AI Blogs (RSS) news News 3h ago

Cloudflare CAPTCHA on at least one ampersand

by Simon Willison

TIL: Cloudflare CAPTCHA on at least one ampersand I'm using Cloudflare's CAPTCHA (they call it a "Web Application Firewall > Custom rules > Managed Challenge" these days) to prevent crawlers from aggresively spidering my faceted search engine on this site, but I got fed up of even simple ?q=term searches triggering the challenge. After some mucking around with Claude Code it turns out you can register the following rule instead, so the CAPTCHA only kicks in for search URLs containing at least one ampersand: (http.request.uri.path wildcard r"/search/*" and http.request.uri.query contains "&") And now /search/?q=lemur works without triggering a CAPTCHA! Also included: notes on trying out the Cloudflare MCP with Claude Code, though it turned out not to be able to edit the rules in question so I had Claude Code switch to the Cloudflare API instead. Tags: captchas, cloudflare, model-context-protocol, claude-code
Read Original
Anthropic

Metadata

Feed Title
Simon Willison's Weblog
Feed Url
https://simonwillison.net/atom/everything/

Related

AI Blogs (RSS) news 45m ago

Quoting Matteo Wong, The Atlantic

Katie Moussouris, a cybersecurity expert and the CEO of Luta Security, told me that Anthropic shared with her a copy of the White House’s report on the Fable jailbreak to get her a...

24
AI Blogs (RSS) news 3h ago

Cloudflare CAPTCHA on at least one ampersand

TIL: Cloudflare CAPTCHA on at least one ampersand I'm using Cloudflare's CAPTCHA (they call it a "Web Application Firewall > Custom rules > Managed Challenge" these days) to preven...

24