FlareSolverr: A Complete Guide to Bypass Cloudflare

Is your scraper getting blocked by Cloudflare's "under attack mode," or does it keep failing browser verification challenges? FlareSolverr, a Cloudflare bypass solution, can help you get around it. But how far can it go?

In this tutorial, we'll show you how to set up and use FlareSolverr as a reverse proxy to bypass Cloudflare protection, including its limits, and the best alternative or backup.

• How to use FlareSolverr.
• FlareSolverr alternative: The easiest way to scrape Cloudflare sites.

What Is FlareSolverr?

FlareSolverr is an open-source reverse proxy server made to bypass Cloudflare. Using Python's Selenium and Undetected ChromeDriver under the hood, the tool actually behaves like a real browser. This is why it can solve challenges, pass security checks, and even render website content.

As a reverse proxy, FlareSolverr uses a dedicated server to request on your behalf. It then returns the cookies to the client to bypass Cloudflare before obtaining the site's HTML.

FlareSolverr reacts to a target site's protection. When you try to access a website via FlareSolverr, it first checks if the target site is protected by Cloudflare and attempts to solve the challenge. Otherwise, it doesn't trigger a solver if the site doesn't use Cloudflare protection.

How to Use FlareSolverr

You can install FlareSolverr in different ways. We'll make it easy with step-by-step instructions.

But before that, let's try to access a website without FlareSolverr. For this example, we'll use the Cloudflare Challenge page.

To follow along, ensure you have the latest Python version installed, then install Requests using the following command:

pip3 install requests

Import the Requests module, define the target URL, and request the target site. Then, print the response to verify it works:

# pip3 install requests
import requests

# request the target website
response = requests.get("https://www.scrapingcourse.com/cloudflare-challenge")

# get the response HTML
if response.status_code != 200:
    print(f"An error occurred with status code {response.status_code}")
else:
    content = response.text
    print(content)

The request gets blocked with a 403 forbidden error, proving that the request is unauthorized:

An error occurred with status code 403

The 403 error code means Cloudflare has detected and blocked your request.

Let's see how FlareSolverr solves this problem.

Step 1: Install FlareSolverr With Docker, Jackett or Prowlarr

The easiest and most recommended approach to set up FlareSolverr is to use a Docker container, since the Chromium browser is included in the image. However, you can also configure it with Prowlarr or Jackett if you're extracting protected content from indexes.

In this tutorial, we'll show you how to set up FlareSolverr with Docker.

First, install and download a compatible Docker executable for your operating system. Then, run the installation package and follow the onscreen instructions. After the installation is complete, you may need to restart your computer.

To check if you've installed Docker correctly, enter the following command in your terminal:

docker

Start the Docker engine by double-clicking on the Docker Desktop icon, and you'll be ready to integrate FlareSolverr.

Next, download FlareSolverr from the Docker hub by running the following command in your terminal:

docker pull flaresolverr/flaresolverr

If done correctly, you should see the FlareSolverr image in the Images tab of Docker Desktop.

Finally, run a new FlareSolverr container as an isolated service on your system using the following command:

docker run -d --name=flaresolverr -p 8191:8191 -e LOG_LEVEL=info --restart unless-stopped ghcr.io/flaresolverr/flaresolverr:latest

The command above uses the flaresolverr/flaresolverr image to start a Docker container named "flaresolverr". It maps port 8191 in the container to the same port on your local machine, allowing you to access services running inside the container from outside.

The default base endpoint for the running Flaresolverr server is http://localhost:8191/, as seen in the GitHub cURL example. Keep this URL handy because you'll use it to make a request to FlareSolverr so it can handle Cloudflare challenges.

However, if the FlareSolverr container runs on a different host or port, the URL would differ from the default above. You can inspect the container to see its host and port.

If you're using FlareSolverr with Prowlarr, it's important to understand the following binding rules to ensure proper functionality:

• A FlareSolverr proxy will handle requests only if it detects Cloudflare protection.
• A proxy will only function if the proxy and the indexer share matching tags.
• A proxy configured without tags or matching indexer tags will be automatically disabled.

Step 2: Test FlareSolverr Connection

By now, your FlareSolverr container should be running. Otherwise, if you've previously stopped it, run the following command to restart it, replacing <CONTAINER_NAME> with the container name (flaresolverr in this case).

docker start <CONTAINER_NAME>

To confirm you're running Flaresolverr correctly, visit http://localhost:8191/ on your web browser or run the curl GET command via your terminal as shown:

curl GET http://localhost:8191

You should get a response similar to this:

{
    "msg": "FlareSolverr is ready!", "version": "3.4.6", "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36"
}

Your FlareSolverr server is now ready!

Step 3: Scrape With FlareSolverr

Now, let's see if FlareSolverr can bypass the previous Cloudflare protection. As mentioned, FlareSolverr serves as a reverse proxy that handles requests on behalf of a client.

Using the Requests library as an HTTP client, try accessing the previous Cloudflare-protected website using FlareSolverr.

Define the Flarsolverr API URL and set the request headers to accept a JSON payload. Define the payload and send a POST request to FlareSolverr's API. The API then requests the protected website on the client's behalf using the request .get command in the data payload:

# pip3 install requests
import requests

# set FlareSolverr's server URL
url = "http://localhost:8191/v1"

# set the content type
headers = {"Content-Type": "application/json"}

# include the target URL in the request payload
data = {
    "cmd": "request.get",
    "url": "https://www.scrapingcourse.com/cloudflare-challenge",
    "maxTimeout": 60000,
}

# send a post request to FlareSolverr's server
response = requests.post(
    url,
    headers=headers,
    json=data,
)

# get the response HTML
if response.status_code != 200:
    content = response.json()
    print(content)
else:
    content = response.json()
    print(content)

FlareSolverr bypassed Cloudflare's anti-bot protection (with a "Challenge solved" message in the JSON response), as shown below. The response also includes the protected site's full-page HTML:

{
    "status": "ok",
    "message": "Challenge solved!",
    "solution": {
        "url": "https://www.scrapingcourse.com/cloudflare-challenge",
        "status": 200,
        "cookies": [
            {
                "domain": ".scrapingcourse.com",
                # ...omitted for brevity"...
            }
        ],
        "userAgent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36",
        "headers": {},
        "response": "<html lang='en'> ...<title>Cloudflare Challenge - ScrapingCourse.com</title>...<body> You bypassed the Cloudflare challenge! ...</body></html>",
    },
    "startTimestamp": 1771337952067,
    "endTimestamp": 1771337976627,
    "version": "3.4.6",
}

Great! Our verdict is that, for an open-source tool, FlareSolverr performed impressively at bypassing Cloudflare. And it might even be enough if you're running about a hundred to fewer than a thousand scraping requests. However, since FlareSolverr runs Selenium under the hood, it's performance degrades as you scale to thousands of pages.

How We Further Benchmarked FlareSolverr for Cloudflare Bypass

We ran a double 100-iteration benchmark at different time intervals to evaluate FlareSolverr's ability to bypass Cloudflare. Each test checked for success and failure signals in the tool's JSON response, including status, solution.message, and solution.status. FlareSolverr had a 94% success rate on the first run and 91% success rate on the second iteration batch. Overall, results showed that FlareSolverr achieved an average success rate of 92.5% in bypassing Cloudflare.

Additional random testing revealed that FlareSolverr still intermittently failed the Cloudflare challenge and timed out in some cases. This makes scraping results unpredictable and can lead to data loss or poor data integrity. One of the main reasons for this unpredictability is that FlareSolverr sometimes sends a loose fingerprint, which Cloudflare detects easily.

Although FlareSolverr works now, Cloudflare may clamp down on it in the future, as seen with popular stealth tools like Playwright Stealth.

We recommend using dedicated, premium scraping solutions if you intend to scale your scraping and achieve production-grade reliability.

FlareSolverr Alternative: Easiest Way to Scrape Cloudflare Sites

While we're recommending FlareSolverr as a free Cloudflare bypass tool, relying on it for large-scale scraping isn't sustainable. Cloudflare frequently updates its security to clamp down on open-source bypass solutions. And FlareSolverr isn't safe from obsolescence. Overall, a FlareSolverr-dependent scraping pipeline is ultimately a fragile setup that requires constant maintenance and a more robust backup strategy.

The easiest way to bypass any anti-bot system at any scale is to use a web scraping solution, such as the ZenRows Universal Scraper API.

ZenRows is the most reliable FlareSolverr alternative, providing all the toolkits required to consistently bypass Cloudflare and other protections with a 99.93% success rate. It features premium proxy rotation, optimized request headers, advanced evasion techniques, JavaScript rendering, anti-bot and CAPTCHA auto-bypass, and more.

It takes a single API call, and ZenRows handles all the technicalities under the hood, saving you time and reducing the risk of data loss. Its Adaptive Stealth Mode makes your scraping experience even smoother by applying the optimal configuration required for success at the lowest cost.

To see how ZenRows works, let's use it to scrape the Cloudflare-protected website.

Sign up on ZenRows and open the Universal Scraper API Request Builder. Paste your target URL into the link box, then enable Adaptive Stealth Mode.

Select Python as your programming language and choose the API connection mode. Copy the generated Python code and paste it into your script.

Here's the generated Python code:

# pip3 install requests
import requests

url = "https://www.scrapingcourse.com/cloudflare-challenge"
apikey = "<YOUR_ZENROWS_API_KEY>"
params = {
    "url": url,
    "apikey": apikey,
    "mode": "auto",
}
response = requests.get("https://api.zenrows.com/v1/", params=params)
print(response.text)

The above code outputs the protected website's full-page HTML, proving you bypassed Cloudflare's challenge:

<html lang="en">
<head>
    <!-- ... -->
    <title>Cloudflare Challenge - ScrapingCourse.com</title>
    <!-- ... -->
</head>
<body>
    <!-- ... -->
    <h2>
        You bypassed the Cloudflare challenge! :D
    </h2>
    <!-- other content omitted for brevity -->
</body>
</html>

Congratulations! 🎉 You bypassed Cloudflare protection with the ZenRows Universal Scraper API.

Conclusion

In this article, you've seen how to bypass Cloudflare with FlareSolverr. While it's a solid open-source solution, it's still vulnerable to obsolescence, as Cloudflare may push an update that will break its stealth strategy.

To reliably scrape anti-bot-protected sites at scale, we recommend using ZenRows, an all-in-one scraping solution. It's all you need to prevent unprecedented production-level blocks.

Try ZenRows for free now or speak with sales!

docker run -d --name=flaresolverr -p 8191:8191 -e LOG_LEVEL=info --restart unless-stopped ghcr.io/flaresolverr/flaresolverr:latest