Cloudflare giving too much info to website thief

There is someone who is scraping my site and presenting the info as if it’s theirs. I have managed to obtain his server ip and blacklisted it but he just started using another ip. I then block his host’s ASN and when he tries to scrape my site. This is the message that cloudflare sends him:

“The owner of this website (example.com) has banned the autonomous system number (ASN) your IP address is in…”

Now the attacker just knows that he can just switch hosts and continue with his evil deeds. I think cloudflare should just show access denied page with minimal info so the attacker is left to wonder.

I welcome any suggestions that could help in thwarting this person.

2 Likes

Hi @davreid97,

The msg you are referring to results from an IP Access rule.

If instead of using an IP Access rule to block an ASN, you create a Firewall Rule, any bots or visitors from that ASN will see a generic error message that does not explain the action being taken (other than being a block):

Error 1020 Ray ID: 5102288f2f96d91d • 2019-09-02 20:15:52 UTC
Access denied
What happened?
This website is using a security service to protect itself from online attacks.

6 Likes

This topic was automatically closed after 30 days. New replies are no longer allowed.