ALTCHA triggers "graylist" on some filtering/firewall providers

[tmjoen]

First of all, thanks for a great piece of software!

We had some problems with one of our clients not being able to access their website. Everything looked OK on our side and monitoring confirmed that the site is up. We managed to escalate it to the client's IT provider which told us that their firewall provider Palo Alto classified the site as "Grayware", meaning suspicions of "criminal activities, rogueware, adware, crypto miners". I suspect it's being misclassified as a "crypto miner" due to the cpu work it does?

Is this something you've seen before?

[ovx]

Hi,
It's highly unlikely that a firewall would actively attempt to interact with the ALTCHA widget (e.g., checking the checkbox or detecting CPU load). The issue is more likely caused by other content on your website that triggered the filter, or possibly the link to the ALTCHA website. The phrase "proof of work" used on the ALTCHA website might have been misinterpreted as being crypto-related, which could explain the block.

You can try removing the ALTCHA link from the widget by using the hidelogo and hidefooter options. However, the best course of action would be to contact the firewall provider directly to understand why your site was blocked.

For clarification:

• ALTCHA has no connection to crypto mining or cryptocurrency.
• The term "proof of work" refers to a technological algorithm used by ALTCHA and is unrelated to mining.
• The project adheres to industry security standards, including thorough code reviews, automated vulnerability scanning, and digital signing of published packages.
• The source code is open and available on GitHub for anyone to review.