CAPTCHA on Torzon – Legitimate Protection Mechanism
Torzon uses CAPTCHA selectively to block automated bots, scrapers and DDoS tools. It's not phishing – it's our defense since v4.8.1 (June 2025).
┌─────────────────────────────────────────────────────┐
│ CAPTCHA = LEGITIMATE. It's Torzon defending │
│ against 4,200+ bot attempts per hour. │
└─────────────────────────────────────────────────────┘
Why CAPTCHA Appears (Technical Triggers)
| Trigger | Frequency | Why? |
|---|---|---|
| Multiple failed logins (5+) | 12% | Brute-force protection |
| New Tor circuit from high-risk exit | 28% | Botnet detection |
| Search > 50 listings in 60 sec | 41% | Scraper blocking |
| Order creation after 10+ page views | 19% | Human verification |
CAPTCHA Technical Stack (Torzon v4.8.1+)
- hCaptcha (self-hosted, no Google telemetry)
- Audio fallback (for accessibility)
- IP + Tor circuit fingerprinting
- Rate limiting per session (not per IP)
Instant Fixes – 95% Success Rate
# 1. New Tor Circuit (clears fingerprint)
# Tor Browser → Shield icon → "New Circuit for this Site"
# 2. Switch Mirror (different server load)
# Open official mirror list → pick one from different country
# 3. Enable Snowflake (bypasses circuit-based triggers)
Tor Browser → Settings → Connection → Bridges → Snowflake
# 4. Wait 90 seconds (rate limit reset)
# Never refresh aggressively — triggers more CAPTCHAs
Average solve time: 14 seconds. False positives: < 0.3% (monitored 24/7).
If CAPTCHA persists > 3 mirrors → contact support via PGP ticket (no email).