Cloudflare: why am I being challenged?

[Moonchild]

Since there seems to be some confusion, even despite there being an explanation on the vary challenge page presented, here is why you may possibly be challenged by Cloudflare before being let onto any page part of palemoon.org:

• The internet as a whole is constantly scanned by automated processes, 99% of which are malicious: scripts scanning for vulnerable servers, infected user systems, to spam, etc. There are a few different classes:
  • Web spammers: these processes scan for bulletin boards, comments pages, etc. to leave spam comments and spam posts. They can even be as advanced as using completely automated registration processes, profile-filling, and then posting spam in new posts or comments on existing posts.
  • DoS attack scripts: these aim to flood servers with bogus requests so the server has trouble serving content.
  • Botnet zombies: usually these are malware infected user systems and sometimes servers, that act as slaves, and can be abused to do any of the above.
  As a result, as part of the Cloudflare service's security measures, challenge pages may be presented to you to verify you are indeed not an automated process by giving you a captcha to solve.
• "Why me?": The system used takes several things into account when deciding to present you with a challenge page, but the most important one is previous abuse history from your IP or an IP in your same netblock. This includes both Cloudflare recorded visits and results from project Honeypot (a honeypot is a system specifically set up to attract automated processes to record data from them). So, in simple terms: if your IP address is in a "bad neighborhood" as far as IP address space goes, you are more likely to be challenged. If you use a common proxy, IP obfuscation service, VPN server, and similar, you will be much more likely to be challenged.

What to do when you get the challenge page?

1. Solve the captcha. This will allow you on the website and will make a record of your IP, preventing further captchas for a certain amount of time.
   You are given the option to leave a message on the captcha page (which I will see) but this is not required.
2. Make sure your system is free of malware. It is possible that your system is infected and that you are rightfully flagged as a botnet zombie or web spammer.
3. Optional: check your IP in project honeypot, to see your and neighboring IP addresses and verify if it was your IP or another in your area that caused the red flag.

[lyceus]

In the last 2 months of my nightmare with Iusacell service (2010) I got "challenged" daily in several pages by another service, from engrish.com to places like filehippo.

As they did imagine I was a botnet or running several OSes at the same time. I emailed the webmaster of engrish.com telling him that my ISP was too cheap to have just a small pool of real IPs (four, yes four IPs) and the rest of the service run on subnets. They verified this and no more warning pages. So for made this short, I was sharing the same IP with like 1000s of other users = Cheap ISP

Usually I start to see just "this website is offline" notices when I check the forum. This new ISP is the biggest in the country so is low the risk to pass as a botnet. But thank you for the advice.

[Moonchild]

I do have control over which IPs I trust, so if anyone would be on a similar service sharing 4 IPs for everyone and it can be verified, then I can add those to the trusted list, so they won't get challenged anymore.

"website off-line" is the problem with the cheap web hosting (cheap as in cheap, not just inexpensive) the forum is running on. Not much to be done about it.