ZSnack
08/15/20 11:11PM
Cloudflare Captcha a tad bit too aggressive?
Hey, I've noticed that lately there's been a pretty aggressive captcha requirement to view the posts on the hub. I check in usually once a day to see what's new and end up having to click through the pages of image verification to access the hub's content. Not that it's particularly difficult or that I have any problems with auto vehicular transport, but it is slightly cumbersome to have to complete it on such a frequent basis.

Is everything okay with the website? I know that several weeks ago there was a report about a user maliciously creating accounts to mess with the hub's ecosystem, but I'm unsure if that's related to the issue. Unless there actually is somebody using bots to DDoS or inflict malicious action on our server, would it be possible to tone down the frequency of the captcha requirement?
edit | quote | link
Anon_3.141
08/15/20 11:39PM
ZSnack said:
Hey, I've noticed that lately there's been a pretty aggressive captcha requirement to view the posts on the hub. I check in usually once a day to see what's new and end up having to click through the pages of image verification to access the hub's content. Not that it's particularly difficult or that I have any problems with auto vehicular transport, but it is slightly cumbersome to have to complete it on such a frequent basis.

Is everything okay with the website? I know that several weeks ago there was a report about a user maliciously creating accounts to mess with the hub's ecosystem, but I'm unsure if that's related to the issue. Unless there actually is somebody using bots to DDoS or inflict malicious action on our server, would it be possible to tone down the frequency of the captcha requirement?


It is related to the issue from a few weeks back. Until the admins are finished with figuring out codebase migration to a codec that actually gets updates, we've decided it's best to keep the Cloudflare captcha stuff active.

If you want to try and reduce the amount of times it triggers on you, just try to be less robotic with your navigation of the site (do stuff like wait a minute or two before clicking on images, jerk your mouse around a bit rather than slide it smoothly to the thing you want to click, etc.)
edit | quote | link
Doomstar
08/16/20 12:11AM
VPNs and other internet fuckery really ticks cloudflare off. I once tried accessing the hub through TOR and it blocked me instantly. Making your internet connection seem as normal as possible should let you pass the check without a captcha.
edit | quote | link
Nightrunner
08/16/20 02:46AM
Anon_3.141 said:
It is related to the issue from a few weeks back. Until the admins are finished with figuring out codebase migration to a codec that actually gets updates, we've decided it's best to keep the Cloudflare captcha stuff active.

If you want to try and reduce the amount of times it triggers on you, just try to be less robotic with your navigation of the site (do stuff like wait a minute or two before clicking on images, jerk your mouse around a bit rather than slide it smoothly to the thing you want to click, etc.)


That would be all well and good, except that it's nearly impossible sometimes. For example, they'll go "CLick every image that shows a motorcycle." That would be fine...except that they'll show you pictures that are from the POV of someone *riding* a motorcycle, or pictures where I have to lean really close to my screen (within 12") to tell whether that tiny thing in the upper right corner is a motorcycle or a normal bicycle. This makes the process nigh impossible for those of us without great eyesight or huge monitors.
edit | quote | link
Anon_3.141
08/16/20 03:25AM
Nightrunner said:
That would be all well and good, except that it's nearly impossible sometimes. For example, they'll go "CLick every image that shows a motorcycle." That would be fine...except that they'll show you pictures that are from the POV of someone *riding* a motorcycle, or pictures where I have to lean really close to my screen (within 12") to tell whether that tiny thing in the upper right corner is a motorcycle or a normal bicycle. This makes the process nigh impossible for those of us without great eyesight or huge monitors.


The process I was describing for reducing the amount of times it triggers isn't for what to do after the captchas are triggered, it's to reduce the number of times they trigger to begin with. Once you've been hit with a captcha, you try to solve it, but by making your navigation of the site prior to triggering a captcha less robotic, you lower your chances of being forced to solve one.

Some good news for those of you annoyed with it, though: We mods are forced to do them as well whenever the captcha decides our site navigation was suspicious. It's not just the normal users that have to spend time solving the captchas.
edit | quote | link
RedCollarBlackCollar
08/16/20 05:32AM
To make things extra clear, nobody on staff here likes them either. A lot of this shit we'd much rather not have to go through, but the site is forced to keep them up due to somewhat recent malicious activity. So until we can find a better solution to completely avoid any future activity like it, we have to keep the captcha's going in order to keep the site running like it normally does.
edit | quote | link
Sir_Lurksalaot
08/16/20 05:34AM
Captchas are the computer version of the Paradox of Tolerance send tweet
edit | quote | link
Hypnosis-guy
08/16/20 11:33AM
Anon_3.141 said:
If you want to try and reduce the amount of times it triggers on you, just try to be less robotic with your navigation of the site (do stuff like wait a minute or two before clicking on images, jerk your mouse around a bit rather than slide it smoothly to the thing you want to click, etc.)


Got any mobile tips because I've tried "jerking my mouse around" (aka shaking my screen) and waiting but it still makes me do it.
edit | quote | link
Changer
08/16/20 06:43PM
Biggest issue I have with cloudflare's captcha is that it makes me question my humanity when I can't figure out what is in the picture. It'll be like "Click on the pictures with a boat" and I'm like "I don't even know what's in half of these!"
edit | quote | link
Anon_3.141
08/16/20 09:49PM
Hypnosis-guy said:
Got any mobile tips because I've tried "jerking my mouse around" (aka shaking my screen) and waiting but it still makes me do it.


Best I can suggest for Mobile is the part about waiting a minute or two before tapping to go to a new page, so that Cloudflare's less likely to think you're a bot trying to do loads of page requests in quick succession. My own phone is an old Nokia phone where the most advanced thing it can do is be a calculator that can tell me what the 15% tip value would be for any amount I input that's less than $999,999.99. It can't access the internet, and it certainly would never qualify as a "smart phone" even with the laxest possible definition of "smart phone", so pretty much any advice from me regarding not angering the Cloudflare gods on mobile would be pure speculation.
edit | quote | link
ZSnack
08/17/20 04:15AM
RedCollarBlackCollar said:
To make things extra clear, nobody on staff here likes them either. A lot of this shit we'd much rather not have to go through, but the site is forced to keep them up due to somewhat recent malicious activity. So until we can find a better solution to completely avoid any future activity like it, we have to keep the captcha's going in order to keep the site running like it normally does.


Is said person actually using bots to perform these actions? Like I'm pretty impressed that somebody would script something up for the sole purpose of affecting our tags haha. Though if the reason for the captcha is for the spamming of registration, that would make more sense I suppose.
edit | quote | link
RedCollarBlackCollar
08/17/20 04:37AM
ZSnack said:
Is said person actually using bots to perform these actions? Like I'm pretty impressed that somebody would script something up for the sole purpose of affecting our tags haha. Though if the reason for the captcha is for the spamming of registration, that would make more sense I suppose.


From what I recall, there were a couple different issues happening around the same time. Part of it involved attempts to ddos the site, while the other involved removing the tags and sources of posts to replace with a link to a sketchy website. There were hundreds, if not around a thousand posts affected in less than a day. When the account was initially banned, a new one was immediately made to continue the process.
edit | quote | link
Timo4545
08/17/20 12:09PM
Isn't registration closed? Why do we need to captcha stuff if they can't make new accounts to fuck with stuff
edit | quote | link
Mattlau04
08/17/20 01:04PM
Timo4545 said:
Isn't registration closed? Why do we need to captcha stuff if they can't make new accounts to fuck with stuff


Yea it's been closed for more than a month lmao
edit | quote | link
godzillahomer
08/17/20 03:54PM
Timo4545 said:
Isn't registration closed? Why do we need to captcha stuff if they can't make new accounts to fuck with stuff


because there's still the possibility of dormant bots becoming active

or someone hacking an existing account to post suspicious links or make it into a bot
edit | quote | link
1 234>>>


Reply | Forum Index