A website is stolen my whole website and hosted in their website. I want to block that specific website from accessing my website content loaded on their website. Is there any way to do it?
- Look through your web-server logs until you find an offending request.
- Ensure the request came from Cloudflare by checking that the source IP is listed on https://www.cloudflare.com/ips. If the request did not come from Cloudflare, then you need to implement a local firewall rule blocking all but Cloudflare’s IPs.
- Ensure that the request did not come from Cloudflare Workers by checking whether the
Cf-Workerheader is present. If the header is present, create a Firewall Rule blocking requests matching
- Ensure that the
Hostheader of request matches your site. If it doesn’t match then you need to do proper host header validation at your origin.
- Identify the visitor IP by looking at the
Cf-Connnecting-Ipheader. Then create a new Firewall Rule blocking any requests matching
I think this covers most possibilities, but feel free to ask if you have any questions
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.