Token authentication, Avoid bypassing Cloudflare with direct Azure blob URL

I have a website where content is limited to registered users. The way it is now, anyone who has access to the website content can copy the image links and share them. There is no access control on the images themselves so now anyone has access.

I am looking into using Cloudflare’s token authentication. My concern is that it would be easy for someone to bypass this check and go straight to the source.

I am using Azure’s blob storage with their CDN. There are two ways to access a file, directly or via the CDN:

my_account.blob.core.windows.net/image_path/
my_website.com/image_path/

Only the CDN URL goes through Cloudflare and can be protected. However, if anyone knows the CDN URL then it’s easy to guess the direct blob URL. The image path is the same and they’d only need to know/guess my blob account name. That’s not much security.

Is there a way around this?

This topic was automatically closed after 30 days. New replies are no longer allowed.