[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Protest Blocking Tor via CloudFlare

On 03/11/2015 10:54:28 CET, Aaron Gibson <aagbsn@xxxxxxxx> a Ãcrit :
>I've made a few suggestions to CloudFlare engineers, who are interested
>in improving CloudFlare experience for Tor users.

What about only serving the captcha if there is a DoS attack actually being performed against the protected site? 

I wonder if this has already been tested. The granularity would then be a lot better, because targeted at specific hosts, and for an ephemeral time period. 
All other sites/time would be directly accessible. 

>The suggestions I made were:
>1. Web applications that can differentiate between GET and POST methods
> should be able to configure at the 
>request-method granularity whether or not a CAPTCHA is served.

Very useful suggestion as it is dead simple to implement. 

Also, how can be implemented the feature to only fill the captcha once per browsing session/tab ? 
Cookies are a sensible subject I suppose. 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to