Jackett: [yggtorrent] Exception (yggtorrent): Clearance failed after 10 attempt(s).: Clearance failed after 10 attempt(s). (Test)

Duplicate of #8635

Hi @Bastien42,

This issue looks similar to #8635.

To prevent issue tracker clutter, this issue will now be closed. If you feel this issue isn't a duplicate of #8635, then feel free to post a comment on this issue stating why it's not a duplicate. Your comment will automatically re-open this issue.

other thread was closed because fixed as we know cloudflare are being arse and changing shit around and it's again down

Same here, annoying as fuck

Same issue here

Down again... Facing the same issue.

Same here.

even here, another cloudflare problem ... it looks like they don't like Jackett ...

@bossovitch jackett is a bot, spamming the website ... So, yes cloudflare doesn't like it 😂

This time the challenge is more complicated. Basically I have to build my own web browser to solve it.
I don't have time and I probably won't have it in the future. Start thinking about an alternative page.

@ngosang not possible to use any headless browser ? like phantomjs ?

Maybe I can help, but I'm not a C# developper ... more js / node.js developper

I don't have time and I probably won't have it in the future. Start thinking about an alternative page.

well any idea of software like Jackett that could work ? or any other idea than change website because in france that's the only viable option really

ps : i'm aware and not pushing you for it but know that more and more torrent site use Cloudflare like 1337x and more

I don't have time and I probably won't have it in the future. Start thinking about an alternative page.

well any idea of software like Jackett that could work ? or any other idea than change website because in france that's the only viable option really

ps : i'm aware and not pushing you for it but know that more and more torrent site use Cloudflare like 1337x and more

I agree, it's the only one 👍

Just to say there is also sharewood in french (not as complete) but yeah it's bad luck that ygg is using cloudflare. Hope someone can help.

We are doomed. When u see u need some server to sort the issue can u explain a little maybe someone else can create it ?

There is a thread « jackett » on yggtorrent forums
Some of us are trying to convince the staff to offer an API access, even if we have to pay for it because of the loss of Revenue due to the automation instead of manually visiting the site
We need as many people as possible to make our case, so please go on this thread and comment

There is a thread « jackett » on yggtorrent forums
Some of us are trying to convince the staff to offer an API access, even if we have to pay for it because of the loss of Revenue due to the automation instead of manually visiting the site
We need as many people as possible to make our case, so please go on this thread and comment

The link if anybody speak french or not after all just push the site owner to implement a better and lazier way of endeling anti DDOS protection let's hope maybe one of the Jackett dev which are volunteer btw so be considerate :)

https://www2.yggtorrent.se/forum/index.php?threads/cloudflare-sur-les-flux-rss.35375/

There is a thread « jackett » on yggtorrent forums
Some of us are trying to convince the staff to offer an API access, even if we have to pay for it because of the loss of Revenue due to the automation instead of manually visiting the site
We need as many people as possible to make our case, so please go on this thread and comment

That's what I just did. There is quite a bit of pushback from people who think CF is the only solution to protect YGG from attacks and ensure its survival. Yet, other large private sites work perfectly well with Jackett without going to the same extreme as YGG. We are a very small minority who are running highly efficient tools like Jackett, so we probably don't count for too much for sites like YGG with millions of members. Not to mention that the RSS feed circumvents all the ads that generate their revenue. I started looking for alternatives for French media, but it won't be easy. If anybody knows one close to YGG's level, please let me know.

We need as many people as possible to make our case, so please go on this thread and comment

The link if anybody speak french or not after all just push the site owner to implement a better and lazier way of endeling anti DDOS protection let's hope maybe one of the Jackett dev which are volunteer btw so be considerate :)

https://www2.yggtorrent.se/forum/index.php?threads/cloudflare-sur-les-flux-rss.35375/

That's a different one. I posted on https://www2.yggtorrent.se/forum/index.php?threads/jackett.33557/

There is a thread « jackett » on yggtorrent forums
Some of us are trying to convince the staff to offer an API access, even if we have to pay for it because of the loss of Revenue due to the automation instead of manually visiting the site
We need as many people as possible to make our case, so please go on this thread and comment

That's what I just did. There is quite a bit of pushback from people who think CF is the only solution to protect YGG from attacks and ensure its survival. Yet, other large private sites work perfectly well with Jackett without going to the same extreme as YGG. We are a very small minority who are running highly efficient tools like Jackett, so we probably don't count for too much for sites like YGG with millions of members. Not to mention that the RSS feed circumvents all the ads that generate their revenue. I started looking for alternatives for French media, but it won't be easy. If anybody knows one close to YGG's level, please let me know.

BTW RSS feed now suffer the same issue as the main scrapper they are protected by CF so now the site is totally unusable with jackett and any automation tools ;) feels bad because i don't think they do that out of spite but really out of laziness their argument being until we get attacked we will use CF great Sharewood is another french tracker and site semi private too ratio based but the content is just not here when it comes to fully private french tracker i just don't wanna get into that they are almost inaccessible and don't have that much content.

Sharewood is another french tracker and site semi private too ratio based but the content is just not here when it comes to fully private french tracker i just don't wanna get into that they are almost inaccessible and don't have that much content.

Yes, I registered today on Sharewood. It has nowhere near YGG's content, but at least it's playing well with Jackett. We'll just have to see where it goes.

As for the tone of the discussion on YGG's forum, I did not like it one bit. I thought 1.65 Tb of upload would give me the right to give my opinion. I was basically looked down as a lazy complainer who was more part of the problem than the solution. I did not feel any desire whatsoever to make a compromise in the direction of an API or anything else for that matter.

As for the tone of the discussion on YGG's forum, I did not like it one bit. I thought 1.65 Tb of upload would give me the right to give my opinion.

yes and no ... 1.65TB is not lot of data ... and I think lot of users upload really more ...
( just because I think you are french, 1o = 1B = 8b so 1To = 1TB = 8Tb, so 1.65Tb = 200Go )

It's not part of the problem, but I read an article about YGG, and figure out it's just a big cash machine ....

For this bug, the big problem, is cloudflare, and seems to impact lot of websites :/ ...

i tried too on the forum, but there is nothing to do, i ended up deleting my message coz there were no debate possible. We have to find another solution.

1.65TB is not lot of data ... and I think lot of users upload really more ...
( just because I think you are french, 1o = 1B = 8b so 1To = 1TB = 8Tb, so 1.65Tb = 200Go )

Trust me, it's not just 200 Gb. On their site, YGG write "1,65 To". I did not pay attention and just translated it to 1.65 Tb. On YGG, a typical movie size will be listed as 4 Go. On TorrentLeech, the same torrent will be listed as 4 GiB. So I guess YGG's 1.65 To is equivalent to 1.65 TB on TorrentLeech.

Trust me, it's not just 200 Gb. On their site, YGG write "1,65 To". I did not pay attention and just translated it to 1.65 Tb. On YGG, a typical movie size will be listed as 4 Go. On TorrentLeech, the same torrent will be listed as 4 GiB. So I guess YGG's 1.65 To is equivalent to 1.65 TB on TorrentLeech.

I Trust you :) .
Yes, 1.65To = 1.65TB, but not equal to 1.65Tb (not the case of the b . B => Bytes, b => bits) (TiB/TB is something different, but they are nearly equivalent ) .
And 1,65TB is not lot of data ... I remember an uploader uploading more than 1PB years ago .... imagine now, what a user uploading lot of data ... I think they have more than 500To in upload ...

Sharewood is another french tracker and site semi private too ratio based but the content is just not here when it comes to fully private french tracker i just don't wanna get into that they are almost inaccessible and don't have that much content.

Yes, I registered today on Sharewood. It has nowhere near YGG's content, but at least it's playing well with Jackett. We'll just have to see where it goes.

As for the tone of the discussion on YGG's forum, I did not like it one bit. I thought 1.65 Tb of upload would give me the right to give my opinion. I was basically looked down as a lazy complainer who was more part of the problem than the solution. I did not feel any desire whatsoever to make a compromise in the direction of an API or anything else for that matter.

I'm loosing time arguing too, they really don't give a f*ck about us. Some of the members even trying to be smart, exposing there "knowledge" and telling us "you just have to create you own torrent site" or "create a python script to avoid CF :facepalm: "
It's really a shame, with the actual CloudFlare captcha, we might be forced to go somewhere else.

They have no interest to unlock this situation, when you use jackett, you don't watch their ads...

They may be interested if the API access was conditionned to a payment, like an NZB indexer. But even then, it would be a drop in the ocean of money they are making so they won't probably bother

This time the challenge is more complicated. Basically I have to build my own web browser to solve it.
I don't have time and I probably won't have it in the future. Start thinking about an alternative page.

Hello, can you expose us a little what your thinking about "build my own web browser to solve it" ?
Do you refer to this?
https://gist.github.com/Mouton99/4aa70341b42d02800239efafbf9acd79

Using selenium is a really heavy solution ... Which user will install a
complete selenium + chrome automanaged ? I think, the solutions can be :

• an headless browser packaged (phantomjs)
• a webextension, talking with jackett server, and retrieving the webpage
  with the connected user
• other
  But for me selenium is really complicated to install for a "lambda user"
  ... ( For me, I can deploy a docker stack easily, containing all of this
  ... But that's my job ... )

>

If this cloudflare issue is specific to Ygg and the only solution is to heavy, may be jackett should just drop the support for Ygg. They just deleted the thread on their forum without any warning. They clearly don't want to talk about that or do anything about it. People that use jackett or Rss feeds are really not important to them.
You should all look for other French alternatives, like Sharewood, even if the content is far from the one on ygg.

It's specific to any website using cloudflare. Like torrentz2 for example

@ngosang
Would integrating an anti-captcha service, like bazarr did, be a viable solution, or it's not related to the issue?

Bazarr use service from Anti-captcha
I don't know if it's possible with Jackett?
https://anti-captcha.com/apidoc/hcaptcha

I don't like that they just shut us up by closing both threads... We should just all switch to sharewood or whatever.

Ok, could try OnlyScene too.

Let me explain the current situation. Several torrents sites have Cloudflare as a protection against bots (like Jackett). Not just YGG, Torrentz, Limetorrents, BTDB... Cloudflare offers 2 kinds of protections:

• Javascript challenge => This is used by most sites (the webs I mentioned before), the user has to wait few seconds until the browser does some calculations with JS. Until now we were able to solve this programatically (downloading the html, parsing the js code, solving the challenge, sending the answer...) This is not working anymore because in the latest change they are not using only Javascript Code, they are making several HTTP request, saving cookies, etc.
• Captcha challenge => We weren't able to solve this. In this case we request the user to copy the cookie from the web browser. In this case, a external captcha solver service could be used but we have to make several changes in Jackett to make it configurable and you have to pay one of those services for each captcha.

I'm going to focus in the JS challenge from here. Possible solutions:

1. Be nice and request the web owner an API or RSS feed without Cloudflare. This is not going to work in public sites because they earn money with advertising, not with bots. So they are trying to ban us, not to help us.
2. Drop support for sites with Cloudflare. We are already supporting around 500 sites and only around 20 have Cloudflare. Fuck them. I'm sure you can find alternatives, public or private.
3. It's possible to improve the current code to solve the new challenge but I'm not motivated because they can change it at any time and add much more complicated things like CSS transformations, WebGL, WebAsembly... As I said in other issues before, they have much more time and resources than I have. This is a cat and mouse game that we can't win.
4. Use a full web browser to solve the challenge. IMHO this is the way.

Ok, lets suppose that I don't have 2 jobs and children and I want to implement 4) Alternatives:

• PhantomJS. Size 65 MB It's a shame that it's deprecated since 2016. I did a small test anyway and It's not able to solve the challenge because the JS interpreter is old.
• Selenium+Firefox: Size 200MB Firefox + 7MB WebDriver + Selenium = 220MB It will work.
• Selenium+Chrome: Same size as Firefox aprox. It will work.

Well, Firefox or Chrome then...

• Current Jackett size is around 100MB uncompressed. The size will increase to +300MB. I can live with this, but the problem is that Jackett publish releases everyday and the updater does not support incremental/partial updates. We will have to download ~150MB each day to keep Jacket up to date. It's possible to improve the updater but that is more work.
• We are supporting a lot of OS. Windows, Mac, Linux64, LinuxArm64, LinuxArm32. Builds with Docker, embedded systems... Chrome and Firefox are available only for Windows, Mac, Linux64. Yep, we can build the browser and the WebDriver for ARM from the source code. Although I have doubts about the WebDriver.
• Web browsers use A LOT of memory. Most users have Jackett running in a NAS or in a RaspberryPi with 1GB of memory. Starting a web browser, even if it's for a few seconds can crash the whole system.
• It takes time to start the web browser, open the site, wait until the challenge is solved... This is not big but some Jackett's responses will be slow.
• We have to make several changes in Jackett.
  
  
  
  • Changes to download the browser and the driver, uncompress, place them somewhere, set file permissions. Or bundle with Jackett (changes in the Azure pipeline..)
  
  
  • Changes in HTTPWebClient handler/interceptor to detect Cloudflare pages, launch the new resolver, wait until it finish (or timeout), grab the cookies and redo the original request with the cookie. This is more work than you think because Selenium, the web browser or the website can fail in 1000 different ways and Jackett has to keep working. Also remember that Jackett is multithread, haw are we going to resolve 2 challenges at the same time? Several instances of the browser? Thread lock?
  
  

Let's go back to reality. I don't have time for all of this. Maybe someone else can do it but currently there are no more c# developers in Jackett. Maybe we can open a bug bounty, reward or something but I'm not optimistic. @garfield69 ping

Wow! Thank you Diego for the very detailed post and your dedication to this project. The bottom line is that we are hitting a wall with the sites using CF to block bots like Jackett. Our only hope is that, despite what they say, they aclually want the traffic we generate. I was wondering if what they are doing is also affecting seedboxes who must somehow rely on RSS feeds to download and then seed huge volumes of data. If that's the case, won't they also complain?

As for the tone of the discussion on YGG's forum, I did not like it one bit. I thought 1.65 Tb of upload would give me the right to give my opinion.

Me and my 320 TB of upload also couldn't give our opinion....
Let's face reality guys, we need to switch because YGG admins won't change anything. As @ngosang said

they earn money with advertising, not with bots.

They even closed the Clouflare RSS thread on the forum.

As previously exposed we could in theory bypass the cloudflare protection but the time which is required to do so is simply not worthy. And eventhough it could be working, for how long ? Cloudflare is doing some really good job and are hard working to always fix the latest bypass.

Thanks Diego for your time on that issue, I really appreciate !

PS: Guys I'm open to any tracker suggestion. I Saw some are talking about Sharewood and Onlyscene, if you have some other let me know !

Me and my 320 TB of upload also couldn't give our opinion....
PS: Guys I'm open to any tracker suggestion. I Saw some are talking about Sharewood and Onlyscene, if you have some other let me know !

That says it all...

OnlyScene seems to be private but they are open for registrations at the moment. I'm still waiting for my confirmation email however...

Hi o/
I got wind that the Cloudflare protection on the RSS will soon be removed, when the DDoS starts to calm down, because at certain times the site became impossible to open. On the other hand, there's no news about an API, and I'd be surprised if that ever happens, unfortunately.

Unfortunately, we'll have to wait and see how the situation evolves. If all goes well, RSS could potentially come back.

Me and my 320 TB of upload also couldn't give our opinion....
PS: Guys I'm open to any tracker suggestion. I Saw some are talking about Sharewood and Onlyscene, if you have some other let me know !

That says it all...

OnlyScene seems to be private but they are open for registrations at the moment. I'm still waiting for my confirmation email however...

For OnlyScene check your spam mine was in there

Hi o/
I got wind that the Cloudflare protection on the RSS will soon be removed, when the DDoS starts to calm down, because at certain times the site became impossible to open. On the other hand, there's no news about an API, and I'd be surprised if that ever happens, unfortunately.

Unfortunately, we'll have to wait and see how the situation evolves. If all goes well, RSS could potentially come back.

At least the RSS for sonarr that's more than the most important

For OnlyScene check your spam mine was in there

You're right! I found it in spam.

I got wind that the Cloudflare protection on the RSS will soon be removed, when the DDoS starts to calm down.

Ah, so maybe we and other large users matter more than this guy on their forum was ready to admit. In the meantime, I will keep looking for alternatives, just in case.

Hi o/
I got wind that the Cloudflare protection on the RSS will soon be removed, when the DDoS starts to calm down, because at certain times the site became impossible to open. On the other hand, there's no news about an API, and I'd be surprised if that ever happens, unfortunately.

Unfortunately, we'll have to wait and see how the situation evolves. If all goes well, RSS could potentially come back.

Yeah great but i would like to know where you get your wind from ^^

Yeah great but i would like to know where you get your wind from ^^

Nooody is a moderator on YGG's forum.

Me and my 320 TB of upload also couldn't give our opinion....
PS: Guys I'm open to any tracker suggestion. I Saw some are talking about Sharewood and Onlyscene, if you have some other let me know !

That says it all...

OnlyScene seems to be private but they are open for registrations at the moment. I'm still waiting for my confirmation email however...

What's the URL for OnlyScene? is it https://www.onlyscene.org/login ?

Me and my 320 TB of upload also couldn't give our opinion....
PS: Guys I'm open to any tracker suggestion. I Saw some are talking about Sharewood and Onlyscene, if you have some other let me know !

That says it all...
OnlyScene seems to be private but they are open for registrations at the moment. I'm still waiting for my confirmation email however...

What's the URL for OnlyScene? is it https://www.onlyscene.org/login ?

Yes

Well, I knew I had to do this but now it's certain :

• for most torrents sites, i'll still use jackett
• for yggtorrent, i'll make my own scraper that will rely on an external solution to bypass cloudscraper and a specific parser for ygg

For the external solution, I'm going to create a docker with a headless browser and a webservice that allows you to interact with it. For example, if you want to request a webpage :

• endpoint : POST /api/browser/request
• body :

{
   "app_id": "my_own_ygg_scrapper",
   "request": {
      "method": "GET",
      "url": "https://fuckthiscloudflareshit.com/exclus",
      "options" : {
           "timeout": 10
       }
   }
}

The magic thing will be that you won't have to pass cookies or smash your head because of javascript challenges because it would be as regular as a conventional browser. The cons are probably the ressources management (ram, CPU, etc).

Thank you everyone and @ngosang for all these hours you poured into this project !

Same here working on a aws lambda system to bypasse this cloudflare shit....

@pun-private what will you use to bypass hcaptcha?

for recaptcha i usually use puppeteer-extra-plugin-stealth and puppeteer-extra-plugin-recaptcha but it doesn't seems to support hcaptcha (cloudflare captcha) : https://github.com/berstend/puppeteer-extra/issues/208

@ngosang Best to close this issue and classify it as won't fix? I added a PR that removes the yggtorrent files as it is no longer supported by Jackett: https://github.com/Jackett/Jackett/pull/8871.

If Jackett has new contributors that add support for Cloudflare protections bypass, they are welcome to do so.

@pun-private what will you use to bypass hcaptcha?

I won't ! Never seen recpatcha or hcaptcha on the cloudflare used in front of ygg.

@pun-private what will you use to bypass hcaptcha?

I won't ! Never seen recpatcha or hcaptcha on the cloudflare used in front of ygg.

I'm seeing it all the times since a few days (I am now an expert in spotting umbrellas)... I'm not even using a VPN, but may be my jackett constantly trying to reach ygg led CloudFlare to blacklist my IP 😄

@pun-private what will you use to bypass hcaptcha?

I won't ! Never seen recpatcha or hcaptcha on the cloudflare used in front of ygg.

I'm seeing it all the times since a few days (I am now an expert in spotting umbrellas)... I'm not even using a VPN, but may be my jackett constantly trying to reach ygg led CloudFlare to blacklist my IP 😄

you see a capcha ? or just the loader from cloudflare ?
For me, I've only loader, lot of times (and I use jackett on the same ip)

@pun-private what will you use to bypass hcaptcha?

I won't ! Never seen recpatcha or hcaptcha on the cloudflare used in front of ygg.

I'm seeing it all the times since a few days (I am now an expert in spotting umbrellas)... I'm not even using a VPN, but may be my jackett constantly trying to reach ygg led CloudFlare to blacklist my IP 😄

you see a capcha ? or just the loader from cloudflare ?
For me, I've only loader, lot of times (and I use jackett on the same ip)

Yep everytime, I'm seeing the hcaptcha, most of the time with umbrellas to spot

at home i only have a loader. On kimsufi i have umbrellaa/bus etc... on aws same umbrella/bus etc...

Yep everytime, I'm seeing the hcaptcha, most of the time with umbrellas to spot

I saw it for the first time yesterday, with the umbrellas. But not this morning.

Well, I knew I had to do this but now it's certain :

* for most torrents sites, i'll still use jackett

* for yggtorrent, i'll make my own scraper that will rely on an external solution to bypass cloudscraper and a specific parser for ygg

For the external solution, I'm going to create a docker with a headless browser and a webservice that allows you to interact with it. For example, if you want to request a webpage :

* endpoint : POST `/api/browser/request`

* body :

{
   "app_id": "my_own_ygg_scrapper",
   "request": {
      "method": "GET",
      "url": "https://fuckthiscloudflareshit.com/exclus",
      "options" : {
           "timeout": 10
       }
   }
}

The magic thing will be that you won't have to pass cookies or smash your head because of javascript challenges because it would be as regular as a conventional browser. The cons are probably the ressources management (ram, CPU, etc).

Thank you everyone and @ngosang for all these hours you poured into this project !

Did you work on your docker container already? Not sure to understand exactly how it's going to interact with Jackett ^^

For the external solution, I'm going to create a docker with a headless browser and a webservice that allows you to interact with it. For example, if you want to request a webpage

@pun-private I was thinking of something like that, but instead of developing an API and make your own scraper (which will be website dependent), why not make the docker image work just like a proxy?

The idea being that the image run a minimal webserver, and upon receiving requests:

• matches the request to a distant website (based on hostname used seems the simplest to me, but could be port-based too)
• execute the request on the distant website via Selenium and maintain the state between requests
• return the response as grabbed by Selenium, just replacing via regexp all occurrences of the original hostname by the one configured

So for example, user would:

• deploy this Selenium+Proxy Docker instance, configuring it to map http://ygg.proxy to https://yggtorrent.se and http://www.ygg.proxy to https://www2.yggtorrent.se
• configure Docker so that ygg.proxy and www.ygg.proxy resolve to the Selenium+Proxy instance (could be done via Docker legacy links feature or network aliases / user-defined network...
• replace "https://yggtorrent.se/" by "http://ygg.proxy" as "Site link" in YggTorrent indexer configuration, and "www2.yggtorrent.se" by "http://www.ygg.proxy" as "Search and download URL" (that would require changes in Jackett indexer, see below)

That way the image would be fully generic. Scraper implementation could then stay in Jackett (whose job it is) and if/when Cloudflare protection is implemented on websites, users could just change the URL settings of the indexer to point to the Docker instance running the proxy.
This would be IMO the best implementation possible (very modular), and it could very well have applications useful to people in unrelated usecases.

Given than the NAS/seedbox has enough memory, setting up and configuring this Docker instance would be trivial, and users could run it on another machine if hardware requirements are too high.

@ngosang Thanks a lot for your detailed input!
If such solution could be implemented, would you be OK with leaving and maintaining such indexers in Jackett, with proper warning/inline help/label for users that such indexers require proxying to be configured?
On your end, the only required action for it to work (in the case of YggTorrent anyway) would be changing the "Search and download URL" parameter to include protocol scheme instead of it being hardwired in the indexer paths configuration, so that the proxy instance would not need be forced to support incoming HTTPS connections (and the related certificate validation possible issues).
On the long term, that would however require you (or any CloudFlare-protected indexer maintainer) to be able to run this configuration in order to maintain such indexers.

Sadly I've no time in the foreseable future to implement that, but it should we relatively straight-forward to develop based on existing Selenium images. The webserver part could be as simple as using a Python script leveraging the BaseHTTPServer package, analysing requests received, converting them to Selenium web worker calls and sending the response to clients.

@lapause Why did you need a proxy to control selenium ?

Selenium, work already with a hub, and instances . The instances can be deployed on other machines, and the first one use the webdriver to control the selenium browsers .

So, jackett just need to use the webdriver, and control selenium . But, if I correctly understand the message from ngosang, webdriver is not portable like jackett .... so, adding it will limit the possibility .

The next things, is that selenium (and instance), are really ressources consuming, and will not run easily on some low machines, like raspberry pi ...

The next things, is that selenium (and instance), are really ressources consuming, and will not run easily on some low machines, like raspberry pi ...

Yes indeed. Please don't forget those of us who are running jackett perfectly well along with sonarr, radarr, traktarr, kodi and other 24/7 apps (like ncdc in my case) on a RPi with 1 GB of RAM, including 256 MB allocated to video memory. I understand that sometimes the world has to move on in the face of adversity, Unfortunately, I'm no programmer and I can't really help with the solution, but to me, this is the difference between jackett and no jackett.

We all seem to agree that using a headless browser is the only way to easily handle Cloudflare-protected websites (at the cost of high memory usage, not available to all users).

I totally support @ngosang when he says that bundling Selenium in Jackett project is a bad idea.

@thib3113 IMO, the ideal way of supporting those usecases would indeed be for Jackett to support direct integration with Selenium instance. It could be a generic option available for all indexers : "Use Selenium instance to perform requests", with a hostname and a port.

However, that would probably have a significant development impact on their end. My proposal to bundle a proxy with Selenium in a 3rd party Docker instance was aiming to avoid that.

Yes indeed. Please don't forget those of us who are running jackett perfectly well along with sonarr, radarr, traktarr, kodi and other 24/7 apps (like ncdc in my case) on a RPi with 1 GB of RAM

@aarsenca I get it, but as stated by others if YggTorrent admins (or those of the other websites using CloudFlare) are not ready to take Jackett usage into account, that leaves us no other viable option. Bundling Selenium and a proxy into one Docker instance would at least allow a solution for owners of NAS with more hardware resources, or give people the ability to run the Selenium instance on a dedicated Raspberry if it's important for them.

YggTorrent is currently THE french torrent resource, as was T411 before. Sharewood, OnlyScene, etc... just can't compare. That's why I'm all for proposing solutions, even if they are not ideal.

@aarsenca I get it, but as stated by others if YggTorrent admins (or those of the other websites using CloudFlare) are not ready to take Jackett usage into account, that leaves us no other viable option.

As stated by Nooody, who is a moderator on YGG's forum, "the Cloudflare protection on the RSS will soon be removed". I understand that jackett as it exists today would be dependent on what the YGG admin decide, but maybe we could try to get some assurances from them that this would be permanent. It would certainly make everybody's life a lot easier.

@aarsenca what is NCDC ? ( just for informations ) .

In my case, I run jackett on a rack server, and I have no problem with ressources ...

I'm just thinking about users that run on a rpi ...

It could be a generic option available for all indexers : "Use Selenium instance to perform requests", with a hostname and a port.
not really, because each indexers need to do differents things with selenium . So, each trackers will need to add an option to use selenium ...

About the proxy, yes you can add a container, that will take in charge cloudflare, and return the website .... Maybe :/ ...

We all seem to agree that using a headless browser is the only way to easily handle Cloudflare-protected websites

I tried to do a quick and dirty poc of using selenium with a headless firefox and it didn't work. Apparently, there are techniques to detect headless browsers. Even when using headless browsers, I'm afraid we will still be playing Tom & Jerry with cloudflare.

😞 @pun-private Thank you for your PoC !

But maybe I did something wrong ! I'll try to work on it this weekend =)

@aarsenca what is NCDC ? ( just for informations ) .

It is a Direct Connect client for audiobooks. It stands for "n-curse direct connect". It runs very well in a terminal with an n-curse interface. The interface takes some time to get used to, but it gets very efficient once you master a few commands. Very few people use ncdc, but my RPi loves it.

I have a large collection of audiobooks and the best sources (other than usenet, I suppose) are private direct connect hubs.

Ah yes ok :) .

Actually, ncdc is a direct connect client for anything you can find on DC hubs. I use it for audiobooks, but that's just me.

A simple suggestion : we know that we all fetch the same RSS feeds except for passkey inside urls.
If 1 or 2 people mount a server that fetch the RSS feeds and serve them publicly on another url with passkey removed, we could all use this 3rd-party url to get RSS feeds. We would just have to reinject our own passkey in.
I don't know how to implement this idea, just wanted to share it.

Do you use this ? https://gist.github.com/Mouton99/4aa70341b42d02800239efafbf9acd79

A simple suggestion : we know that we all fetch the same RSS feeds except for passkey inside urls.
If 1 or 2 people mount a server that fetch the RSS feeds and serve them publicly on another url with passkey removed, we could all use this 3rd-party url to get RSS feeds. We would just have to reinject our own passkey in.
I don't know how to implement this idea, just wanted to share it.

we fetch the rss feed ? as I know, the rss feeds from YGG are really generic, and not interessting (or I miss something), and I didn't think jackett use the rss feed ... but just navigate, and do a research .

@aarsenca @thib3113 I was indeed surprised by the mention of the RSS feed, if you look at the indexer definition it is parsing the HTML pages.

Jackett purpose is precisely to provide workable/searchable RSS feed from websites that do not implement it in the first place.

I checked my RSS feed on YGG and it seems to contain enough for sonarr and radarr to match with monitored media. I see info like title, link, category, pub date, passkey and so on. Is this useful?

I checked my RSS feed on YGG and it seems to contain enough for sonarr and radarr to match with monitored media. I see info like title, link, category, pub date, passkey and so on. Is this useful?

can you search on the rss ?

The only RSS I know on YGG, are the RSS that show the last 100 of categories ... So, totally useless, and usefull only if you want to index all torrents ... (and you need to start lot of times before)

can you search on the rss ?

No idea. I wasn't thinking about that as I use sonarr and radarr mostly as monitoring tools, but you're right about the need to search. Who said this was easy?

can you search on the rss ?

No you can't, you're right, the only RSS availables are for latest torrents of each categories (or of all categories). Not really usefull, except for getting recently posted monitored content or last episodes as soon as they are available.
Those RSS feeds work well with Sonarr/Radarr "Torrent RSS Feed" indexer, but that's it. No search.

can you search on the rss ?

No you can't, you're right, the only RSS availables are for latest torrents of each categories (or of all categories). Not really usefull, except for getting recently posted monitored content or last episodes as soon as they are available.
Those RSS feeds work well with Sonarr/Radarr "Torrent RSS Feed" indexer, but that's it. No search.

so, how does it works ? it only check the rss each X hours, and check if something match ? and what about older episodes of a tv show for example ?

so, how does it works ? it only check the rss each X hours, and check if something match ? and what about older episodes of a tv show for example ?

It only checks the entries in the latest RSS file, so usually a maximum of 100 entries but it can be a lot less depending on the tracker. Older episodes are unlikely to be present, but it can happen (repost, new format, and so on). Usually, you need to search for older episodes and not depend on the RSS feed. But this process is excellent for new titles monitored by sonarr or radarr as it is completely automated.

Sounds good, but I've this error when i try to add torrent RSS feed of ygg in sonarr... :
Indexer feed is not supported: Could not parse feed from https://www2.yggtorrent.se/rss?action=generate&type=subcat&id=2184&passkey=××××××××××
From my seedbox,perhaps IP blacklisted by CloudFlare...

I did few tests with puppeter, puppeter-extra and puppeter-extra-plugin-stealth and l'm still detected as a headless browser 😭

This code work for me... But i have to use page.waitFor, so this is random. I'm re writing everything in go and this is way better.

```'use strict'

const puppeteer = require('puppeteer');
const URL = require('url').URL;
const fs = require('fs');

// const ENDPOINT = 'https://www2.yggtorrent.se';
const ENDPOINT = 'https://www2.yggtorrent.se/rss?action=generate&type=cat&id=2145&passkey=${passkey}';
const UA = 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36'
const WAIT_FOR = 40000

const main = async () => {
let headless = true;

const responses = [];

const browser = await puppeteer.launch({ headless });
const page = await browser.newPage();

page.on('response', async resp => {
try {
const request = await resp.request();
const url = new URL(request.url());
const split = url.pathname.split('/');
let filename = split[split.length - 1];

  console.log(filename)
  if (filename != 'rss') return null

  responses.push(resp);
} catch (e) {
  console.log(url)
}

});

// await page.setUserAgent(userAgent.toString())
await page.setUserAgent(UA);
await page.setJavaScriptEnabled(true);

console.log(GOTO ${ENDPOINT});

await page.goto(ENDPOINT);

console.log(waiting ${WAIT_FOR} ms);

await page.waitFor(WAIT_FOR)

const cookies = await page.cookies()

console.log(cookies)

responses.map(async (resp, i) => {
try {
const request = await resp.request();
const url = new URL(request.url());
const split = url.pathname.split('/');
let filename = split[split.length - 1];

  if (filename != 'rss') return null
  if (!filename.includes('.')) {
    filename += '.xml';
  }

  const buffer = await resp.buffer();

  console.log(`Saving ${filename}`)
  fs.writeFileSync(filename, buffer);
} catch (e) {
  // console.log(e)
}

});
};

main();

Sounds good, but I've this error when i try to add torrent RSS feed of ygg in sonarr... :
Indexer feed is not supported: Could not parse feed from https://www2.yggtorrent.se/rss?action=generate&type=subcat&id=2184&passkey=××××××××××
From my seedbox,perhaps IP blacklisted by CloudFlare...

Yes, that's because for now CloudFlare is also f*cking the RSS feed now 😄 But someone said that they will probably disable the strong CF protection for the RSS in the future. But for now, it doesn't work, just like Jackett.

🖖 Hey guys, I made a fetcher using pupperteer. It works like a charm for me :)

See https://github.com/Guisch/yggfetch

Having the same issue here. Hopefully someone can find an easy solution soon :)

🖖 Hey guys, I made a fetcher using pupperteer. It works like a charm for me :)

See https://github.com/Guisch/yggfetch

how do you combine the two with jackett ? is it a standalone solution and do we have to use docker ? thanks for your time anyway really nice

On YGGForum, they spoke about a 'bug" (wanted or really a bug ?) than ask more than once from captcha solver, even if you answer right the first time when using a real browser :
" Je peux confirmer que le hcaptcha de CloudFlare n'a besoin d'être validé qu'une fois, apparemment j'ai l'impression que c'est un bug de redirection quand il nous le demande plusieurs fois.
En effet dès la première validation du hcaptcha (à moins qu'on ait pas choisi les bonnes images, il faut 1 erreur max) les bons cookies sont envoyés, et pourtant il affiche à nouveau le hcaptcha.
J'adopte donc la solution suivante, qui pour le moment marche à 100% :

• je rempli hcaptcha en cochant les putains de parapluies
• s'il me redemande un hcaptcha, je change l'url du navigateur pour uniquement : yggtorrent.se (pas de www ou www2) et j'appuie sur entrée
  --> CloudFlare voit son cookie, il est content, et moi j'ai bien la page d'accueil
  --> Après où que je clique (même sur https://yggtorrent.se ou https://www.yggtorrent.se ou https://www2.yggtorrent.se) plus de hcaptcha.
  Bon il me le redemandera quelques heures après, mais une seule fois suffit, si ça peut aider ceux qui ont failli jeter leur ordi par la fenêtre après 5 tentatives infructueuses."

I translate the best out of it :
At first visit (at https://www2.yggXX.se) you solve the hcaptcha. Then, then the good cookie is receives but you see another hcaptcha (bug ?) then the solution is to change the url to https://yggXX.se (no www. neither www2. )
Cloudflare see the cookie and is happy, the website page is displayed.
After that, anypage requested (https://yggXX.se ou https://www.yggXX.se ou https://www2.yggXX.se) don't ask a captcha (for hours, not forever).

-> Maybe this trick could be used for the YGGCookie indexer to be usable again ?
(YGGCookie ask for a page, then instead of trying 10 times, change the url the second time and 'maybe' it will read the good cookie that time and function again ?

I am not sure, but if it could be tested, maybe it could help us...

Second (maybe) solution for you, genious developpers... :
On the same thread, they talk about that Firefox module 'ublock origin'
"Firefox à jour, ublock origin et PrivateVPn : jamais de captcha. Des fois, j'ai une page qui me demande de patienter 5 secondes. Et c'est tout. "
It seems that using 'ublock origin' prevent YggXX.se to ask hcaptcha solver (only waiting for 5 seconds)...
Source code : https://github.com/gorhill/uBlock

Same issues.
But chrome + adGuard = i've never done a captcha on ygg. only 5sec wait.
Good luck for your hard work.

https://github.com/Guisch/yggfetch

@Guisch This could work. I have been testing the C# port of Puppeteer but it's not working well. Could you make it more general to be used by all sites? Requirements:

1. Jackett will detect if some site is protected by Cloudflare.
2. Jackett will send you the exact request (with URL, body, headers...) I think the best way is if you implement a proxy https://github.com/http-party/node-http-proxy
3. Do the magic with Puppeteer. Open the browser, send the request (It has to be the same request we send you (HTTP method, URL, user-agent header). Then you wait until the page does not contain the Cloudflare words or 30 seconds timeout. And return us the cookies.
4. Jackett will save those cookies for the future and repeat the first request with the cookies.
5. Jackett will call your tool only when it's required.

This feature will be optional in Jackett. The user will be able to configure "your proxy" as a external tool. Some trackers like YGG won't work if this feature is not configured.
If you are willing to help we can host this project in Jackett and I can help you with Node, Docker, CI or anything else.

https://github.com/Guisch/yggfetch

@Guisch This could work. I have been testing the C# port of Puppeteer but it's not working well. Could you make it more general to be used by all sites? Requirements:

1. Jackett will detect if some site is protected by Cloudflare.
2. Jackett will send you the exact request (with URL, body, headers...) I think the best way is if you implement a proxy https://github.com/http-party/node-http-proxy
3. Do the magic with Puppeteer. Open the browser, send the request (It has to be the same request we send you (HTTP method, URL, user-agent header). Then you wait until the page does not contain the Cloudflare words or 30 seconds timeout. And return us the cookies.
4. Jackett will save those cookies for the future and repeat the first request with the cookies.
5. Jackett will call your tool only when it's required.

This feature will be optional in Jackett. The user will be able to configure "your proxy" as a external tool. Some trackers like YGG won't work if this feature is not configured.
If you are willing to help we can host this project in Jackett and I can help you with Node, Docker, CI or anything else.

When i was using the sock 5 proxy they were issue with jackett loping on something and filling the ram of the computer some request that were indefinitely running ? wouldn't it be a problem for that use ?

Hyped with the fact that we might have a solution that could be implemented :)

really thankful for your work guys.

https://github.com/Guisch/yggfetch

@Guisch This could work. I have been testing the C# port of Puppeteer but it's not working well. Could you make it more general to be used by all sites? Requirements:

1. Jackett will detect if some site is protected by Cloudflare.
2. Jackett will send you the exact request (with URL, body, headers...) I think the best way is if you implement a proxy https://github.com/http-party/node-http-proxy
3. Do the magic with Puppeteer. Open the browser, send the request (It has to be the same request we send you (HTTP method, URL, user-agent header). Then you wait until the page does not contain the Cloudflare words or 30 seconds timeout. And return us the cookies.
4. Jackett will save those cookies for the future and repeat the first request with the cookies.
5. Jackett will call your tool only when it's required.

This feature will be optional in Jackett. The user will be able to configure "your proxy" as a external tool. Some trackers like YGG won't work if this feature is not configured.
If you are willing to help we can host this project in Jackett and I can help you with Node, Docker, CI or anything else.

Hey, I have only 2 to 3 hours of playtime with Puppeteer but sure I'm willing to help.

Questions:

• Since trackers can be in HTTPS, I assume that we would need some certificate to forward HTTPS requests through the proxy. Won't that be an issue if they are self signed ?
• On my project, I checked response for the presence of a "content-disposition" header when downloading .torrent files. I believe that HTTP(S) download without this header exists so how could we detect when an Incoming request is for downloading a file ?

Hey everyone !

Cloudflare security page have been disabled for now, to see if it can run without this page. Normally there is no expected return of the Cloudflare security page, unless there is a DDoS. The RSS feeds are now readable (for those who want them) and the site should be fully accessible by Jackett now!

(For French Readers : More info here https://www2.yggtorrent.se/forum/index.php?threads/captcha-de-lenfer.35906/page-13#post-174688)

Hey everyone !

Cloudflare security page have been disabled for now, to see if it can run without this page. Normally there is no expected return of the Cloudflare security page, unless there is a DDoS. The RSS feeds are now readable (for those who want them) and the site should be fully accessible by Jackett now!

That was the sensible thing to do. Let's all be friends. Peace and love!

Damn, we can use ygg again with Jackett ! I hope it stays this way

unfortunately it is still a problem for torrentday :/

unfortunately it is still a problem for torrentday :/

Do they have a forum where members can complain? Honestly, I can't say what went into YGG's decision, but there was quite a bit of noise on the forum and the announcement was made in the thread where members were most vocal.

unfortunately it is still a problem for torrentday :/

Do they have a forum where members can complain? Honestly, I can't say what went into YGG's decision, but there was quite a bit of noise on the forum and the announcement was made in the thread where members were most vocal.

There is a forum but i do not seem to see any threads or noice about it and i know alot of people on there also uses jackett :D

For torrentday, a thread was open here yesterday. See issue 8912.

For torrentday, a thread was open here yesterday. See issue 8912.

Thanks mate

Do they have a forum where members can complain? Honestly, I can't say what went into YGG's decision, but there was quite a bit of noise on the forum and the announcement was made in the thread where members were most vocal.

Let's not forget that they deleted at least 2 big thread where people were talking about the RSS feed and jackett being unusable, they didn't closed the threads, didn't gave any warning : they deleted them as if they never existed.
The only one they didn't delete and that probably made them remove the strong Cloudflare protection (for now) is the one where even the regular members that visited the site said that they were impacted by the frustrating captcha at every pages of the site.
I don't think they were doing that for Jackett or RSS users... So I don't think this is the last of our problems, but let's enjoy while we can!
This issue can probably be closed, at least for now...

I don't think they were doing that for Jackett or RSS users... So I don't think this is the last of our problems, but let's enjoy while we can!

It's hard to figure out exactly how they made their decision, but in the end, their business sense prevailed. At least for the moment... If I understand this correctly, it was the same extreme CF settings that made accessing the site a pain for everyone including Jackett users. Their complaints and ours had the same solution.
I wonder why they have DDOS issues like they claim they do. I don't see this on TorrentLeech. What annoys me so much is that they are presenting their CF settings as the only solution to a problem that they seem mostly to have as a result of some weakness in their infrastructure which makes them a prime target for attacks. I might be totally out to lunch, but that's the question I still have about this. Maybe someone can educate me.

Same issue despite Version 0.16.656.0, both YGGtorrent and YGGcookie return the same error:

CloudflareSolverRe.Exceptions.CloudflareClearanceException: Clearance failed after 10 attempt(s).

Same issue despite Version 0.16.656.0, both YGGtorrent and YGGcookie return the same error:

CloudflareSolverRe.Exceptions.CloudflareClearanceException: Clearance failed after 10 attempt(s).

Here, with the same version, YGGtorrent tests successful. I did not test YGGcookie.

Same issue despite Version 0.16.656.0, both YGGtorrent and YGGcookie return the same error:

CloudflareSolverRe.Exceptions.CloudflareClearanceException: Clearance failed after 10 attempt(s).

I think, this error is more linked to your ip, than the version of jackett .

I don’t have this issue anymore. It’s unfortunate for those who still have it.

As far as I know, YGG's admin made Cloudflare block / show the security page on some IPs (in the Netherlands I think) because that's where the DDoS came from (yes, it's not the best solution), but some IPs may have been added by mistake, I know that at one time the YGG admin used to take DMs of IP addresses to unblock them, but I don't think that's still the case today, given the current situation.

As far as I know, YGG's admin made Cloudflare block / show the security page on some IPs (in the Netherlands I think) because that's where the DDoS came from (yes, it's not the best solution), but some IPs may have been added by mistake, I know that at one time the YGG admin used to take DMs of IP addresses to unblock them, but I don't think that's still the case today, given the current situation.

That would make complete sense on why I can't use YGG on Jackett anymore... I use seedboxes.cc, WHOIS of my server shows location in the Netherlands...
Any ideas on how to fix this issue?

You can try to proxy your browser to your seedbox and then connect to yggtorrent.
It will ask for the challenge than it should be unlocked.

Something like that:
https://www.digitalocean.com/community/tutorials/how-to-route-web-traffic-securely-without-a-vpn-using-a-socks-tunnel

To be sure that your IP is blocked, you can use W3M on the site address, and you will see if there is an error with your IP.

As far as I know, YGG's admin made Cloudflare block / show the security page on some IPs (in the Netherlands I think) because that's where the DDoS came from (yes, it's not the best solution), but some IPs may have been added by mistake, I know that at one time the YGG admin used to take DMs of IP addresses to unblock them, but I don't think that's still the case today, given the current situation.

That would make complete sense on why I can't use YGG on Jackett anymore... I use seedboxes.cc, WHOIS of my server shows location in the Netherlands...
Any ideas on how to fix this issue?

Buy a raspberry, place it in your home, install jackett on it and point the radarr/sonarr indexer settings of seedboxes.cc on your home jackett

Yggtorrent problem was fixed long time ago.
For those interested in the Cloudflare problem that affects other trackers see #9029