Trafficbot4free(dot)pw blocking spam bot problem

Hi, I get spammed by trafficbot4free(dot)pw, I don’t care about analytics but the bandwidth of the site increased significantly. I tried creating firewall rules, blocking through hostname and user agent…nothing works. Every twenty minutes, I get visits from various countries with trafficbot4free as a referral.

Did anyone manage to solve this?

Thank you!

1 Like

You need to create a firewall rule based on the referrer, not other parameters.

thank you for a quick reply, but it does not work. Tried “equals”, “contains” for domain or just trafficbot4free etc. Cloudflare does not catch it… :frowning:

Whats the domain?

And post screenshots of

  1. The firewall rule
  2. The list of firewall rules

domain costofincome.com

(thank you for your time and help)

The other screenshot?

only one rule there, the 1 block that you see is a mistake (i did an error in one of the setups and blocked a feed crawler)

Blocks just fine

$ curl -i -H 'Referer: https://trafficbot4free.pw' https://costofincome.com/
HTTP/2 403
date: Thu, 21 May 2020 12:55:04 GMT
content-type: text/plain; charset=UTF-8
content-length: 16
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

Of course your check only checks for that particular string. Should that referrer be any different it will pass.

1 Like

I though that if CF blocked It i would not see it in Google Analytics…but I still do. Thought that it means that the block is not working…

P.S.: I see your test as blocked, but I did not see Cf blocking other attempts from that site (but I see them in Analytics…) image

In that case they might access your server directly without going through Cloudflare.

maybe a silly question - what is the point of CF if somebody can go “directly” to my server? I thought that it is impossible when the CF is on.

If your server accepts connections from others than Cloudflare, there is nothing Cloudflare can do.

Can you post log excerpts from the requests in question?

Yep. I knew it would be a Namecheap domain even before I did a whois on it.
What a surprise.

Thank you so much for your support. I just blocked it in GA. Spent too much time worrying about it. If it gets worse, will have to get back to it…

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.