Our approach to abuse

Cloudflare offers security and reliability services to millions of websites, helping prevent online abuse and make the Internet more secure. When it comes to reports of abuse on websites that use our services, our ability to respond depends on the type of Cloudflare service at issue. Most abuse reports we receive pertain to websites that use our pass-through security and content delivery network (CDN) services, while far fewer reports relate to websites using our registrar services or our services to host content at the edge. Because Cloudflare offers a variety of Internet infrastructure services to users, our abuse reporting system is designed with those different services in mind.

Graphic depicting a globe with dots indicating Cloudflare data centers.

Guiding principles in handling abuse reports

Optimization gear blue
Service specific

Responses to abuse should reflect the nature of the services at issue and the ability to address the harm, while minimizing the possibility of unintended consequences.

Help giving blue
Access to an abuse process

Complainants should have a mechanism to present their grievances to the party best positioned to address them.

Eyeball
Transparency

We believe in being transparent about when and how we take actions to address abuse.

How infrastructure services differ from other Internet services

A graphic depicting how Internet service providers play a role in addressing harmful content online. Cloudflare products and services are highlighted throughout the graphic.

Cloudflare’s approach to abuse reflects the nature of our infrastructure services, which are fundamentally distinct from services like social media platforms and search engines that are designed to interact with and curate content. While content curator services are designed around moderating content, infrastructure services operate without content-based distinction to help make the Internet function more securely, efficiently, and reliably. These differences can be visualized in a stack, where services at the top of the stack are better positioned to address abuse in the first instance.

Everyone benefits from a well-functioning Internet infrastructure, just like other physical infrastructure, and we believe that infrastructure services should generally be made available in a content-neutral way. That is particularly true for services that protect users and customers from cyber attacks.

Cloudflare’s abuse reporting system is designed to ensure that abuse complaints related to content can be addressed by those service providers higher in the stack, and to identify those instances in which action lower down the stack is appropriate.

A graphic depicting how Internet service providers play a role in addressing harmful content online. Cloudflare products and services are highlighted throughout the graphic.

Why the Cloudflare service at issue matters

Even within the category of Internet infrastructure, different types of services have different abilities to address abusive content. While a hosting provider may be able to effectively remove particular content from a website, other services involved in the transmission of content generally cannot. In addition to being ineffective, attempts to address abuse through cybersecurity services can have unintended consequences and make the broader Internet less secure. Laws like the United States' Digital Millennium Copyright Act and the EU’s Ecommerce Directive reflect this reality by creating a framework for addressing abuse that distinguishes among hosting services, caching services, and mere conduit services.

Which Cloudflare service(s) are at issue

If you are submitting an abuse report to us because our IP address appears in the WHOIS and DNS records for a website, it is very likely that the website is one of millions of websites that use our pass-through security and content distribution network (CDN) services. Our IP address appears in the WHOIS and DNS records for those websites because of the nature of our security services. If a website uses Cloudflare’s registrar services, that will be reflected in the WHOIS records for the website. If Cloudflare might qualify as the origin hosting provider because of the use of services such as Cloudflare Stream, Cloudflare Pages, Cloudflare Workers, Cloudflare Workers KV, and Cloudflare Images that can definitively store content, our systems will account for those services in processing your report.

Reverse proxy, pass-through security, and CDN services

Diagram depicting how Cloudflare handles abuse complaints.

The vast majority of abuse reports that we receive are about websites using our pass-through security, and content distribution network (CDN) services. Cloudflare does not host content through those services, and we cannot remove content from the Internet that we do not host.

Our abuse reporting system is therefore designed to ensure that your report gets to the parties best positioned to address your complaint: the website operator and the hosting provider for the website on which the content is posted. When you submit a report relating to a website using these services, we will take the following steps:

  • Forward your complaint to the website operator and the hosting provider to allow them to take action on it. For some categories of complaints, you can direct us not to forward your complaint to the website operator;
  • Provide the hosting provider with the origin IP address of the content at issue to help them locate it;
  • Depending on the nature of your complaint, respond to you with additional details so that you can follow up as necessary.
Diagram depicting how Cloudflare handles abuse complaints.
Hosting services
A small minority of abuse reports we receive relate to content definitively stored through Cloudflare Stream, Cloudflare Pages, Cloudflare Workers, Cloudflare Workers KV, or Cloudflare Images such that Cloudflare might qualify as the origin hosting provider. If your abuse report pertains to content that we host and that we believe violates the applicable supplemental terms of service, we will remove or disable access to that content. If we disable access or remove content in response to an abuse report, we generally also notify the website operator of our action and we may make the content available again if appropriate based on the website operator’s response.
We may block or remove any content we determine:
  • Contains, displays, distributes, or encourages the creation of child sexual abuse material, or otherwise exploits or promotes the exploitation of minors;
  • Infringes on intellectual property rights;
  • Has been determined by appropriate legal process to be defamatory or libelous;
  • Engages in the unlawful distribution of controlled substances;
  • Facilitates human trafficking or prostitution in violation of the law;
  • Contains, installs, or disseminates any active malware, or uses our platform for exploit delivery (such as part of a command and control system);
  • Is otherwise illegal, harmful, or violates the rights of others, including content that discloses sensitive personal information, incites or exploits violence against people or animals, or seeks to defraud the public.

More details about Cloudflare's approach to abuse