How to Solve Cloudflare in 2024 | Best Cloudflare Captcha Solver

How to Solve Cloudflare in 2024 | Best Cloudflare Captcha Solver

Logo of Capsolver

CapSolver Blogger

How to use capsolver


Cloudflare Bot Manager

Cloudflare Bot Manager is a sophisticated security solution offered by Cloudflare to protect websites from malicious bot traffic while allowing legitimate bots and human users to access the site without unnecessary friction. Here's a breakdown of its key features and functionalities:

  1. Threat Mitigation: The primary goal of Cloudflare Bot Manager is to prevent malicious bots from carrying out harmful activities such as credential stuffing, data scraping, and DDoS attacks.

  2. Traffic Analysis: It continuously analyzes incoming traffic to distinguish between human users, good bots (like search engine crawlers), and bad bots. This is achieved through a combination of behavioral analysis, machine learning models, and heuristic techniques.

  3. Allowlist for Known Bots: Cloudflare maintains a list of known good bots (e.g., Googlebot, Bingbot) that are allowed to access sites without being blocked. This ensures that essential services like search engine indexing are not interrupted.

  4. Bot Detection Techniques: Cloudflare employs both passive and active bot detection methods:

    • Passive Detection: Includes techniques like IP reputation analysis, HTTP request header inspection, and TLS fingerprinting.
    • Active Detection: Involves client-side challenges, such as JavaScript tests and CAPTCHAs, which are designed to differentiate between humans and bots.
  5. Custom Rules and Actions: Website administrators can create custom rules to handle bot traffic based on their specific needs. They can choose to block, challenge, or allow traffic based on various criteria.

  6. Detailed Reporting and Analytics: Cloudflare Bot Manager provides comprehensive reports and analytics, giving administrators insights into bot activity and helping them fine-tune their bot mitigation strategies.

If you've tried scraping a Cloudflare-protected site, you may have encountered these Bot Manager-related errors:

Error 1020: Access Denied
Error 1010: The website owner has banned your access based on your browser's signature
Error 1015: You are being rate limited
Error 1012: Access Denied
Check this blog to understand more about these status code, read this blog

Cloudflare Turnstile CAPTCHA

Cloudflare Turnstile CAPTCHA is a modern CAPTCHA solution designed to enhance user experience while maintaining robust security. Unlike traditional CAPTCHAs that rely on solving visual puzzles, Turnstile focuses on minimizing user interaction. Here’s how it works and its main features:

  1. Invisible and Interactive Challenges: Turnstile aims to be less intrusive by using invisible and interactive challenges that most users won’t even notice. This reduces friction and enhances the user experience.
  • Cloudflare offer 3 types of cloudflare turnstile captcha
    • Managed challenge
    • Non-interactive challenge
  • Invisible challenge
    Not visible, you can check on the network / scripts loaded and see if turnstile is used
  1. User Behavior Analysis: It analyzes user behavior, such as mouse movements and keystrokes, to determine if the interaction is from a human or a bot. This method is less disruptive compared to traditional image or text-based CAPTCHAs.

  2. Machine Learning Models: Turnstile leverages advanced machine learning models to accurately distinguish between human users and automated bots. These models are continuously updated to adapt to new bot behaviors.

  3. Seamless Integration: Turnstile can be easily integrated into websites and applications. It is designed to work seamlessly with Cloudflare’s broader suite of security products.

  4. Privacy-Focused: Cloudflare emphasizes privacy, ensuring that user data is handled responsibly and securely. Turnstile is designed to minimize data collection and prioritize user privacy.

  5. Adaptive Challenges: Depending on the risk score and confidence level, Turnstile can dynamically adjust the difficulty of challenges. High-confidence human interactions may pass through without any visible challenge, while suspicious activity might face more stringent verification.

  6. Accessibility: Turnstile is built with accessibility in mind, ensuring that users with disabilities can interact with it without barriers.

In summary, Cloudflare Bot Manager is a comprehensive tool for managing bot traffic and protecting websites from malicious activities, while Cloudflare Turnstile CAPTCHA provides a modern, user-friendly approach to verifying human users without the traditional hassle of solving puzzles. Both solutions work together to enhance website security and user experience.

🛠️ Solving cloudflare challenge with Python

⚙️ Prerequisites

  • A working proxy
  • Python installed
  • Capsolver API key

🤖 Step 1: Install Necessary Packages

Execute the following commands to install the required packages:

pip install capsolver
pip install os
pip install requests

👨‍💻 Step 2: Python Code for solve Cloudflare Challenge 5s

Here's a Python sample script to accomplish the task:

# -*- coding: utf-8 -*-
import requests
import time
import tls_client

# TODO: Your api key
API_KEY = ""
proxy = ""

# TODO: Your target site url:
page_url = ""

def call_capsolver():
    data = {
        "clientKey": API_KEY,
        "task": {
            "type": 'AntiCloudflareTask',
            "websiteURL": page_url,
            "proxy": proxy,
    uri = ''
    res =, json=data)
    resp = res.json()
    task_id = resp.get('taskId')
    if not task_id:
        print("no get taskId:", res.text)
    print('created taskId:', task_id)

    while True:
        data = {
            "clientKey": API_KEY,
            "taskId": task_id
        response ='', json=data)
        resp = response.json()
        status = resp.get('status', '')
        if status == "ready":
            print("successfully => ", response.text)
            return resp.get('solution')
        if status == "failed" or resp.get("errorId"):
            print("failed! => ", response.text)

def request_site(solution):
    session = tls_client.Session(
    return session.get(

def main():
    solution = {
        "headers": {
            "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7",
            "upgrade-insecure-requests": "1",
            "user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36",
            "sec-fetch-site": "none",
            "sec-fetch-mode": "navigate",
            "sec-fetch-user": "?1",
            "sec-fetch-dest": "document",
            "accept-encoding": "gzip, deflate, br",
            "accept-language": "en-US,en;q=0.9",
    # first request (check your proxy):
    res = request_site(solution)
    print('1. response status code:', res.status_code)
    if res.status_code != 403:
        print("your proxy is good and didn't get the cloudflare challenge")
    elif 'window._cf_chl_opt' not in res.text:
        print('==== proxy blocked ==== ')

    # call capSolver:
    solution = call_capsolver()
    if not solution:

    # second request (verify solution):
    res = request_site(solution)
    print('2. response status code:', res.status_code)

if __name__ == '__main__':

⚠️ Change these variables

  • PROXY: Update with your proxy details. The format should be http://username:password@ip:port.
  • capsolver.api_key: Obtain your API key from the Capsolver Dashboard.
  • PAGE_URL: Replace with the URL of the website for which you wish to solve the CloudFlare challenge.

What the CloudFlare Challenge Looks Like

Cloudflare Challenge

🛠️ Solving cloudflare turnstile captcha with Python

⚙️ Prerequisites

🤖 Step 1: Install Necessary Packages

Execute the following commands to install the required packages:

pip install requests

👨‍💻 Step 2: Python Code for solve Cloudflare Turnstile Captcha

Here's a Python sample script to accomplish the task:

import time
import requests

PAGE_URL = "url"
WEBSITE_KEY = "site key"

def solvecf(metadata_action=None, metadata_cdata=None):
    url = ""
    task = {
        "type": "AntiTurnstileTaskProxyLess",
        "websiteURL": PAGE_URL,
        "websiteKey": WEBSITE_KEY,
    if metadata_action or metadata_cdata:
        task["metadata"] = {}
        if metadata_action:
            task["metadata"]["action"] = metadata_action
        if metadata_cdata:
            task["metadata"]["cdata"] = metadata_cdata
    data = {
        "clientKey": CAPSOLVER_API_KEY,
        "task": task
    response_data =, json=data).json()
    return response_data['taskId']

def solutionGet(taskId):
    url = ""
    status = ""
    while status != "ready":
        data = {"clientKey": CAPSOLVER_API_KEY, "taskId": taskId}
        response_data =, json=data).json()
        status = response_data.get('status', '')
        if status == "ready":
            return response_data['solution']


def main():
    taskId = solvecf()
    solution = solutionGet(taskId)
    if solution:
        user_agent = solution['userAgent']
        token = solution['token']

    print("User_Agent:", user_agent)
    print("Solved Turnstile Captcha, token:", token)

if __name__ == "__main__":

⚠️ Change these variables

  • CAPSOLVER_API_KEY: Obtain your API key from the Capsolver Dashboard.
  • PAGE_URL: Replace with the URL of the website for which you wish to solve the CloudFlare Turnstile Captcha.
  • WEBSITE_KEY: Replace with the site key of the website