CloudHole: make CloudFlare’s I’m not a robot captchas appear less often

One of the disadvantages of connecting to a VPN or Tor is the dreaded "I'm not a robot" message that you get on every site you visit that uses CloudFlare.

An intermediary page is displayed to you that notifies you that there is "one more step" to complete before you can access the site you want to load in your browser of choice.

You need to check the I'm not a robot" box, and complete one or multiple captchas first before you are allowed to access the site you want to visit.

Cloudflare uses different types of captchas, for instance multiple choice ones where you need to select all matching items on an image map.

CloudHole

one more step

The main issue here is that you need to repeat the process on every site using CloudFlare, and sometimes even on the same site if you reload it.

I always wondered by CloudFlare would not make the system more comfortable by whitelisting an IP address for a certain amount of time after a user successfully confirmed to the service that an actual user was trying to access the site protected by the service.

The brand new Firefox add-on CloudHole attempts to do just that by storing user agent and clearance cookie when solving captcha codes so that they can be reused on other sites.

Advertisement

This add-on stores the user agent and clearance cookie when you solve a captcha, and re-uses it on other websites as long as it's still valid, easing the pain during your browsing session.

So, instead of having to go through captchas on every site while using a VPN or Tor, you only have to fill out some.

Read also:  How to research Firefox crashes

cloudflare cloudhole firefox

CloudHole cannot get rid of them completely but it can make the whole process more comfortable by reducing the number of captcha codes you need to solve.

The extension for Firefox ships with an API that allows users to share valid cookies which gets cookies from other users for use on your system.

You can click on the add-on icon to manage CloudHole API access and check out user agents, clearance cookie data and the API key.

Closing Words

The idea behind CloudHole makes sense. If you visit lots of sites throughout the day and get cookies for each that is using CloudFlare, you know how time consuming and annoying this can be.

CloudHole on the other hand does not resolve the issue completely but you will get less I'm not a robot prompts while using it.

If you don't feel comfortable using the API provided, disable the feature so that only locally saved cookies and information are used to improve the process.

Summary
Author Rating
3 based on 5 votes
Software Name
CloudHole
Software Category
Browser
Landing Page

Please share this article

Facebooktwittergoogle_plusredditlinkedinmail


Filed under:


Responses to CloudHole: make CloudFlare’s I’m not a robot captchas appear less often

  1. Ficho March 14, 2016 at 7:33 pm #

    Doesn't work with the latest Tor Browser (based on Firefox 38.7).
    CloudHole works with Firefox 45.0 and later.

    • Martin Brinkmann March 14, 2016 at 7:51 pm #

      Any idea when the Tor Browser will be updated to the new ESR base version?

      • neal March 15, 2016 at 6:10 am #

        If previous TOR version are any indication, then the EOL of the ver 38 ESR version so less than 12 weeks from now or when Firefox 47 is released. Then all ESR 38 installs will be updated to ESR 45.

    • All Things Firefox March 15, 2016 at 5:19 pm #

      The Tor Project specifically recommends against installing browser extensions:
      https://www.torproject.org/docs/faq.html.en#TBBOtherExtensions
      The bad part of a CAPTCHA is when it appears in a foreign language, since the IP of the Tor exit node is foreign. Other than that, I don't mind so much.

  2. Graham March 14, 2016 at 9:33 pm #

    Cool! Now spambots have a loophole they can exploit! Thanks, CloudHole!

  3. Dave March 15, 2016 at 12:02 am #

    Really? Someone made an app for THIS, of all things?

    That box is probably the most lenient reCAPTCHA around. It's not like you have to solve some crossed out letters, or stare at an image with blurred numbers, or anything of that sort. Really? Clicking a box is too hard for you?

    • Testuser March 15, 2016 at 7:50 pm #

      I don't know how Google rates your identity, connection and country, but almost every time it is not just limited about simply clicking the box to be done. Often I have to solve one or two picture selections. Especially with proxies this is just ridiculous anyway how often it happens. So +1 for creative solutions like these. You need to think a little out of the box please. I was already shocked when I saw how many people on some forums gave stupid answers when I was looking up how to disable the charging LED on Android devices. They have insulted the original poster and said stuff like "just flip the phone", and I was shaking my head when I had to read that... The same logic applies here too: Missing out of box thinking. They were not aware that people want to see notification lights when their device is charging. It could also be too bright at night when charging the device, but when there is an important message, of course you still would like to see the flashing LED. So with a ground-facing phone you won't see it. Additionally, it can also save lifetime of the LED.

      TL;DR: Don't stultify solutions and ideas just because they seem not useful to >you<. Thanks.

    • Tin Foil March 17, 2016 at 12:17 am #

      As a tor user, these captchas are honestly annoying and benefit nobody really. I shouldn't have to re-enable javascript and make tor less secure, so I can do these stupid things to just read a news article.

      Anybody that wants to create a tor-friendly non-js workaround for these abominations should do so, and tor users like me would donate to get and keep something like that going.

  4. Jason March 15, 2016 at 2:48 am #

    Useful add-on, but I have an easier solution: don't visit the problematic site. This is seriously the only way for web admins to get the message that it's not cool to block VPNs and TOR.

    • stilofilos March 15, 2016 at 9:56 am #

      If they are so dumb to use something as ridiculous as those captchas, I doubt whether they'll ever get the message...
      I understand that people want to protect their sites against whatever dirt, my computer is protected, too. But let them at least use a minimum of intelligence and user-friendlyness. Last I met a captcha that actually worked, but in all other cases I encountered it just does not. No matter how correctly i solve them, they always come back telling that it's not valid. There is even a site that does not even display anything to copy, so what would I be supposed to enter... ?
      Besides debility, it also is not cool at all to welcome visitors with a dumb robot, especially not while they themselves want to keep robots out...
      But yes, ignoring them is indeed what I use to do with such sites.

      • Big Mac March 19, 2016 at 1:23 am #

        "Last I met a captcha that actually worked, but in all other cases I encountered it just does not"

        Agree that captcha is not friendly to users, but never ran into one that "doesn't work".

        The problem is usually a conflict with an adblocker like Adblock+ or uMatrix, forcing one to turn on scripts to get the captcha to even show up (lately, been seeing only the click box, but not the prompt to select images, or to retype the alphanumeric).

        This extension will be a nice way to open scripts once for the captcha and closing them again for the session vs opening for each time a website requests it.

  5. Ben March 15, 2016 at 2:38 pm #

    Interesting. Thanks.

  6. Remco October 11, 2016 at 12:57 pm #

    This seems to negate part of the reason why you use VPN/TOR. You use a unique identifier that can identify a single user doing things on the internet coming with traffic coming from different exit nodes.

  7. James January 19, 2017 at 9:14 pm #

    This captcha are not working for me at all !!

    i dont know why maybe cloudflare blackliste my ip

    but with Captcha v1 it work now nop

Leave a Reply