Techniques are provided for request modification for web security challenge. Data corresponding to a web page request by a client computing device for a web page is received. The web page comprises web code that allows a user to submit a request to initiate a web transaction with a web server system. Challenge code is generated that determines one or more values that are a valid solution to a challenge. The challenge code is provided for integrated code to be served in response to the web page request. The integrated code comprises the challenge code and modified web code that adds one or more parameters for the valid solution to the request. A particular request is received to initiate the web transaction. It is determined that the one or more parameter values are not a valid solution. In response, the web server system is prevented from processing the particular request.