[gruez]

>I wonder if the website owners realise at all how many actual users they lose by this sort of "protection."

How many people do you think are browsing with a weird enough config (eg. custom browser like OP, or some weird config like firefox with fingerprinting protection on a raspeberry pi) to trip cloudflare's protection?

[binaryturtle]

Well… I know plenty people in my circle affected by this. Just have a slightly outdated system you simply can't afford to update: it's way to easy to get cut off like this. IMHO, a rather systematic discrimination of poorer people.

[benhurmarcel]

I got locked out of some websites by Cloudflare Turnstile on some very standard configurations, like an iPhone on Safari, or a Windows 11 desktop with Firefox or Edge, neither with a VPN on. I never found out why.

[hatsix]

it's probably because a scraper farm updated their services to latest, and there was a window where fingerprinting was unable to differentiate.

We had all of our Devs Pixels get blocked, and after talking to CF, it was because Internet archive was rebooted their scraping farm, all the devices stampeded and overwhelmed the known bot safeguards, and those tags were added across the board. CF gives sites the tools to tune what is getting blocked, we bumped the sensitivity down to 25 and haven't had many complaints (despite having a very vocal community)

The most common complaint is users' IP address getting blocked because of compromised devices

[p_l]

Does not have to be weird, at least once it happened to me that their strictest settings simply banned something like major portion of internet users in my country - to the point that if you had FTTH you were likely blocked.

And no, it wasn't due to a country-based block selected by site operator.

[ranger_danger]

There are dozens of us :)

In my experience what really makes it loop every single time though is JShelter. CF doesn't like having your fingerprintable data bits messed with.

There are legitimate uses for non-instrusive, ethical and legal scraping, but some of us have had to resort to extreme measures:

https://roundproxies.com/blog/bypass-bot-detection/

[Bender]

Do you by chance have that installed? I don't use Cloudflare but I am curious if that code can scrape my silly blog? [1] Trying to pick the appropriate article... I'm guessing it can. I don't do the fancy javascript or TLS fingerprint inspections, just some janky hill-billy protections, silly redirects and Antarctic voodoo.

[1] - https://blawg.nochan.net/b/Internet-Crap/20260522-Maybe-AI-B...

[marticode]

I use a plain Firefox on a plain Windows 11 PC on a plain regular mass market ISP in a developed country and I get completely blocked by websites daily.

At least let me complete a "prove you are human" challenge or something, but don't outright ban my IP address?

[KingMob]

Weird? I live in Thailand, use Firefox, and get half a dozen CF challenges per day.

It takes very little for CF to consider you "weird".