Node.js library to bypass cloudflare's anti-ddos page
Switch branches/tags
Clone or download
Latest commit 633faba Dec 9, 2018
Type Name Latest commit message Commit time
Failed to load latest commit information.
specs Spec for a new error Dec 7, 2018
.gitignore Update gitignore Nov 21, 2018 Update readme Dec 9, 2018
Gruntfile.js Adding errors test. Also changing signature Dec 10, 2014 Update readme Dec 9, 2018
index.js Update readme Dec 7, 2018
package.json Update readme Dec 9, 2018


Node.js library to bypass cloudflare's anti-ddos page.

This library is a port of python module cloudflare-scrape with couple enhancements and test cases ;) . All grats to its author \m/

If the page you want to access is protected by CloudFlare, it will return special page, which expects client to support Javascript to solve challenge.

This small library encapsulates logic which extracts challenge, solves it, submits and returns the request page body.

You can use cloudscraper even if you are not sure if CloudFlare protection is turned on.

In general, CloudFlare has 4 types of common anti-bot pages:

  • Simple html+javascript page with challenge
  • Page which redirects to original site
  • Page with recaptcha
  • Page with error ( your ip was banned, etc)

Unfortunatelly there is no solution, if website is protected by captcha.

If you notice that for some reason cloudscraper stopped to work, do not hesitate and get in touch with me ( by creating an issue here, for example), so i can update it.


npm install cloudscraper


var cloudscraper = require('cloudscraper');

cloudscraper.get('', function(error, response, body) {
  if (error) {
    console.log('Error occurred');
  } else {
    console.log(body, response);

or for POST action:'', {field1: 'value', field2: 2}, function(error, response, body) {

A generic request can be made with cloudscraper.request(options, callback). The options object should follow request's options. Not everything is supported however, for example http methods other than GET and POST. If you wanted to request an image in binary data you could use the encoding option:

cloudscraper.request({method: 'GET',
                      encoding: null,
                      challengesToSolve: 3, // optional, if CF returns challenge after challenge, how many to solve before failing
                      followAllRedirects: true, // mandatory for successful challenge solution
                      }, function(err, response, body) {
                      //body is now a buffer object instead of a string

Error object

Error object has following structure:

var error = {errorType: 0, error:...};

Where errorType can be following:

  • 0 if request to page failed due to some native reason as bad url, http connection or so. error in this case will be error event
  • 1 cloudflare returned captcha. Nothing to do here. Bad luck
  • 2 cloudflare returned page with some inner error. error will be Number within this range 1012, 1011, 1002, 1000, 1004, 1010, 1006, 1007, 1008. See more here
  • 3 this error is returned when library failed to parse and solve js challenge. error will be String with some details. ⚠️ ⚠️ Most likely it means that cloudflare have changed their js challenge.
  • 4 CF went into a loop and started to return challenge after challenge. If number of solved challenges is greater than 3 and another challenge is returned, throw an error

Running tests

Clone this repo, do npm install and then just grunt

Unknown error? Library stopped working?

Let me know, by opening issue in this repo and i will update library asap. Please, provide url and body of page where cloudscraper failed.

CloudScraper uses Request to perform requests.


Current cloudflare implementation requires browser to respect the timeout of 5 seconds and cloudscraper mimics this behaviour. So everytime you call cloudscraper.get you should expect it to return result after min 6 seconds.


  • Check for recaptcha
  • Support cookies, so challenge can be solved once per session
  • Support page with simple redirects
  • Add proper testing
  • Remove manual 302 processing, replace with followAllRedirects param
  • Parse out the timeout from chalenge page
  • Reoder the arguments in get/post/request methods and allow custom options to be passed in
  • Expose solve methods to use them independently
  • Support recaptcha solving
  • Promisification

Kudos to contributors