For the love god, PLEASE STOP with the CAPTCHA.

Post Reply New Topic

Regardless of whatever it does, users shouldn't have to fill in a CAPTCHA every time they perform ANY action on the site whatsoever. As I've already said, some people here rely on this site as the only place they have to interact with people, and this is likely to drive many people away. I've barely been posting over the past couple of days.

Is anything being done about it? Like limit it to the first couple of posts or something?

According to TallyMan, Alex is now aware of the issue. I'm not sure how it is for other people, but I haven't been getting any today, and it was absolutely awful yesterday. Perhaps it's been sorted out.

Indeed it does: it generates an over-active, intensely annoying and intrusive block to using the site in any sensible manner.

I removed three spammer accounts via the admin screen, all within 10 minutes, and was challenged for each removal.
Almost every time I post or PM here now I am challenged on every preview of each post/PM, as well as its submission.

Various apparently irrational things kick off these challenges: in one PM I quoted the cynically meaningless "What can I do to prevent this in the future?" message it displays and was challenged during a preview. I replaced that quoted text with "Now is the time for all good men" and I was not challenged on preview. Since that original text was quoted for a purpose I restored it and in the process of completing the PM I was nagged and pestered on every single preview and of course, the submission.

Including quotes is another trigger, where up until the quote was included a post could be previewed without problem. So including BBCode [quote] tags triggers a challenge? No; merely "most times".
Including a URL, even to internal WP content, triggers it.

It appears that infrequent posters (infrequent during one day) are challenged less, but they're challenged eventually during their time here.

Something else that causes problems is that the CAPTCHA text is too difficult to read: this is cruelly ironic considering the issues some WP members have with processing visual information.
The utter, robotic mindlessness of it is infuriating. Can the damn thing not learn after a successful challenge?
If that "What can I do ..." message is to be believed then everyone posting here has a machine infested with malware. MINE IS NOT.

It's poorly implemented and out of control.
I'd previewed this post many times while writing it without being challenged once (which always creates the false feeling of hope that someone has tamed it) - yet after tweaking the text on the paragraph above I started getting challenged. A challenge now seems dependent on the frequency of my previews - yet it wasn't until I'd tweaked that text.
Why? What's the point of doing that?

And since I'm getting challenged more times than I can easily cope with I'll stop with this PM and submit it, errors an' all.
It's just too much interference with the thought processes involved with writing and it becomes physically uncomfortable.

It is complete BS and causing unnecessary anxiety to a number of members. While there is a possibility that some people may have a virus on their computer, this knee-jerk response from CloudFlare, triggered by god knows what, is highly irresponsible. My computer is clean, totally virus / trojan free and fully patched and yet I also get the bogus virus warning. CloudFlare has lost the plot or has been implemented / configured very badly.

The virus warning is nothing but BS. I've posted from an un-jailbroken iPad, two smartphones, and all of my games consoles, none of which are vulnerable to malware.

Last edited by Kuribo on 23 Jul 2013, 6:59 am, edited 1 time in total.

Yep. It's an annoying, patronising 'one size fits all' generality which basically says 'The problem is yours. Deal with it'.
About as useful as those cop-out 'go away' excuses like "Have you tried turning it off then back on?" or "Have you tried reinstalling it?".

I've just done a little digging. The problems I've had with CloudFlare have got much worse over the last week. A week ago I changed to a new Internet service provider and now have a broadband connection. I notice my IP address as it appears on this site and elsewhere is NOT actually "my" own IP that I'm connecting to the Internet Service Provider on but a generic one belonging to my ISP.

If I look up my IP address that is visible on the internet it is marked as a "Network sharing device or proxy server", presumably because all (or many) of the subscribers to this major ISP here in France end up making posts under this same shared IP address. Digging a little deeper it seems this IP address is blacklisted by a few spam monitoring organisations as belonging to a spammer domain. So it looks possible that if someone sends spam via this ISP then all users on the network can get tarred with the same overreaching brush and crucified by CloudFlare as a result?

Speculating... certain other members could also be suffering in the same way if their visible IP gets lumped together with thousands of other users of the same ISP. Which makes challenges based on IP address an unworkable and unrealistic strategy for keeping spammers away. I'll do a few checks on the IP addresses of the members here who seem to be suffering most from CloudFlare harassment...

Edit: I may be wrong. Just checked CornFlake's IP and it isn't listed on any spam blacklists. Back to the drawing board.

^ Ha!! !! !! Editing the above post to enter Cornflake's name triggered the captcha!

At the bottom of the CloudFlare page, your IP appears as a link leading to this site. When you click on the link, you can submit your IP address for whitelisting, if it happens to be blacklisted by Project Honey Pot.

@TallyMan: I'm posting from a static IP and all my posts here bar one (my mobile; a dynamic IP) are from the same address - which I've had for at least 10 years and it's not blacklisted in and of itself.

I'd considered that scenario where "too many" accesses arriving from the same IP block (ISP), as opposed to a specific IP, might be seen as an attempted attack. But if the configuration is dumb enough to work like that then someone needs to be dragged outside and... spoken to.
I think the variability of the way the challenges pop up would exclude IP blacklists (certainly for most members who all report this variability, though it's conceivable some are also on a perma-block) - unless the blocklists are extremely dynamic and change several times in a minute.

It's an interesting point though: my sister has had problems with EMail because her ISP got extremely heavy-handed with blocking certain IPs they considered problematic and created a similar type of problem, in reverse: they'd intended blocking EMail to certain external IPs but managed to nobble a huge block instead, including mine, with the result that I could EMail her but she couldn't EMail me.

As for "Cornflake" triggering it - there is no way I'm changing that.
(and that inclusion didn't trigger a challenge. )

@Kuribo: That's just one of many which CloudFlare is likely to use, though - although, you'd think that after a certain number of successful responses to a challenge it wouldn't be rocket science to automatically ensure that IP is unblocked - at least for some length of time.

Sheesh - not one challenge while previewing that, but I was challenged on submission.

I've had that problem in the past with people using the NTL ISP in the UK. All emails I sent to relatives or other contacts bounced back (after a week!) as being undeliverable due to my ISP being blocked (Orange! Only the biggest ISP in France). So in an effort to reduce spam, NTL effectively blocked all email from France and possibly other countries too! This problem lasted for more than a year and my UK contacts all had to create Yahoo / Hotmail webmail accounts so they could receive emails from abroad! Talk about throwing the baby out with the bath water!

^ Oooh apparently my computer or network has a virus! CloudFlare just told me... again.

Sounds to me like CloudFlare is full of gas and bluster.
End ze Captchaz!

My sister's were caused by BT. You know, that tiny little outfit who have only just started up in networking.

I called them about it but was passed from one script-reading idiot to another - and one of them actually started telling me how to re-install Outlook!
Umm 1. how is that supposed to help with the specific mail error numbers I've quoted that my sister gets when mailing only me, 2. I don't use it because 3. I use Linux - but they'd asked nothing.
In the end I spoke to my ISP, who sighed heavily and said it had happened before so they'd have another word with them.