I am seeing way to many "Performing security verification This website uses a security service to protect against malicious bots. This page is displayed while the website verifies you are not a bot." from Cloudfare these days. It strikes me that, if it has verified my client once, it should hold off at least for a day or so before putting me through that hoop again. How does Bunny DNS deal with bot protection?
Wasn't Privacy Pass supposed to fix this? Let the browser generate and store some PoW or something that it hands off to the site, so each site doesn't have to do the same thing.
https://github.com/cloudflare/pp-browser-extension seems kind of dead (a dependabot zombie).
eta: I completely missed this two days ago: https://www.cloudflare.com/press/press-releases/2026/cloudfl...
I have the same experience, and I ended up removing Cloudflare from the websites I manage since there were too many complaints from users with shared connections or exotic browsers.
Not sure if you're talking about different sites or same one. If different sites, it doesn't make much sense to add that feature because site owners would rarely (if ever) want it. If same site, blame again the site owner who has the ability to configure challenge cookie expiry.