Title: Plugin Not Compatible with Cloudflare WARP Last modified: April 5, 2024 --- # Plugin Not Compatible with Cloudflare WARP * Resolved [generosus](https://wordpress.org/support/users/generosus/) * (@generosus) * [2 years, 2 months ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/) * Good Day, * Unfortunately, your latest plugin revision, [V7.11.5](https://prnt.sc/AOAhBxkRi9G0), did not fix the condition where we frequently get the message “Login Verification Required” when reCAPTCHA is enabled AND [Cloudflare WARP](https://one.one.one.one/) is installed on desktops, tablets, and mobile devices. * The above also occurs when the reCAPTCHA threshold score is set between .1 and. 5. Disabling reCAPTCHA is not an option for us. * Kindly share this with your developers to confirm the above and provide a fix. Best to disconnect the email verification logic when reCAPTCHA is enabled. * The change you made in [V7.11.4](https://prnt.sc/QTo4ZCYHr1dg) really messed things up. Let Google reCAPTCHA do its job (standalone) without adding an email verifcation procedure. “If it ain’t broke, don’t fix it.” * The above issue may also occur when using other VPN client services. * **Please share this with your developers and consider reversing the change you made in V7.11.4.** * Thank you. Viewing 4 replies - 1 through 4 (of 4 total) * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [2 years, 2 months ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/#post-17678046) * Thanks for this [@generosus](https://wordpress.org/support/users/generosus/), I escalated your thoughts since the update, and experience with WARP to the development/ QA teams to look into as something appears to have changed for you. We will likely try to reproduce what you’re seeing so that we can get a better understanding of the situation. * The verification emails have been a part of the reCAPTCHA process since day 1 as far as I know as a fallback, so it seems that you weren’t really experiencing these at all before whereas now they’ve very much caught your attention. * Many thanks, Peter. * Thread Starter [generosus](https://wordpress.org/support/users/generosus/) * (@generosus) * [2 years, 2 months ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/#post-17681075) * Hi [@wfpeter](https://wordpress.org/support/users/wfpeter/), * Thanks for the clarification (i.e., “verification emails have been a part of the reCAPTCHA process since day 1”). With WF 7.11.4 and Cloudflare WARP installed, something triggered this issue. * In any case, it appears we can now sign using reCaptcha without gettting the pesky email verification request, so something must have changed for the better in the backend (we haven’t touched anything). * We’ll continue to monitor this topic and report back if the issue surfaces again. * Hi [@webby1973](https://wordpress.org/support/users/webby1973/), * Thanks for you input. Yes, we’re aware of Cloudflare Turnstile. It’s still buggy for some sites (like ours), so we’re waiting for it to mature and/or Wordfence to offer that option in the plugin’s built-in setttings section. * Thanks, y’all! 🙂 * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/#post-17708801) * Hi [@generosus](https://wordpress.org/support/users/generosus/), we have a bit of information that may be of assistance. * In summary, the verification emails have always been in the Wordfence plugin since the captcha was implemented. Google reCAPTCHA v3 only provides a score and nothing else. reCAPTCHA v3 doesn’t fall back to picking bicycles/traffic lights/etc., it only gives a score for the user so any fallback is left to the implementer. * Wordfence 7.11.4 made a necessary change to captcha handling. As a side-effect of requesting captcha scores twice, some users got lower scores. Scores may become lower further if you log in and out excessively. Google may consider you to be more like a bot when logging in repeatedly. * In 7.11.5, we revised the reCAPTCHA verification to avoid sending verification requests too frequently, which was artificially lowering scores and causing more“ Verification Required” emails than usual to be sent out. They now use Google’s token expiration time before sending another score request. This should be the same process as 7.11.3. * We have seen some behavior where Google may see an increasing number of bots on certain hosts, or services like Cloudflare Warp, which _could_ contribute to lower scores for real users using it. VPNs that we test with often cause lower scores than using our own ISPs, likely for the same reason. Google does not share any details of how scores are calculated, so this is an observation from doing hundreds of logins on various sites. * A possible solution if you’re stuck with low scores: You can go to [https://www.google.com/recaptcha/](https://www.google.com/recaptcha/) admin and generate a new set of reCAPTCHA v3 keys and replace the existing keys in Wordfence’s settings. This resets any history the site had accumulated that could result in constantly low scores, but **not** reset the score history chart in the Wordfence plugin. * I hope that helps you out! Peter. * Thread Starter [generosus](https://wordpress.org/support/users/generosus/) * (@generosus) * [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/#post-17710483) * Thank you, Peter. Again, excellent reply. * As stated before, we no longer get the email verification request as frequently as we used to. Perhaps because Google has been “trained” at our end, Cloudflare updated their code, and/or your code changes kicked in after we “flushed” our DNS cache, etc. * Your information is extremely valuable, so kindly consider amending your [documentation](https://www.wordfence.com/help/login-security/) to reflect it by adding a “Troubleshooting” section to it. * Again, thank you! Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘Plugin Not Compatible with Cloudflare WARP’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) ## Tags * [warp](https://wordpress.org/support/topic-tag/warp/) * 4 replies * 3 participants * Last reply from: [generosus](https://wordpress.org/support/users/generosus/) * Last activity: [2 years, 1 month ago](https://wordpress.org/support/topic/plugin-not-compatible-with-cloudflare-warp/#post-17710483) * Status: resolved