Stop Referer spoofing

farshad · April 3, 2019, 11:04am

I was wondering if Cloudflare can help to stop Referer spoofing, perhaps using Workers or any other features?
Has anyone ever experienced and have done something like this.

Thanks

sandro · April 3, 2019, 11:04am

What exactly do you mean by that? Provide examples.

farshad · April 3, 2019, 11:21am

Thanks Sandro,

So just noticed that one of our API endpoints is being targeted by some sort of continues attack. We know we can use rate limiters however in this case we have put a rule in the firewall to accept only requests coming from a specific referer, however the attackers is spoofing the referer therefore they manage to go through.

I was just wondering if we can somehow stop this using some of the features in Cloudflare, like workings.

Thanks

sandro · April 3, 2019, 11:37am

The referrer is something set by the client. You have no control over that. I would strongly advise against any security mechanism which relies on that header.

farshad · April 3, 2019, 11:20am

Yeah I guessed so, Thanks a lot Sandro

system · May 3, 2019, 11:03am

This topic was automatically closed after 30 days. New replies are no longer allowed.