Cloudflare giving too much info to website thief

davreid97 · September 2, 2019, 5:31pm

There is someone who is scraping my site and presenting the info as if it’s theirs. I have managed to obtain his server ip and blacklisted it but he just started using another ip. I then block his host’s ASN and when he tries to scrape my site. This is the message that Cloudflare sends him:

“The owner of this website (example.com) has banned the autonomous system number (ASN) your IP address is in…”

Now the attacker just knows that he can just switch hosts and continue with his evil deeds. I think Cloudflare should just show access denied page with minimal info so the attacker is left to wonder.

I welcome any suggestions that could help in thwarting this person.

cbrandt · September 2, 2019, 8:22pm

Hi @davreid97,

The msg you are referring to results from an IP Access rule.

If instead of using an IP Access rule to block an ASN, you create a Firewall Rule, any bots or visitors from that ASN will see a generic error message that does not explain the action being taken (other than being a block):

Error 1020 Ray ID: 5102288f2f96d91d • 2019-09-02 20:15:52 UTC
Access denied
What happened?
This website is using a security service to protect itself from online attacks.

system · October 2, 2019, 5:31pm

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
What is ASN 1136 (and how do I get out of it?)? General	3	11798	April 26, 2018
I need help from a Cloudflare admin Feedback	4	31	February 21, 2025
Getting attacked from a large IP range. Did ASN look up and it shows CLOUDFLARENET General	5	2363	November 13, 2021
Cloudflare gave me an access denied to a website I wanted to reach Security	4	1693	May 30, 2023
Web scraping sourced from cloudflare IP addresses Security	5	46	January 6, 2025

Cloudflare giving too much info to website thief

Related topics