Verify cf_clearance

I have a website that performs an API request to my backend. I currently verify it comes from my website by checking the origin (bad idea I know). The issue is my website is getting reverse engineered and they spoof the origin.

I need to make sure that they come from my main website and have passed the Cloudflare Challenge. I believe the best way is to verify the cf_clearance cookie, ideally before the request reaches my server as each request takes up time and money. However, if it can be done in ExpressJS or any NodeJS library, I would try this also.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.