Firefox appears to be flagged as suspicious by Cloudflare

(I’m responsible for Cloudflare’s L7 security products)<p>While we can’t comment on the specifics of any customer configuration, we do not block or challenge Firefox by default—either with our Bot Management products or with any other L7 security controls.<p>You can confirm this by signing up a free zone and making a request from Firefox.

This is almost certainly a firewall rule put in place by the operators of that site. My own sites which are protected with Cloudflare do not exhibit this behavior when using Firefox.

I think it&#x27;s two-fold: rise of tools like curl-impersonate (<a href="https:&#x2F;&#x2F;github.com&#x2F;lwthiker&#x2F;curl-impersonate" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;lwthiker&#x2F;curl-impersonate</a>) and the very consistent Firefox TLS fingerprint across platforms. Unlike Chromium (where you could differentiate a Linux, Mac or Windows computer from its chiphers, and so for example challenge only Linux clients), Firefox has NSS and NSS is used everywhere the Gecko engine is used while Chromium, although has BoringSSL for modern chiphers, also uses the underlying TLS stack of the operating system (whether it&#x27;s Microsoft&#x27;s SChannel, Apple&#x27;s SecureTransport or Linux&#x27;s... NSS). The only time Chromium uses a pure BoringSSL implementation is on Android (Conscrypt).

I mean, with that market share, popularity among open source fans... it&#x27;s an easy group to target and filter oddballs.<p>I&#x27;m a Firefox user and I&#x27;m used to this treatment at every step of the way, no matter if it&#x27;s about software, airports, opening a bank account so I can receive a salary, etc. Fundamental things everyone wants to do are being made hard to do the right way. It&#x27;s always anti privacy, anti self repair, anti longevity&#x2F;sustainability, anti user freedoms, anti whatever we ideally want in this world. <i>Of course</i> using Firefox is now suspicious.

A workaround is to install the Privacy Pass extension to bypass the captchas [1] [2]<p>It&#x27;s an open source extension available for Chrome and Firefox. It allows to privately identify you&#x27;re human, and is the process of going through IETF standardisation, so hopefully someday you won&#x27;t need to install an extension for it. After you complete a captcha once, you won&#x27;t need to do it again for a long time.<p>I&#x27;m not happy about installing extensions just to view some websites, but it&#x27;ll make things less painful<p>1. <a href="https:&#x2F;&#x2F;privacypass.github.io&#x2F;" rel="nofollow">https:&#x2F;&#x2F;privacypass.github.io&#x2F;</a><p>2. <a href="https:&#x2F;&#x2F;support.cloudflare.com&#x2F;hc&#x2F;en-us&#x2F;articles&#x2F;115001992652-Using-Privacy-Pass-with-Cloudflare" rel="nofollow">https:&#x2F;&#x2F;support.cloudflare.com&#x2F;hc&#x2F;en-us&#x2F;articles&#x2F;11500199265...</a>

Firefox user - have seen this many times. Always assumed it&#x27;s either NoScript or Firefox&#x27;s built-in tracking protection meaning there&#x27;s some pre-existing cooking not set that Cloudflare places from other site visits, or because some script is getting blocked somewhere else.

Nope. Individual customer setting, not a Cloudflare policy. We work closely with the Firefox team on many projects.

Incredible. I just changed my user-agent whilst on the Google Chrome browser.<p><pre><code> * Changing to Firefox immediately displayed the Cloudflare error message * Edge had no errors * Chrome had no errors * Safari had no errors </code></pre> Edit: Even internet explorer 9, android kitkat, and the opera browser had no errors.<p>Edit 2: as another user has pointed out, this is most likely a firewall rule put in place by the website operator themselves.

I use Firefox Focus on my phone (opens links from apps in a private session - generally a great idea!) and always get this 5 second delay (which is often actually 10 or more seconds). I never considered that it&#x27;s a Firefox-only thing!

I&#x27;m using VPN 99.9% of the time, so it&#x27;s all the same for me.<p>The perks of living in a authoritarian state which tries to limit your access to the Internet.

Tested in Safari, got the captcha challenge. I doubt it&#x27;s due to some specific Firefox block.

This business of flagging legitimate downloads as &quot;suspicious&quot; is getting <i>way</i> out of hand. Here&#x27;s what I&#x27;m dealing with lately:<p><a href="https:&#x2F;&#x2F;i.imgur.com&#x2F;ZzExHt2.png" rel="nofollow">https:&#x2F;&#x2F;i.imgur.com&#x2F;ZzExHt2.png</a><p>This setup program is signed with an EV certificate from DigiCert and hosted on an https site. No other hoops left to jump through except this awesome Catch-22 implementation, which leaves no actionable solution.

I&#x27;ve been de-googling all of my services and software over the last couple years including a switch to firefox.<p>I have noticed cloudflare challenging me more and more often. I assumed it was related to privacy extensions like noscript, ublock, and privacy badger.

I also got perma blocked by cloudflare (no option to override to get access, not even their captcha), because I dared to disable web timing APIs in Firefox at some point in the distant past. (I felt those have no legitimate uses, and I still do)<p>dom.enable_event_timing &#x2F; dom.enable_performance_navigation_timing<p>I only figured what was wrong after a month of no access to gitlab and other websites.

I can’t reproduce what this article is claiming, even using a completely new profile. I’m only a size of one for this perspective though.

I&#x27;d be curious to see if this is the case for other sites that use Cloudflare bot protection as well. There are a bunch of ways to tune the service so maybe they are just extra cautious?

Could it have anything to do with the Tor browser being based on Firefox?

&gt; Open-source browsers are an important part of the web and should not be treated differently than their closed-source counterparts.<p>One way to interpret that is they should all have the same suspicion rules for lack of popularity applied to them. One way Cloudflare&#x27;s rules could be causing this is if there&#x27;s some threshold for fingerprints-per-second under which <i>any</i> UA is considered sus, and Firefox&#x27;s market share is so low that it tends to fall under that threshold.<p>In which case, what lwt hiker is asking for is special treatment for the browser because they believe the Mozilla project&#x27;s browser has special value to the web ecosystem. Which they are allowed to believe, but let&#x27;s be clear about when we&#x27;re seeking special treatment vs. being treated like any other user agent.

Cloudflare provides service both for Firefox VPN and Firefox DNS over HTTP. Or at least did recently, I don&#x27;t think anything&#x27;s changed.<p><a href="https:&#x2F;&#x2F;developers.cloudflare.com&#x2F;1.1.1.1&#x2F;privacy&#x2F;cloudflare-resolver-firefox&#x2F;" rel="nofollow">https:&#x2F;&#x2F;developers.cloudflare.com&#x2F;1.1.1.1&#x2F;privacy&#x2F;cloudflare...</a><p><a href="https:&#x2F;&#x2F;www.mozilla.org&#x2F;en-US&#x2F;privacy&#x2F;firefox-private-network&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.mozilla.org&#x2F;en-US&#x2F;privacy&#x2F;firefox-private-networ...</a>

Fedora Chrome (not chromium) user here, I get the full challenge too.

I&#x27;m not sure what the cause was, but many sites failed to resolve for me in Firefox (and derivatives) for a month or two straight recently. archive.is was one of them. I think it may still happen with default settings, but I solved it by turning off DNS-over-HTTPS (which I think is a stupid feature anyway)

For me it was even worse, I got a straight &quot;Access denied&quot; with no captcha or recourse. (Firefox, Linux)

I don&#x27;t think one can conclude anything with just 1 site being blocked by www.g2.com using Firefox. More tests will show a clearer picture:<p>What about using another OS?<p>What about using another IP address?<p>What about other websites? Is the issue only repeatable with www.g2.com?<p>What about using mobile phone browser instead?

I can confim the behavior on mobile

I have been seeing this issues also, very odd, workarounds I tried do not get around the issue.<p>&gt;If this behavior gets adapted on more sites, we can expect even more users leaving Firefox<p>But I will just not go to the sites instead of using something other than Firefox.

I just close the tab if Cloudflare pops up and I don’t visit the site again. I don’t trust or like Cloudflare and I suspect they themselves initiate DDOS’s even though I have no actual proof.

Maybe it&#x27;s your IP. I tried it in Firefox and Edge. No problem

The challenge screen has appeared on Google Chrome on a Linux distro.

Does it have to do with the main browser you use? I am running Debian, Firefox is main browser, while chromium is used occasionally. I got captcha for Chromium, but not Firefox.

I hit the “checking your browser” quite often, as well as hitting captchas. I assume this means my adblocker &#x2F; tracking blocker (in Safari) is doing a good job.

I got HCaptcha-ed while using Chromium + uBlock Origin (no other privacy extensions &#x2F; settings as far as I think). Happens both in normal and incognito mode.

Tested on Android with Fennec (Firefox without telemetry), FOSS browser and Midori. Only Fennec gets the challenge. Even such obscure browser like Midori is OK.

Every time I login to gitlab.com with Firefox I get this screen. I thought that was normal. Because it is like this for months or maybe years already.

Can confirm that I got that exact challenge only on Firefox at least a week ago, although only on one site. Still getting it now.

Tried it, didn&#x27;t stop me viewing the page, no delay either

Cloudflare uses a lots of heuristics to determine whether to show their challenge. In fact getting served a challenge says more about the amount of bot traffic that the website is getting than about how bot-like you look.

I use Chromium and was served the challenge.

We&#x27;re regressing to a state reminiscent of the dark IE years.<p>Except back then when you suggested alternative browsers, people were generally receptive once they saw the practical utility of features like tabs. Now when you suggest alternative browsers, people complain about tens of milliseconds more latency and insist on using Chrome for the speed. It&#x27;s hard to blame them though, since the practical advantages of Firefox are slipping away as Mozilla focuses on more abstract advantages, like privacy, freedom, etc. Noble causes to be sure, reason enough for me to continue using Firefox even if it were a hundred times slower. But I think most people are looking for practical advantages; Firefox usage continues to decline and I don&#x27;t have much hope for these trends turning around anytime soon.

Considering CDN&#x27;s are duplicates of websites located around the world to remove lag, has anyone every flagged up how CDN&#x27;s can be used for nefarious means, or do people just trust CDN&#x27;s blindly? When is a sock puppet not an avatar on a web forum but an entire website radicalising individuals in secret?

I have got this on gitlab.com every morning when I log in for at least a year. (We are a paying customer.) I use Firefox with Coookie Auto Delete.<p>I know that the internet is full of idiots and criminals. If they protect their service it&#x27;s my benefit. It costs me maybe 2-3 seconds every morning, but then there will be 1000s of requests during the workday. If each of them were 0.1 seconds slower because their servers deal with nonsense my user experience would be much worse.<p>(I have no idea whether keeping cookies or using a different browser would avoid the visible challenge. I just don&#x27;t care.)<p>Edit: I would really hate it if I had to do free Google captcha labor. Or fill the AWS one which always takes me 3 attempts to get it right.