diff --git a/edge/middleware.ts b/edge/middleware.ts
index 0309899..bb85a1e 100644
--- a/edge/middleware.ts
+++ b/edge/middleware.ts
@@ -316,6 +316,22 @@ BunnySDK.net.http
   .servePullZone()
   .onOriginRequest(async (ctx) => {
     const ip = ctx.request.headers.get("X-Real-Ip");
+    const url = new URL(ctx.request.url);
+
+    // Reserved path: always intercepted so it never reaches origin.
+    // Bloom filter may update between captcha serve and verify POST;
+    // if so, the POST would otherwise fall through to origin as 404,
+    // leaving the user stuck in a dead-end captcha flow.
+    if (url.pathname === "/__captcha/verify") {
+      if (!ip || ctx.request.method !== "POST") {
+        return new Response(null, {
+          status: 302,
+          headers: { Location: "/" },
+        });
+      }
+      return handleCaptchaVerify(ctx.request, ip);
+    }
+
     if (!ip) return ctx.request;
 
     if (isCleanCached(ip)) return ctx.request;
@@ -329,12 +345,6 @@ BunnySDK.net.http
         return ctx.request;
       }
 
-      const url = new URL(ctx.request.url);
-
-      if (url.pathname === "/__captcha/verify" && ctx.request.method === "POST") {
-        return handleCaptchaVerify(ctx.request, ip);
-      }
-
       return captchaPage(url.pathname + url.search);
     }