for WI CLOUD instance.

Powered by Wolken Software