Stop other sites hotlinking our scripts

Someone has cloned our site. I know there is not much we can do about that but they are pulling scripts and other resources from our site.

Is there anyway we can stop a third party site pulling scripts, files, and other resources from our site?

I found this for images, could it be modified for other file types?
https://developers.cloudflare.com/workers/examples/hot-link-protection

Any suggestions welcome.

Cloudflares “Hotlink protrction” does actually just protect Images: https://support.cloudflare.com/hc/en-us/articles/200170026-Understanding-Cloudflare-Hotlink-Protection

But you can use the same technology to protect other assets aswell. Yes the worker example can be modified to protect other files aswell. I wonder why Cloudflare does not include this in their “Hotlink protection” function.

Actually we are not using workers just the normal Cloudflare setup.

Any way to block hot linking scripts using the standard Cloudflare controls?

No, the default is exclusively for Image-Hotlinking.

Now you have a good reason to start using it :wink:

I believe Hotlink Protection works by checking the Referrer header on image requests.

You can do the same thing with a Firewall Rule.

https://developers.cloudflare.com/firewall/

https://developers.cloudflare.com/ruleset-engine/rules-language/fields/

1 Like