- Any user sets nginx to proxy all requests to my domain AAAcom hidden under cloudflare from their domain BBB.com
- Cloudflare sends request to my server, server answered with 200
BBB.com domain steals my content
I can deny all requests but cloudflare servers, but it will not help. Is there any solution to disable proxying thru cloudflare? Now i ban such servers by ip, but they can avoid bans changing ips for example
In the end they can (even if you protect your site) work around your protections.
What you could try is:
https://www.cloudflare.com/abuse/form (if the user uses CloudFlare)
- set up
Content-Security-Policy in combination with
- use CloudFlares “Hotlink Protection” to at least protect your images (works untill they also proxy them and rewrite links)
Step 4 is I think the most efficient, but make sure your domain is not writen in cleartext as then they may replace it with “search-replace” or regex
This topic was automatically closed after 30 days. New replies are no longer allowed.