Ask HN: Using VPN I get captcha'd by Google search – for what reason?

3 points by perlpimp ↗ HN
I am using an established VPN provider. For some reason when I execute search using google services I get confronted with google catpcha trying to verify, something is bothering their systems.

Just wonder what might be causing this, if anyone ran into that and how I can stop this.

9 comments

[ 2.8 ms ] story [ 37.9 ms ] thread
Theories:

Too many different users from one IP

the VPN provider uses IP space from their hosting provider and normal users normally don't have IPs from a range where you'd expect servers

Someone ran bots from the same IP range (hosting provider)

In my experience a shared IP gets you this.
Especially if it's shared with Windows machines that may or may not be infected by botnets. Or is a large corporate proxy -- I got a fair few Google captchas within Yahoo! UK.
Windows Servers are rarely infected with botnets. Linux servers actually out-number Windows Servers for malware now (by a fair margin).

Windows clients are an entirely different story, but we're talking about VPS which are almost always Windows Server.

I run my own OpenVPN server on DO and experience this. There are fewer users (only me, and not that often) on that IP then my home IP.

I always assumed that it was due to the netblock the request originated from.

Experience this with Google and Cloudflare

Yup. Got a DO VPN and get this. Didn't always get it though, can't remember when it really started but I think within last year or two.
We had this issue in the office, as we are dealing with many types of malware and viruses we were sure that we have some kind of bot in the network, we traced some queries to google from one VM, than killed it and the requests started coming from other VM and so on.

Eventually we were able to pinpoint this to specific toolbar that was bombing Google with PageRank requests.

After removing this toolbar- all went back to normal, so perhaps some users that using the same VPN provider are using some sort of tool and abusing google.

Shared IP, inhuman number of queries per second. And an IP which is associated with a hosting provider (AWS, Azure, Etc) and thus unlikely to be a user endpoint. Lots of scripted searches are identified on those two data points.
My pet guess would be that the VPN provider is anonymizing cookies for you in some way to provide more secure browsing, and it's causing Google to be a bit leery that you might be trying to automate searches through them. Whether this is feasibly possible or not also depends on your VPN config, given Google's use of HTTPS everywhere.