Passbolt does not work correctly with CAPTCHA enabled in Cloudflare

Checklist
I have read intro post: About the Installation Issues category
I have read the tutorials, help and searched for similar issues
I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Hi everyone, and thank you for your great app.

I use Passbolt CE, which is deployed in Docker.

  • Passbolt CE non-root 4.9.1
  • Google Chrome Extension 4.9.3

Access is allowed only from certain IP addresses. That is, I use a VPN, and only after it is enabled do I have access to the password manager. This option is not always convenient, so I decided to allow Passbolt access from all IPs, securing it with Cloudflare WAF. One of the rules on the firewall was to enable CAPTHA, which would be triggered if I logged in from an IP address that was not specified in the rule.
After enabling this rule, Passbolt works, the login page loads, but an error occurs: Could not verify the server key. Server internal error. Check with your administrator.


Without a CAPTHA check, everything works correctly. Could you please tell me if there is any way to solve this problem or is it impossible?

Thanks in advance for your assistance!

Hi @Romchik911!
Since Passbolt works without a captcha, the problem may be on Cloudflare’s site.
Maybe they are blocking some information sent from the extension to the server or vice versa, which could cause this error.
Have you tried searching their forums for similar issues?