Why is the "Javascript Test" mandatory?

It just slows down pageloads and doesn’t make anything more secure. Bots mostly use headless chromium ( example: https://github.com/loblab/noip-renew ). Maybe allow us to whitelist IPs that can bypass it or ability to disable it + blackist IPs? It just doesn’t make sense. It feels like a disability of free hosting instead of a security measure. Also it is using external js libraries which makes it even less secure and slow. It is kind of dumb. If you really need some other disabilites for free hosting, make it less mysql databases which is still a big limitation but not blocking possible visitors. I know, you want people to upgrade but not their visitors!

Thank you for coming to my TED Talk. /s

Hi
Here are some reasons why

Most users are beginners and do not have enough knowledge and it is useful to have a security system for their safety and at the same time to protect the hosting from misuse.

If you own a domain you can use Cloudflare and avoid this check

5 Likes

How can I do that? I do own a domain and I connected it to CloudFlare

1 Like

There are plenty of bots which use headless browsers, but the vast majority of them simply uses basic HTTP calls in a programming language of their choice. But it’s hard to know for sure, since many harmful bots use user agent strings of popular browsers and operating systems to disguise themselves.

Anecdotally, almost any time someone comes here and says “my account was suspended for hitting daily limit X but there was no traffic”, then the website was using Cloudflare and Cloudflare didn’t stop a wave of bot traffic, which our security system would.

And finally, this system helps enforce our terms that all accounts should be used to produce web pages, which limiting disk space, databases, etc. doesn’t do.

3 Likes

Just use Cloudlare. After you start using it and the DNS propagate - that’s it :slight_smile:

2 Likes

Well it doesn’t, curl returns the script

You mean Cloudflare doesn’t recognize the domain?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.