Summary

Users get intermittent Captcha requests during normal usage of Confluence as in the example below:

Diagnosis

By default, Confluence only presents captchas on the login screen after a few failed login attempts. This means those captcha screens are from an external entity. That can also be confirmed by the styling of the page which does not match the Atlassian one.

To understand the source of them, proceed as follows:

1. Generate a HAR file while replicating the issue, so we can check the requests (remember to check "Preserve Log" on the dev tools panel):
   1. Generating HAR files and analyzing web requests
2. Once the HAR is generated, go to the Console tab of the dev tools panel and save the logs from there as well

Cause

Inspecting the requests on the HAR, look for 403 or 401 HTTP response codes. Then, review the response headers of those requests, you should be able to find the server header as follows:

Request URL: https://confluence.company.com/pages/doeditpage.action?pageId=111222333444

Response:
403 Forbidden 

server cloudflare

In this case, we can see the source of this response is Cloudflare.

Solution

Reach out to the network team with the information above. The findings show that the CDN tool is configured to trigger the captcha requests under certain circumstances. Some tweaking might be needed on the settings to avoid them showing up constantly, or there might be an extra requirement for the end users to avoid this situation (e.g. usage of a browser add-on or VPN connection).