Stop Referer spoofing

#1

I was wondering if Cloudflare can help to stop Referer spoofing, perhaps using Workers or any other features?
Has anyone ever experienced and have done something like this.

Thanks

#2

What exactly do you mean by that? Provide examples.

#3

Thanks Sandro,

So just noticed that one of our API endpoints is being targeted by some sort of continues attack. We know we can use rate limiters however in this case we have put a rule in the firewall to accept only requests coming from a specific referer, however the attackers is spoofing the referer therefore they manage to go through.

I was just wondering if we can somehow stop this using some of the features in Cloudflare, like workings.

Thanks

#4

The referrer is something set by the client. You have no control over that. I would strongly advise against any security mechanism which relies on that header.

2 Likes
#5

Yeah I guessed so, Thanks a lot Sandro