My clients website is receiving quite a bit of spam requests from an unknown source, and I’m surprised Cloudflare isn’t recognising and thus blocking the traffic.
The requests have been regular over several months. I can only see Cloudflare’s IP and I cannot configure the web server to forward the source IP through as the site is on a shared hosting platform.
Examples of what I’m seeing look like this (the first query string is a valid request);
I’ve already had to block the Baidu crawler and ultimately I had to enable the Captcha challenge for CN based requests which all but eliminated the amount of spam we received at the time.
With these new ‘attacks’ however I am having some difficulty ascertaining what service/bot is behind it so I may need to block by individual IPs - if I could find out what they are.
Any suggestions on next steps?