Content stealing is one of the biggest problems you will face when owning a digital assets like website. If you notice someone steals your content and republish in any form without permission, make sure you try to take necessary action to protect your online identity. Recently, I had a problem that a website owner stole thousands of pages from this site and hid behind Cloudflare reverse proxy. Fortunately, it was an easy process to file a takedown notice for abuse with Cloudflare and they really take that seriously.
Example Case
The website shown in the below picture was the culprit having thousands of stolen pages. The problem was all the original images were extracted and hosted on their site and the text content was translated without permission.
First, I did not realize the scale of stealing and sent a warning email through the contact form available on the site. With no response received, I realized there was a huge referral traffic from that domain originated from Russia, Poland, etc. They are real users coming through by clicking the links from the site. This became a headache when I noticed the content was translated to 10 different languages (it means 1000 x 10 = 10K pages) thus leading to referral traffic from all over the world.
Filing Abuse with Cloudflare
After checking the hosting server details of the site, I found it was hidden behind Cloudflare nameservers. So, I could not find the hosting company supporting that site. You can follow filing DMCA complaint with Google when few of your pages were stolen. But for thousands of pages, it is kind of difficult to succeed with Google because the thief can easily change the URLs with redirection. Cloudflare was the only available option for complaining and the good part is you do not need to have an account with Cloudflare for filing an abuse.
- Go to Cloudflare abuse filing page.
- Select the reason for abusing as “Copyright Infringement & DMCA Violations”.
- Fill out your name, email, country and other details and read the instructions shown on the side section.
- The most important section in the abuse form is to fill the “Infringing URLs” and “Describe the original work” sections. You can fill up to 250 URLs and make sure to fill these two boxes in a pair. That means fill the infringed URLs and originals in the correct sequence so that it easy to compare. Unfortunately, there are no comment box available in the form for adding additional details. However, you can provide 4 or 5 URLs in the infringing URLs box and explain the storyline (like hundreds of pages stolen with images).
- By default, Cloudflare will send the submitted details to both hosting provider and the website owner. Make sure these options are checked, add your digital signature and submit the form.
Notification from Cloudflare
Wait for a week and you will receive a notification email from Cloudflare’s partner Hetzner. As you can see in the email, Cloudflare notified the site owner and the hosting company about the copyright infringement.
It was surprising that the thief removed all the copied pages the next day I received the email. I could see this from Google Analytics as well as firewall rules I set in my Cloudflare account. Since Cloudflare is a valuable company, hosting providers will try to resolve the problem or take down the site immediately. Though I did not get any confirmation from the site owner, I assume his hosting company would have asked him to resolve the issue.
Other Options for Protecting Your Site
You can consider the following options in addition to filing abuse with Cloudflare or if Cloudflare abuse did not work for you.
- Inform in Cloudflare Twitter Handle – after raising abuse, you can inform Cloudflare team through their Twitter handle. This will make the topic public and your chances of getting response is higher.
- Disavow links – use the disavow links tool from Google and Bing to submit the infringed domains list. This will help to avoid any manual spam actions as the linked domains will not be considered for ranking your pages. This is the first step you should consider for protecting your site’s ranking in search engines.
- Block referrer from Cloudflare settings – if you do not want to receive any traffic from the spam domains, you can easily block them from your Cloudflare account. You can create firewall rules to filter based on HTTP referrer to block the traffic from the domain. Alternatively, you can also block the country to safeguard your site. Though this will block the real users coming from that domain or country, at least you will not get any suspicious referral traffic.
Final Words
It is nice to see Cloudflare took the abuse seriously and took formal action against the content hiding behind their reverse proxy setup. So, do not worry if your site content is reproduced without permission. There are ways to take down the stolen content. Like Cloudflare, you can follow the similar process with any other proxy service provider and I believe you will get a proper response.
Leave a Reply
Your email is safe with us.