Re: JShelter and cloudflare challenges

[Libor Polčák]

hf napsal(a):
> > is the problem you describe the same as
> > https://www.zabbix.com/forum/zabbix-help/? Can you give us more examples of
> > pages suffering from the problem?
>
> Yes, it is the same. https://check.spamhaus.org is another example and also
> 4chan, which asks for a cloudflare verification captcha in an embed before
> posting.
>
> I see that you already thought about it. I understand the issue now.
>
> The verification itself happens inside an iframe with an https://
> challenges.cloudflare.com/... URL. Would there be a possible approach to detect
> that iframe?

Hello hf,

in that case, try to:

* Click on JShelter badge icon -> click "Global settings" in the popup.
* You should see the option page
* Locate "Fingerprint Detector" section neear the bottom of the page.
* Click "Manage exception list ⤵" (it should be the lowest button on the page).
* Add "challenges.cloudflare.com" to the list.
* Click "JS Shield details" in the menu
* On the top, add "challenges.cloudflare.com" and select "Turn JavaScript Shield 
off" (or test other level if you see fit).

Try to visit the affected page and report back if you were successful. I think 
that this is a good candidate for a FAQ entry.

Best wishes

Libor