PUBLISHED : 11 May 2026. According to Cloudflare's Turnstile CAPTCHA, the author implemented the service on some pages to curb bot traffic, noting that about 300 requests yielded only 1 passing the test, i.e., 99.7% were from bots. The write‑up mentions a rare false positive on the login page, where the login button could be clicked before the CAPTCHA test finished, which was fixed with a small JavaScript adjustment.
Top offenders included 219.117.237[.]208, which resolves to 219.117.237[.]208.static.zoot[.]jp and appears to be a spider; 18.229.88[.]75, an AWS host; 164.52.120[.]0/24, a cloud provider in HK; and 2a03:2880:f806::/48, Facebook Ireland. The piece also explains why Turnstile was chosen over other CAPTCHAs, citing fewer privacy issues than Google Recaptcha, low user impact, and compatibility with their Cloudflare CDN‑backed site.