Bypass Cloudflare CAPTCHA

Ever get annoyed with the constant CAPTCHA challenges that come up while you are using a VPN or Tor ?

The reason you see so many of them is down to the VPN provider you use. The IP address of the VPN services exit node will be the same for all other customers using it; so when websites see large amounts of traffic coming from a particular single IP address it deploys defences because it thinks that the traffic could be coming from bots. This is further confirmed when it tries to identify you – and because you are using a VPN that strips most common characteristics – if they use the Cloudflare DDoS service, it will then put up a CAPTCHA challenge to test if you are a bot or just a very busy human.

Annoying, yes, but also fixable.

Browser Extension

Cloudflare are smart enough to recognise this problem and have written a browser plugin that bypasses the CAPTCHA challenge for VPN & Tor users.

Cloudflare Privacy Pass

Install Privacy Pass:

Privacy Pass is a Chrome/Firefox browser extension to make browsing Cloudflare-protected websites a better experience for users. In particular, if a user IP address is designated to have a poor reputation then the user may have to solve a Cloudflare CAPTCHA page before they can gain access to such websites.

Privacy Pass uses elliptic curve cryptography to generate ‘anonymous’ tokens after a single CAPTCHA page is solved. These tokens can be used in future engagements with Cloudflare websites to prevent having to solve more CAPTCHAs. The extension generates 30 tokens for each CAPTCHA solution and thus can be used to reduce CAPTCHA pages for each user by a similar factor.