I’ve been looking into Image Resizing functionality and would like to ask what Cloudflare is doing to prevent abuse of this functionality by malicious users that construct resize URL themselves.
If “Resize images from any origin” is enabled, then it is possible to automate sending many requests for images from external source like an image hosting provider. Requests like
https:///cdn-cgi/image/height/https:///00001.jpg could be automated and used to inflate the service cost for the customer.
Alternatively, images hosted on same origin could also be abused by constantly requesting different sizes and other options of the same images.
Are there any prevention in place like rate limiting or IP bans for malicious users who choose to abuse this in order to inflate the prices for Cloudflare customers?