You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

attention required: cloud flare

Recently while accessing some websites with my MacBook Pro running OSX 10.11.2 I started to be redirected to a Cloud Flare page asking me to enter a captcha. I thought first that this was a problem with the Firefox browser, but Safari brings the same result. I tried to access the same URL with my iPad (Safari and Firefox) and it brought the same result.

Interestingly, using an Android phone on the very same WiFi AP does not bring up the Cloud Flare page and connects directly to the URL without trouble.


So, the problem seems to be limited to Apple devices.


Does anybody know what the problem might be? It is actually very annoying to have to enter a captcha which is very difficult to read everytime.


The Cloud Flare page suggests to proceed with a malware scan of the system. I did it with Bitdefender which does not turn up with anything suspicious.


Thanks in advance for the help.

JP

MacBook Pro with Retina display, OS X El Capitan (10.11.2)

Posted on Dec 22, 2015 7:43 PM

Reply
16 replies

Dec 22, 2015 7:47 PM in response to jpbeer

There are spoofs of malicious webpages. What I would do is go into your browser security preferences and delete all cookies related to the cloud flare page after accessing just Google directly. Make sure you only have one window open, and no extra tabs other than Google. Then deleting all cookies from that site will help.

Dec 22, 2015 8:07 PM in response to a brody

Thanks for the answer.

I did what you are suggesting, but unfortunately I get the same bloody CloudFlare page.


Interestingly, when I search the same URL through Ixquick and then request the page through their proxy, it works.

I tried again using my Android device through the exact same connection and there is no problem.

Dec 23, 2015 11:04 AM in response to jpbeer

You could simply dump all the cookies, but you'll have to remember any websites that have passwords and what they are before doing so. You might just want to go to sites that automatically log you in, and give a new password first before dumping the cookies.


That will prevent any past websites from regenerating the info in question. Popups and popunder pages are notoriously bad for appearing not always on the site that generates them, but the site you visit afterwards!

Dec 23, 2015 12:09 PM in response to jpbeer

"CloudFlare" is a legitimate content-distribution network. What you're seeing is the result of a misconfiguration of the web server, which may be intermittent and may depend on your geographic location. You might be able to clear it temporarily as follows.

From the Safari menu bar, please select

Safari Preferences... Privacy Remove All Website Data...

and confirm. Test.

Dec 24, 2015 8:55 PM in response to Linc Davis

Thanks. I tried it, but no success.


What is interesting is that more and more websites are not directly accessible anymore. I get the CloudFlare "Attention Required" page for sites I have been going to for years. They used to be accessible without trouble even a week or two ago.

The CloudFlare page appears only with my Apple systems (OSX and iOS). With Win8.1 on a Lenovo machine and an Android phone there is no problem at all.

How are the Apple systems accessing the net differently than others and trigger that CloudFlare page? I just don't get it. I don't think it has anything to do with the browsers I use and I cannot believe that both my MacBook Pro and my iPad mini have been compromised at the same time with malware. Both have been updated lately with the last version of the OS and I have run a scan of the MacBook yesterday again without finding anything.

Dec 25, 2015 9:50 AM in response to jpbeer

I doubt it is a malware per se. I think while as Linc says it is legitimate content-distribution network, it is possible they are using some outdated software to manage the network that does not work well with your installed operating system, or installed browsers. I would contact the CloudFlare people and ask them have they tested it with a particular browser in El Capitan or not. If not, you may need to use a different content distribution network that is not as sensitive. See my FAQ* on browsers:


http://www.macmaps.com/browser.html


And Adobe Flash does not work at all on iPads except with certain third party browsers that work only over WiFi.


* Links to my pages may give me compensation.

Dec 26, 2015 7:56 PM in response to jpbeer

First, never use any kind of "anti-virus" or "anti-malware" software on a Mac. That's how you create problems, not how you solve them.

From the menu bar, please select

▹ System Preferences... ▹ Network ▹ Advanced... ▹ DNS

Under DNS Servers you should have one or more numerical addresses, such as “192.168.1.1” or “10.0.0.1”. What are those addresses?

Dec 26, 2015 7:56 PM in response to Linc Davis

I don't have an anti-virus in the normal sense, but using Bitdefender scanner only to do an occasional scan of the system. Sometimes it does find some malware in Windows 7 sitting on VMware... Anyway, commercially available products do not seem to partner well with Little Snitch, so I don't have any.


This morning (I am at UTC+8) I changed the IP of my DHCP server. I am using a Huawei pocket WiFi and the default IP is 192.168.8.1 which I now changed to 192.168.1.1 while changing the DNS server IP to the same value on my OSX system in System preferences. As a result the Cloudflare captcha pages are suddenly gone.

Same good news for my iPad. Now the only remaining question is why where non Apple systems not affected by this.


Thanks a lot for your suggestion.

Dec 27, 2015 8:23 AM in response to jpbeer

What you're doing won't have any lasting effect.

Please back up all data.

Unlock the Network preference pane, if necessary, by clicking the lock icon in the lower left corner and entering your password. Cllck Advanced, open the DNS tab, and change the server addresses to the following:

8.8.8.8

8.8.4.4

That's Google DNS. Click OK, then Apply.

In Safari, select

Safari ▹ Preferences... Privacy Remove All Website Data

and confirm. If you’re using another browser, empty the cache. Test. Any difference?

Notes:

1. If you lose Internet access after making the above change to your network settings, delete the Google servers in the Network preference pane, then select the TCP/IP tab and click Renew DHCP Lease. That should restore the original DNS settings; otherwise restore them yourself. Remember that you must click Apply in order for any changes to take effect.

2. I don't use Google DNS myself, though I have tested it, and I'm not recommending it or any other DNS provider; the server addresses are offered merely for testing purposes. There may be privacy and technical issues involved in using that service, which you should investigate personally before you decide whether to keep the settings. Other public DNS services exist.

Dec 28, 2015 5:56 PM in response to Linc Davis

First, thank you for all the time you are spending for this issue.


I made the changes that you recommended. Changing the DNS IP does not improve the situation. I tried the Google servers, but now I am using the openDNS servers. I am still getting ambushed by the Cloudflare captcha page.

Changing the DHCP IP gets rid of the Cloudflare pages, but only for a time. After a few hours, it's back to the blocking page.


I checked again this morning on my Win8.1 system and it now shows the same behavior. It is blocked the same way as the OSX and the iOS systems.

Some Android systems seem to be affected now as well.

attention required: cloud flare

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.