Securing a Cloudflare-Proxied a Server Against Unauthorized Frontend Requests
System Overview:
You have three components under your control:
1. A relay server (public-facing, Cloudflare-proxied).
2. A web server that dynamically generates frontend code (HTML/JS).
3. A frontend that embeds JavaScript (from the web server) to fetch data from the relay server.
Problem:
Malicious users can:
- Discover your relay server’s public domain.
- Tamper with the frontend’s embedded JavaScript (e.g., modifying API calls or parameters).
- Spam/abuse the relay server directly with unauthorized requests.
Goal:
Ensure the relay server only processes requests from your unmodified frontend code, while blocking requests from altered or unauthorized clients.
You have three components under your control:
1. A relay server (public-facing, Cloudflare-proxied).
2. A web server that dynamically generates frontend code (HTML/JS).
3. A frontend that embeds JavaScript (from the web server) to fetch data from the relay server.
Problem:
Malicious users can:
- Discover your relay server’s public domain.
- Tamper with the frontend’s embedded JavaScript (e.g., modifying API calls or parameters).
- Spam/abuse the relay server directly with unauthorized requests.
Goal:
Ensure the relay server only processes requests from your unmodified frontend code, while blocking requests from altered or unauthorized clients.
MAINLY, THE BLOCKING REQUEST IS HAPPENED IN CLOUDFLARE SIDE.
Welcome to the official Cloudflare Developers server. Here you can ask for help and stay updated with the latest news
85,042Members
Resources
Similar Threads
Was this page helpful?
