Browser Security System - Features and Limitations

Documentation Websites and PHP
1

InfinityFree uses a security system on all free hosting accounts to ensure your website is accessed by real web browsers, not bots or automated scripts. While this protects your site from malicious traffic, it can affect certain types of access.

How the security system works

The system checks that visitors can execute JavaScript and accept cookies: features that all modern web browsers support. This verification happens automatically and most website visitors will never notice it.

You may occasionally see ?i=1 or similar parameters in your URL during this check, this is completely normal. Learn more about URL parameters.

What doesn’t work with this security system

Because the system requires JavaScript and cookies, these types of access won’t work:

Mobile and desktop apps

  • Android or iOS mobile apps cannot connect to your website
  • Desktop applications that try to fetch content from your site
  • Progressive web apps (PWAs)
  • Note: Mobile web browsers work perfectly fine

API and automated access

  • REST APIs, WordPress XML-RPC, and similar services
  • Command-line tools like cURL or wget
  • Automated scripts and bots
  • Webhooks from external services

Development and validation tools

  • Website validators and SEO checking tools
  • Domain verification systems used by some ad networks and webmaster tools

Cross-site requests

  • AJAX requests from other domains (CORS)
  • Embedding images or files from your site on other websites (hotlinking)

What still works normally

The security system only affects access to your website from external sources. These features work perfectly fine:

Outbound requests from your site

  • Your website’s code can make API calls to external services
  • Server-side scripts can fetch data from other websites
  • External database connections work normally

Same-domain JavaScript requests

  • AJAX calls within your own website work fine
  • Single Page Applications (SPAs) can call APIs on the same domain
  • JavaScript can fetch data from your own site’s endpoints

The key principle is that anything accessed through a real web browser, or outbound connections from your site, will work as expected.

Common error messages

When incompatible tools try to access your site, you might see:

  • 403 Forbidden: The most common error for blocked requests
  • “This site requires Javascript to work”: Shows when JavaScript is disabled or unavailable
  • “No ‘Access-Control-Allow-Origin’ header”: Appears for blocked cross-domain requests

Benefits of this system

Protection from malicious bots: The system blocks automated attacks, login attempts, and spam bots that could compromise your site or consume server resources.

Prevents resource overuse: Malicious bots can quickly consume your account’s resource limits, potentially causing your website to be suspended. This security system helps ensure your resources are available for legitimate visitors.

Search engine compatibility: All major search engines (Google, Bing, etc.) support JavaScript and cookies, so your site will be indexed normally. Some validator tools may report issues, but actual search engine crawlers work fine.

Can I disable this system?

No, this security system is mandatory on all free hosting accounts and cannot be disabled.

If your website or application needs the blocked features, consider premium hosting. Premium hosting protects your site using less restrictive methods, allowing mobile apps, APIs, and automated tools to work normally.

Need help with specific issues?

7 Likes
Why do I see ?i=1 at the end of a URL
Can't Access My Website/API routes from another server!
PHP,api
What can I do with my hosting account
What does the CPU limit mean
Why isn't API access working on my website?
Why won't my mobile app connect to my website?
This site cant be reached
CORS blocking POST request
Wp-graphql not work - Unexpected token '<'
PWABuilder can't find web manifest (403 error)
cmd terminal not found
MS FrontPage not resolving images
Site requires Javascript to work
Curl: (56) Failure when receiving data from the peer
PHP Script Redirection Issue Due to InfinityFree Security System
MS FrontPage not resolving images
Robot.txt not accessible issue. Not able to change permission from cpanel. Kindly assist
Firewall blocking my hosted site?
Generating a sitemap.xml file
Need to make remote datalogger on my hosting
Curl is not working
Website Display Error: 403 Forbidden
Socket.io backend hosting on another site
Sometimes I get a course answer
Schannel: disabled automatic use of client certificate
Apple Universal Links resulting in 404 error
Issue posting via other software
Unknown Redirect Problem
Redirection to advertising sites or ebooks
Site health status in WordPress
SSL Error
Why the OAuth doesn't work
If you go to https://gamegam.wuaze.com/Image/29.png , you can see the image well, but I called anoth
How can I add necessary security headers and resolve certificate issues on my website without coding
Can I access a page without a javaScript explorer?
Api php
Problem with SSL
If you go to https://gamegam.wuaze.com/Image/29.png , you can see the image well, but I called anoth
Nameless JSON bug
Free hosting - The server supports the legacy SSL v2 protocol
Hosting PHP file for PHPMailer
.htaccess automatically delete itself
I can't get into the site admin area. Is the server down?
Featured Image Not Showing On Social Media When Sharing Link
How do i allow my php file to load data from my database? The browser says some CORB stuff
Unable to access pages or create new ones
Woocomerce connection
Getting response in localhost but getting CORS error on infinityfree hosting server
Connecting from C++
Bot protection
File manager resources are not read in Kodi
WordPress Site Kit Offline
InfinityFree is almost perfect! would be perfect with a non-JS compatible site feature ;)
Cache
Verifying website on Yandex and Firefox leads to error 403
Making request to php with python
"Need Help with .htaccess Permissions and CORS Policy Error"
I can't add data to my sql database using a php file
Added IP to server's allowlist
URL returned a bad HTTP response code
GPT chat API for translation
Request for database rights
403 Forbidden error when Installing Plugins from Jannah theme
Sitemap error
SSL suddenly stopped working
Problem with setting WooPayments
Some security headers are not working
Content type
I have 2 questions about hosting
PWA won't work
"Your Key and Certificate directories are not properly protected"
Blocked Requests
Blocked Requests
I cannot add cj dropshipping
Xml-rpc
Your site is misconfigured and AJAX requests are not reaching your backend. Please click here to fin
Wordpress not being detected on my domain and sub domains
Concerns Regarding Strict-Transport-Security Header: Missing 'max-age' Directive in httpd.conf
Paypal payments are not possible
Error when fetching content over HTTPs: "HTTPs server has incorrect certificate configuration"
I have 2 questions - free hosting wordpress related
Redirect from server to hosting
Can't add picture
Detalhes do banco de dados nao funciona no meu app
Link redirection in my Android application
Css gets blocked CORB)
I have some Questions
Using free plan to host an IoT dashboard , SSE used
Curl --binary-data php not working properly with php://input
VPN Support
How can you tell if the site is actually running on the hosting server instead of locally?
Pointing custom domain
How much can a hosted website handle at same time
Website ping
Ssl certificate
How to connect my android app and my website?
Ssl
The PWS website won't let me download the chrome app
CNAME for SEO
Error connecting Server - Twitch commands
SSL certificate problem: unable to get local issuer certificate
Disable Bot protection
How to make a blank website
Error 403 Forbidden
Rest api issue
3 Buttons instead of my web page
ESP32 GET problem with Javascript
Infinityfree and IoT
Title discription or any meta info not showing up
Cannot do requests with python
Edit page with Nicepage plug-in on Wordpress stuck on loading
Title and meta description tags
Site inaccessible to certain other websites
Is there a way I can archive my website?
I was using wordfence plugins but i was scanning was not starting?
Images are missing when i Export template in Elementor
My PHP file to get Webhook seems not working on InfinityFree
PHP code questions and which plan to choose
How can I disallow Python-requests and return the 418 code
Accessing my wordpress website from android app
HA tunnel VPN
The preview of my website does not appear on social networks
Events Block for Events Calendar on InfinityFree
403 forbidden error when trying to hit the rest api endpoint of a plugin installed on my site
How can I have a different htaccess for every page that I have?
418 Error
Why are my images not loading on eBay
I can't connect my woocommerce store with printify
Can't reach my domain
WP GraphQL doesnt work
Receiving Message from external via POST Request not working
JSON server usage
Why does my infinityfree website's url doesn't show preview when shared on social media?
Empty page when embedded
Encountered noscript issues
Domain forwarding fails with message 'Cookies are not enabled'
SSL Fullchain
Is it possible to use the POST-method from another webserver?
Can i use infinityfree for my game database?
Bad http response 418 "teapot..."
Why does my infinityfree website's url doesn't show preview when shared on social media?
About the premium which support JavaScript execution and cookie acceptance , can use with postman
Can I use websocket in my website using node.js
What is aes.js and why is it on my web server
I have a free ssl certificate installed but ssl 3.0 still shows unsecure
A simple html file is not sent as it is; getting unexpected javascript
Wanting to make a public API using PHP GET method but it says CORB issue
Bot Protection causing issue in migration
Discord Embed
Nameserver issue
Error "Something went wrong" only for mobile version
CORS error accessing stripe embedded form?
Use CDN
Unable to communicate back with site to check for fatal errors, so the PHP change was reverted. You
Trying to call a PHP file hosted on my InfinityFree site
Discord cant verify my domain for profile linking
Unexpected response code 403 executing POST
I can't set up a link preview of my page on social media
Unexpected response code 403 executing POST
Loop and api error
Featured image not showing in social media
Robots.txt file not accessible - timeout
Cors error
403 Forbidden Error on my file
Questions re: free hosting plan - before making the switch
403 Forbidden Error on my file
Jetpack error
InfinityFree does not support .json files
405 Method Not Allowed
Wordpress cookies problem!
Error while trying to setup woopayments
Hosting Laravel API on InfinityFree - Assistance Needed
[Feature request] Support for Python3
Error while trying to setup woopayments
Why does my website show HTTP errors with the code 403 after migrating to infinityfree?
Working on an Application with an API
Domain name is invalid
TSL Verification
Using Postman
Sydney Theme pack importation error on Wordpress
Paid hosting and SEO benefits
When an adapter displays your site on any other site
Connecting Domain to Discord Account
Error when restore files Wordpress with Wpvivid on server infinityfree
Https
Editing .htaccess
I want to prevent access to files from my code editor
Can't download data from website no matter what
Not sure if this is a server side issue or not
Deceptive site ahead
Content-Security-Policy` and `X-Frame-Options'
How to fix an unreadable sitemap
Problem indexation search engine
Problem with make.com and wordpress on infinity host
Privacy Policy checker seems have no access to my website
I cannot access the file on the server through my application
cURL Queries
Rest API error and some mo
GDPS Custom Server Fix
Infinityfree.com is trash with ads
Curl port 9000
Robots.txt issue
Yandex adsense Domain does not exist error
PWA: manifest error
Is it possible to skip IF's Javascript check for major search engines?
$_POST data disappeared (from another domain) => no solutions
Website on Social media
I want to upload my website on wordpress
Register data in database from an ESP32
cURL Enabling in Infinity free Panel
Android Studio 403 File not found error
Domain?
Elementor- Rest API Error
Google Sheets data transfer with google login popup
Disabling the site after confirmation of ownership
Fusio Concern
The rest API error
SSL Certificate Issue
CORS Information
Trying to connect my wordpress installation to a woocommerce sales channel
Problem with forwarding
Issue with healthcheck.sh script
Jetpack Error
Hello i have a question
WordPress Error: "Response to preflight request..."
Same sub-domain website not being indexed by Google!
SSL topic and CROS topic
Facebook Opengraph Meta
Htaccess and index
Discord Domain Connect
Robots.txt is unreachable
WooCommerce API
Json
Capacity on my account
Verification Question
Problem opening websites on iOS
Htpclient GET file download
Accessing wabpages with HTTPClient in C#
Unstable Website
LINE Messaging API Webhook TLS handshake failed
GET request to upload data in database gives me 302 error
Error 403 forbidden
Issue with URL Parameter Changes and AJAX Requests After Inactivity
Connecting with frontend
PayPal ipn
Error Metadata Crawlers
Trying to fix a SSL certificate error on my Wordpress website
I want add this ip to whitelist
Can't get photo and files from Android App
Image link preview
Why file_get_contents is not woking on same domain, but https/facebook.com is success
Wordpress cron Scheduler
Unable to read txt file loaded to the server
Question
URL fwd showing error
Blog post URL issues
How to set my domain to use with jellyfin media server
Theme editor error, unable to edit
Connecting to Unity
HTML form POST fails for very few users due to ?i=1
301 Redirect not showing as a 301 Redirect
Website seo
Allow plain POST without Javascript Enabled from insomnia
PKIX path building failed
Request for Assistance with HTTPS Request and SSL Certification Error
How to add IP whitelist to the server
My site is not working after 72 hours
Jetpack not connecting
Wordpress API not working
Can I create an API service?
A php script that accept uploaded json file allowed in free account?
CURL error 60: SSL certificate problem
CURL error 60: SSL certificate problem
How do I enable curl?
JavaScript error
Verify Ownership on Impact & Flexoffers Affiliate Networks!
How to enable "Access-Control-Allow-Origin: * header of my website?
WP Super Cache Tester Faild
I cannot receive data from API using POST
Problem
Problem Create New File
How do i make a plain text website that works with windows powershell iwr
Does InfinityFree block google bots from crawling the hosted sites?
Internal AJAX call error
Using PHP and MySQL database to perform authentication in C# desktop app
Problem
Problem
WordPress WooCommerce plugin not loading/error
Weird aes.js error but on a specific scenario
Discord Domain
Hi when i get request from python i get error
Problems with website preview in InfinityFree
how to disable this anti-bot protection
No link previews on social media using links to wordpress posts
Iframe with Infinityfree
Problem with Arduino Sending POST Data to InfinityFree PHP Server
Free SSL certificates cause the website to lose it's preview image & description!
SEO details
Infinity Hosting Can be used MIT app Inventor
Boot System Whitelist
There was a problem connecting your store to WordPress.com: "The Jetpack server was unable to commun
Request for Reverse DNS Setup for My Domain (https://dawnoclock.infy.uk/)
Is Grow.Me Script Allowed?
Bots and sitemap generators
how to set up a remote connection?
SSL or HTTPS problem
Unable to connect Zapier with Wordpress
Connecting to backend using unity
Зroblem with access to site files, SSL error.
Help
Intermediate certificate
Connecting printify to my store woocommerce
Intermediate certificate
Connecting to backend using unity
My website is not cross-domain accessible
Bad aes.js again
CORS Issue
Problem downloading/uploading files with php
How to remove ?i=1
404 error on off
Enable Javascript for API
Clients side server not responding
Stupid antibot thing doesnt let my game work
Is it possible to disable the requirement to use Java Script when using a site withąt a scripts? (fr
I need de SERVER_URL
I wish to use jetpack in my WordPress account
Why are meta tags dysfunctional in free hosting?
Error when connecting Printful plugin to Woocommerce
How to link to website in IFrames
Access DB Through Discord Bot
CORS Error
Fastcron not working
HTTP 500 Error
My site
CORS Policy
Bing - URL cannot appear on Bing (Page Fetch Failed)
Ads.txt Management
Waf
Is it possible to make GET and POST http requests to your website in here?
Posting with XMLHttpRequest works only on same page
Connecting with Unity Issue
Joomla all video share extension ads problem
Linking directly to images from another URL/forum?
Error connecting automate.io to wordpress
Why does my website look different on my domain vs free subdomain?
Error connecting automate.io to wordpress
What does cause io overuse ? (these are my plugins)
Hi Can i host a rest API using infintyfree?
Iframe not working
Error: cURL error 35: error:14094438:SSL routines:ssl3_read_bytes:tlsv1 alert internal error
Uploading a PHP file
Jetpack installation not working
Infinityfree blocking watchful.net?
Cant load file from desktop app
Critical path css generators not working
Issues with meta fields not detected by seo tool, but working on my other dev server
Certificate verify failed
Why are my files deleted after uploading them
Certificate verify failed
Exclude some sites from my account blacklist
Resource usage warning on 0 traffic site
Let's Encrypt & OpenGraph | Not Sub Domain - The certificate is not trusted in all web browsers
Having trouble installing statcounter on WordPress site
Having trouble installing statcounter on WordPress site
I try to send data in post via python on my Api
HTTP Request gives 302 Redirect
Telegram Bot wehook info erro
I Cannot Connect My Database For Login Forms
My Website Down - Ezoic Origin Error
Can i use PWA in infinityfree
Open Graph Not Showing
Is my website okay?
Ads.txt support
Unblock Port 80
The server Is probably offline | Error
Autorefresh redirect problem
I can’t get Google to crawl site
Can't install SSL Protection
Trying to make my website backwards compatible
Hosted site is not working because /aes.js is returning "This URLs or Page has been blocked."
Preflight (OPTION method) requests are redirected to the default 403 Forbidden page
Confused about running a php script without running a web page
Verify my site's domain on facebook
I can’t get Google to crawl site
Browser complains about cookie "__test"
Cross Origin Read Blocking(CORB) on images
Unable to integrate quic.cloud
Unable to activate Cache-Control
I can't connect to wordpress rest api
Sitemap help
Webpage Saving Speed and Cloudflare Question
I need help
Hi Can i host a rest API using infintyfree?
Javascript
Few question about premium features
Unable to activate Cache-Control
Whitelist
The JavaScript code is not allowed
Javascript
Is there any option to access infinityfree database in android app using API or any other way
Download via http
.gif not showing
GoGetSSL - Intermediate certificate issue
Error at Update Widget modification on Wordpress
Json_object php
Wordpress TTFB extremely long on first attempt
Embed .pdf from infinityFree domain on other webpage: not displayed
My website shows SSL errors
Mysql Databasses
Troubleshooting error returning json when acessing db table
I can not get access to the database with React
Checking up time with UpTimeRobot gives a 403 Forbidden
WordPress error when saving: "There was an error. You are probably offline."
Is it ethical as per polices of Infinityfree to convert XML(RSS feed) data provided by public News portal into JSON and then export it from?
Aes.js is bad
Bingbot reading HTTPS robots.txt incorrectly
Bingbot reading HTTPS robots.txt incorrectly
Can't resolve m3u8 playlists
403 forbidden
Themegril Demo importer not working/ loading
Indexing and Sitemap error in Google Search Console
Still no success with db and json
Tag img src
Title and meta description tags
When i press verify to check if my folder is uploaded it doesn't work
Http 1.1
Distorted Wordpress Site
Couldn't connect to my database
HTTP request content type fix
Redirecting router react on android
Facebook preview debug: return document is empty
Embed Not working
Do infinityfree needs wordpress , is it mandatory?
Using Web Share API (https?)
FreeFind cannot index Epizy site
Gif files hosted on site not embedding
Website not opening in android studio
Cannot create a product using WoocommAPI
How can I access api.example.com at www.example.com
Access site API using automation tool
CORS policy
CORS policy
Hot do i remove X Frame option
400 Bad Request Error
How to solve this
$_POST does not working
Integrate a website
Why is there a security system
Cannot use iFrame
Dns_probe_finished_nxdomain
Display website on WiX "embed a site" not working
Could you could assist me in determining why my website opens so slowly and why the Facebook sharing debugger returns an error?
Your host has enabled DDOS protection, the call cannot be excused.
Api not running perfectly
SSL shop connection fails
C# visual studio .NET application GET request not going through
Unable to play media files with media player third-party
Hit limit question
Website loading slow
Unwanted javascript message
Logging in to WordPress.com
Temp Mail Service
URL connection error
No site preview in discord
HTTP Headers
RSS Feed Error & Not Working
BandWidthModule in .htaccess
Htaccess - Need all variations to point to https:// (non www.)
Meta tag doesn't want to work
Taking data from page with onother program
Hello, it is not possible to upload a file to the site directory is it paid or free how to do it?
Browserless
Files cannot be reached from other websites
CEO Not working
Payeer api error
CDN not working
Database link failed
SpeechRecognition API
FB developer callback URL
Cannot edit my site from sitebuilder
Is InfinityFree hosting support webhook?
WordPress Rest API
Access to XMLHttpRequest has been blocked by CORS
My website couldn't be archived by archive.org
Parked Domain names displays white & Black background
Geoplugin
Cannot link to my files, nor access site through FTP client software
Verify my site's domain on facebook
Putting my site in PHP is a real problem for me
I am not able to make REST request
Some Problem With Server
Php app video not playing in video player but plays in chrome browser
Infinity free
Not connecting by Api, Any solution plz?
Problem With GET Method
Does infinityfree support renders?
Security Issues
Error I can't resolve (free account)
API not working correctly
Curl error 52: Empty reply from server
Curl error 52: Empty reply from server
Cant use keyword density tools
How do I change the DNS configuration?
Can i use my site database as internet of things iot database?
Stripe webhooks
Am I able to host my discord bot
Preview image of my site doesn't show
Image preview for social media not showing
GTmetrix error on a brandnew Joomla 4 test site
How can I clear cache data from my websites?
Please I usually get this error anytime I want to validate my sitemap andy sitemap is not working
How can I clear cache data from my websites?
All online sitemap generator generates empty sitemap file?
How to set website to accept iframe links
Can't connect to FTP and MYSQL even if website is ready
SSL on www doesn't work
How do I get PWA to work?
GET and POST requests not working?
SEO not working in WordPress
Xmlrpc.php not loading
I can’t analize the SEO of my site
Prevent Linkvertise Bypass
All web pages return http 500 not sure why
All web pages return http 500 not sure why
All web pages return http 500 not sure why
Unable to connect to SQL vi PHP
All web pages return http 500 not sure why
All web pages return http 500 not sure why
CSS background-position Property
Search engine bots cannot read my URLs
MessageBird API not working on Domain
Domain key
Disable JavaScript requirement and site redirects to Google Support
Does InfinityFree (With WordPress) prevent rel="me" from working on sites like Mastodon?
Does InfinityFree (With WordPress) prevent rel="me" from working on sites like Mastodon?
404 error?
Where exactly the root folder
The CORS Problems
Cannot use view.officeapps.live.com with infinity free
.json files
I have this error Error establishing connection to host
Facebook pixels not detected on my site
Question about premium upgrade and pings
Question about premium upgrade and pings
Inserting data into database using microcontroller (ESP32)
Am i allowed to host an API?
Unable to use wordpress plugin 'jetpack boost'
Plugin Issues with WordPress
Server Config File
Htaccess file & mozilla observatory
Domain Pointing
Folder not published to domain
Project Honey Pot Error
Bingbot can't crawl my website
Get request to page returning HTML
Curl returns 92, browser ok
I wish to use jetpack in my WordPress account
My website image url not able to show preview/thumbnail to reddit post
Discord OAuth2 Use
Cors
Website asking me to turn on Javascript and cookies
My domain work in browser but doesn't work in my front end code
Wordpress and ActivityPub not working
Api?
403 acces denied
Callback data not received
CORB error
POST, PATCH and DELETE method CORS problem
anti-bot bug in hosting
Help me with ads.txt
Communication between server and c++ winsocket
Is domain with rf.gd has any problems?
Missing SEO informations when posting url with https (title, meta description etc.)
Websockets on node js server proxied with a cname record
Website redirecting to "Turn cookies on / off"
I cant create APIs on InfinityFree (and other hostings that are powered by iFastNet)
Getting SSL Errors when trying to import products with printify
Google isn't able to crawl my app-ads.txt file
I just dont know how to use CURL (requests)
Google Search Console not detecting my sitemap https://site.rf.gd/sitemap.xml? "Couldn't fetch"
API json data not showing when we are hitting link it show a html page not show json detailes
Jwt
Actual Privacy Policy / GDPR
API requests paid plan
Cors
Can’t edit website
Belnet.epizy.com
Uploading data to sql database using nodeMCU through php file
Gateway timeout when using get request from unity
Uploading data to sql database using nodeMCU through php file
Can anyone send requests to my php endpoint
Some pages not found after hosting
Redirecting to “Turn Cookies on or off” - Google Support
Please help with file_get_contents
cURL error 60: SSL certificate problem: unable to get local issuer certificate
Fetch json api blocked by cors
Google Search Console Index and safeweb norton verifed
Site navalforces.org
Redirection not working?
Why i cannot go to xmlrpc.php file on my website
I need help
Site can access the image of it's own subdomain
Featured image
Can I connect to IFastNet database with a Python script located on browser?
Website with adsense
SSL certificate
Cant set php file as postback url
How to deploy a ts script?
Source
Source
Cannot see errors in Codeigniter project
Webhook Issue
The REST API returned an unexpected result
Access to fetch has been blocked by CORS policy
XHR progress not working
Error In Adding Sitemap
How to build a PHP API Server
The CDN was interrupted by the origin server’s firewall
Error accessing to some files
I can't see my thumbnail review on facebook whenever I share website URL on facebook
So that the description of the website and the name of the website?
So that the description of the website and the name of the website?
So that the description of the website and the name of the website?
Verification
File Manager tree directory question
How to tell if .htaccess is working
Unexpected response
Problem with site redirect
Question about cms on php
Parcelpanel addon error during its setup in Wordpress
Why can not import products from spocket
My urls dont work for some reason
Can't open the url programmatically with java?
Trouble with PHP Script Execution on InfinityFree: JavaScript Dependency Issue
I want my website to be embedded into other website
Cron Job Feature is now disabled
Yandex cannot index site dut to error 403
WordPress Theme Issue?
Panda Security blocked access to my website
Security Scan Spring4Shell
Why php curl is closed why it won't open
Nameless MC
Unity MySQL error
If the server enable CORS?
Web Request Not Working
How to fix this issue? I have ssl but the error still exist
Channel Logos won't load or EPG Data don't understand why?
Cannot get raw text from file using get requests
Domain forwarding
Add here with masking option
Thank you very much, luckily the support I was able to do it now but I still have a little problem
Files only accessible from browser
SSL Error
My site doesn't always load the .xlsx file
Javascript on my site
Api
Not able to migrate
Need help linking a domain to discord
Transfering domain
Wordpress token issue
API Hosting
How to implement X-Content-Type-Options security header?
Error connecting WooCommerce to store
Firewall
Excited Newbie Needs Help with UptimeRobot 403 Error
How to fix CORS Policy block error?
Bingbot Unable to Crawl My MediaWiki Site Due to JavaScript Redirect - Need Help Disabling It
Facebook Debugger 403 Error on My InfinityFree Website
API Endpoint with Premium?
Can't I expose a REST API?
Sitemap Could not be read
How can i fix error 403 for my js file?
How to Schedule Scripts
Bing webmaster can not fetch my website
Thumbnail regeneration is stuck
Cant not view my page from WebView
Server error
How to verify using discord https
Subdomain webview android app not working
SSL Certificate and password questions
My site problam in bing webmaster tool
Error 403 Index issues
Problem Connecting Make.com to WordPress
Problem Connecting Make.com to WordPress
Blocked by ORB
Curl result not working as expected
SSL certificate for a Punycode domain
Chrome Blocked Site, phpinfo() and .htaccess
The downside is search engine e.g. cannot be posted to Google
Why my website showing this?
Question
403 error on site
MySQL cannot do CRUD functions via REST API
PHP script that checks inbox for incoming email and creates a support ticket
Image doesn't show in WhatsApp
Mercadolibre Developers
HTML 3WC validator via Infinityfree
Unable to fetch content
Problems getting to the website
Image Uploader
Upgrade the free hosting account
Connection to php fails - takes too long to respond
How can I check my web pages for broken links?
Connecting woo and jetpack, server issues?!
My website doesnt redirect traffic to https
Strange HTML Response with AES Script When Calling My PHP API
Php Mailer Problem idk if php mailer was working here
Strange HTML Response with AES Script When Calling My PHP API
Unable to scan Flarum forum
Ads problem
cURL error 60: SSL certificate problem in WordPress
Issue with robots.txt file serving JavaScript instead of plain text
Public embeds show Cookies not enabled pop-up
Https://toolshubs.rf.gd/
Restrictions on PHP
Error 404 in CodeIgniter code
Module Blog sitemap couldnt fetch
PHP hosting issue
Restrictions on PHP
Restrictions on PHP
Can't connect to site without js
Error
Iframe, url embed, and rss not working from InfinityFree subdomain on Wix site and external widgets
File protection directives do not work htaccess
Error checking site in Website Image Analysis Tool
WooCommerce JSON Error: Syntax error
Whitelist bingbot?
How can I unlist a website?
Why is there no preview when I post my website link places?
Login error (Javascript Bypass)
Jetpack plugin connection issue – cURL error 52: Empty reply from server
Solution for PWA ( Progressive Web Apps )
My website keeps going down
Newest issue for Indexing my website in Bing
Google Search Console 403 Error When Indexing Pages
Newest issue for Indexing my website in Bing
Issue: API returns JavaScript instead of JSON for non-browser clients
Only Head Information
Unexpected HTTP response code: 401 or 403
Testcookie-nginx-module __test
500 Error on Temporary Login Link (AI Access Issue)
I need to interact with my hosting website in the software, but it seems that a security mechanism 
Manifest.json file problem
About wordpress api
Anti Bot help
Jetpack and woocommerce connecting problem
Urgent: PWA (Progressive Web App) Interference - Incorrect Content-Type for manifest.json a
Error on https://validator.w3.org/
<html> <body> <script type="text/javascript" src="/aes.js"></script> <script> funct
Mass Wordpress Blog Post
Wp error page 404 which should give server response 404 always gives 200
Wp error page 404 which should give server response 404 always gives 200
Site opens OK in browsers, selenium webdrive error
Bot Protector
How to fix this?
Am I allowed to have an img proxy?
Jetpack connection error - cURL error 56 SSL issue
“WP-Cron & Loopback Issue: 403 Forbidden – Events Not Running”
How to remove ?i=1 from the website?
SSL Certificates
PDF Content-Type Response Blocked by Server – Request for Clarification
Site not indexing on Google due to JavaScript redirect
Can I make POST requests to an endpoint on my website?
This site requires Javascript to work, please enable Javascript in your browser or use a browser wit
Manifest.json and sw.js text/html
My website provide a preview on any social media
Facebook and Social Media Crawlers Getting 403 on My Site
Issue with sitemap: Generating Urls of Padding as Page
Request to Temporarily Allow Verification Bot Access for Domain Ownership Verification
Question about settins or firewal
Site embed inquiry
Site Health
Asking for Information
CORS issue
Question about settins or firewal
Question about settins or firewal
Problems with internal PHP file calls with fetch
Sharing link on WhatsApp image thumbnail not generated. Please guide
All 66ghz.com subdomains seem to be inaccessible
How to remove sucuri fire wall
Https://chungtn.click
Https://chungtn.click
Sitemaps being overrided from application/xml to text/html
Wordpress Installation problem
Anti-bot JS Injection
Unable to track traffic source through GA
Issue
Issue
Background (Cron) Job?
My css and js files is not working
Getting 403 when app access
How can I find the system domain?
Prestashop error 500 in previous versions
API Endpoint POST Request Intercepted by Anti-Bot Page (sgvstudio.great-site.net)
Is it allow use iframe with infinityfree files?
Requests to the file on the server are blocked
?i=2 was appended to uploaded .html file
Google Merchant is having problem with my feed
Hosting 42web.io cháș·n Webhook với lỗi "This site requires JavaScript"
System wide ssl certificate not working on great-site.net
My InfinityFree website is not accessible via chatgpt.com - 502 bad gateway - blocked
How to prevent the website from being embedded in frames, iframes, and similar elements?
WooCommerce with Oxapay.com
API requests from ESP32 being blocked - Cloudflare/javascript requirement issue
How can I fix this? I can't site map my wordpress site
Wordfence scan not starting – need outbound IPs whitelisted
Issue with aes.js preventing Google from indexing my site correctly
Regarding the __test cookie
Getting unexpected 403s from the hosting?
Injects HTML Into API Response — Cannot Return Plain Text
Mp3 Files
Unable to access pages or create new ones
Trying to Implement GTM browser on elementor site error
Telegram Bot and support web app
Unable to crawl my website pages please help
Wordpress REST API problem
Wordpress REST API problem
Server protection
Server blocks requests to WordPress REST API
Server blocks requests to WordPress REST API
Issue on my woocommerce or printful integration on wordpress
Any protection against scraping AI bots?
Adding Security Headers
App-Ads.txt Issue for Unity Ads: unsupportedMediaType
Prévia do link do site
Error load page HTTP ERROR 500
Cookies used by InfinityFree / i FastNet
Problem with "fetch" and JavaScript-based cookie test
Extension:CentralAuth
Activation of Woopayments fail
Javascript api error
Cors error
Need to make remote datalogger on my hosting
Console in C# that edits files of my domain
I need help in adding my subdomain (landing page url) to submit on BING Webmaster along with Google
Do I Can Make API for Android Application
Unable to read sitemap
Upload data to mySql database
Link to picture on File storage
PHP Script Redirection Issue Due to InfinityFree Security System
Can't receive files with php
REST API Response: (403) Forbidden
3

You have a spelling mistake.

11 Likes
5

why?

2 Likes
6

Please read the article. It explains why:

14 Likes
7

is premium plan can solve the problem of api access

2 Likes
8

Yes

5 Likes
9

good

1 Like
10

A bit annoying, I could not use Ahrefs Webmaster Tools with my domain. And I am not sure why you as a separate company are trying to make people upgrade to premium

11

Please don’t mistake correlation for causation. The fact that this system is present on free hosting but not premium hosting does not mean that we purposely put this system on free hosting to bully you into upgrading.

The rules for free and premium hosting are generally the same, but with premium hosting, they are just implemented in a more lenient way to avoid impact on legitimate websites.

And iFastNet is a separate company, yes, but they pay for the majority of the free hosting costs. And iFastNet they have made it clear that they need a healthy upgrade percentage to be able to continue the service. So there is definitely an incentive to upgrade. InfinityFree also gets kickbacks on upgrades.

The purpose of this system is to protect our servers and your website from bad bots. Since we only provide website hosting, the impact this system has is acceptable in our opinion.

7 Likes
12

All a bot has to do to bypass all this is accept cookies and be able to run JavaScript!

13

Which takes more resources than you’d think. And APIs still won’t work.

6 Likes
14

It also has to be able to set cookies and keep track of redirects and such, which is usually way more then what basic HTTP libraries can handle.

7 Likes
15

It depends on the kind of bot. Any bot that uses a (headless) browser will have no trouble bypassing this system, but the overwhelming majority of bots are simple scrapers that just use basic HTTP calls, because it’s much simpler, more efficient and more scalable.

Most bots just scour the internet looking for easy targets. And this browser check system makes a site no longer an easy target.

The security system is definitely not unbreakable, and will do little to stop a targeted attack. But it will block the armies of spam crawler just looking for easy prey.

9 Likes
16

A post was split to a new topic: Change site name

17

I apologize, but I want to know:

This security system sends a cookie (if one has not been set yet), redirects to the page again with ?i=(X)(If cookie wasn’t set), determines the number connected to i to either execute code to validate or go to a “Cookies Disabled” page.

This security system, since it may involve visiting a page twice or more, does it count against our Hits counter?

18

I would imagine it counts as 1 hit, but I can’t be sure.

19

once and for all let me repeat :slight_smile:

aes.js is executed before anything else (it is the first thing in some hierarchy)

The challenge is run before the traffic actually hits the user’s account
and only when someone passes that part where they check if they can run JS and store cookies then,
only then does the server space (your web files) get accessed
and only then do HITs start being calculated

or in short aes is not counted as hits

8 Likes
20

I tinkered with an Android App and of course hit the Brick-Wall with the AES.
Now, I do understand security concerns and such, but if one does a tad bit of digging and can basically cancel out that feature, the Question comes up, why bother with it in the first Place? For many, this “feature” has been more an annoyance than benefit. Often Developers use services such as this Site to “play” with new ideas and explore options and possibilities. For the most part, I have completely reverted to other options. Mainly also due to the fact that help is lagging. There is an ancient Post about .htaccess being instantly deleted, solution? None. Solve? Nope.
Now, I have my work around using Android and AES, but digging was rather time consuming.

21

It’s mostly there to prevent bot attacks, web crawling nightmares, etc. Yes, it is possible to work around, but note that if you use your workaround to violate the terms of service, your website will be suspended.

7 Likes
22

Thanks for ignoring the .htaccess Question.