| Rollout starts | Rollout ends |
|---|---|
| September 2021 | October 31, 2021 |
Zendesk is changing the CAPTCHA settings to prevent bot and malicious traffic from using Zendesk.
What is changing?
In the past, the help center ticket submission web form could be protected from bots and malicious traffic by requiring a CAPTCHA. This setting was enabled by default, but could be disabled by admins.
Now, all traffic going to the ticket submission web form will be automatically verified by Cloudflare bot management before it reaches the form. If Cloudflare determines the traffic from users who aren't signed in looks suspicious, Zendesk will serve CAPTCHA challenges to deter bad bots. This behavior can't be disabled. Qualified good bots and automations aren't expected to be impacted by this change.
Why did Zendesk make this change?
In an effort to tighten security and prevent bot attacks, Zendesk is ensuring CAPTCHA challenges are used consistently across all Guide and help center interfaces. This is an overarching security and reliability update applicable to all traffic reaching Zendesk services. Consistent protection is essential to keep all our customers safe from bad bots.
The goal of this change is to target bad bots and reduce the number of human users being asked to solve CAPTCHA challenges. We expect a 98% reduction in the number of human users presented with a CAPTCHA.
What do I need to do?
You don't need to do anything. This feature will be added automatically to your account.
If you have any questions or concerns, contact Zendesk Customer Support.
9 Comments
Is this for non-signed-in users? I'd hope for signed-in users, we don't have to stop them with a Captcha. Let us know! Thanks!
Hi Heather!
Yes, this is for signed-out users – it says above: "If Cloudflare determines the traffic from users who aren't signed in looks suspicious, Zendesk will serve CAPTCHA challenges to deter bad bots. "
Perfect @...! Thank you for finding that in here for me! I missed it somehow.
Glad I could help!
This change is driving me absolutely crazy. We provide technical support and nearly every vendor we work with uses Zendesk for their help desk. I'm having to provide captcha responses between 40-50 times a day. I wish there was a way to register our IP address or something so we would only have to do this so often.
Thanks for reaching out Joe and sharing your experience,
Certainly captcha responses between 40-50 times a day certainly sounds a crazy lot and appears more of technology config challenge. I've reached out to the Zendesk team working on this.
Allow me to assure you that this is not the norm, we hope to find out the root cause to this and address it asap! I have also created a ticket based on your comment for a follow up.
Thank you for holding onto the zen. We hope to support you and resolve this soon!
Thanks so much! Hopefully it's just the people at my office who are experiencing this issue.
Hello, my customers are complaining about the CAPTCHA challenges that are sent at each attempt to log in to Zen. I've checked their IPs using one of the websites you suggested https://www.projecthoneypot.org/ but it says there's no information on none of my customer's IPs. Moreover, they are connecting to Zendesk while in their company's VPN, so what's the deal?
Is there a way to mitigate that? Thanks.
We also have a customer using our Customer Portal based upon Zendesk that they are constantly requested to fill in the CAPTCHA screen.
Please sign in to leave a comment.