Cloudflare CAPTCHA on at least one ampersand
Signal
35
Hype
15
In three linesSimon Willison shares a tip for configuring Cloudflare CAPTCHA/Managed Challenge: use a WAF rule that only triggers the challenge on search URLs containing at least one ampersand. This allows simple requests like ?q=term to pass without CAPTCHA.Read source
Your take?
Summary generated by Claude — human-verified