My clients website is receiving quite a bit of spam requests from an unknown source, and I’m surprised Cloudflare isn’t recognising and thus blocking the traffic.

The requests have been regular over several months. I can only see Cloudflare’s IP and I cannot configure the web server to forward the source IP through as the site is on a shared hosting platform.

Examples of what I’m seeing look like this (the first query string is a valid request);

image775×133 27.8 KB

I’ve already had to block the Baidu crawler and ultimately I had to enable the Captcha challenge for CN based requests which all but eliminated the amount of spam we received at the time.

With these new ‘attacks’ however I am having some difficulty ascertaining what service/bot is behind it so I may need to block by individual IPs - if I could find out what they are.

Any suggestions on next steps?

You’re seeing Cloudflare’s IP addresses because your server isn’t properly configured to restore visitor IP addresses.

I’m discussing options with the hosting provider already.

This topic was automatically closed after 30 days. New replies are no longer allowed.