Ezoic works by having all traffic to your site pass through their servers. So from our perspective, it will look as if the traffic is coming from Ezoic’s servers, not from your website visitor’s device or from Cloudflare.
This is important for security systems like rate limiting, because all the traffic coming from Ezoic will likely be blocked if the traffic of all visitors is coming from them.
These security systems are managed by us and cannot be disabled or modified by you.
I understand. The following fixes are proposed by ezoic:
1 Whitelisting Ezoic’s IP Addresses
2 Set up an X-Forwarded-For Header ( I have done this from my end, and the instructions say, that you’ll have to make additional implementations from you end)
3 User Agent Authentication:
It is written and I quote, “With all requests, Ezoic will send the actual IP of the user under the request header ‘x-middleton-ip’. If you explain this to your host, they should be able to find the request IP there, rather than by using a ‘requested-by’ header.”
So, if you would be so kind as to help me out, I would appreciate that greatly.
All of these proposed fixes require changes in the server configuration. And not just any configuration: they require holes to be punched in security systems and to blindly trust whatever Ezoic is sending our way.
I’m sorry, but cannot just make changes to configuration that affects at least tens of thousands of websites because one person chose an advertising provider that has a much more intrusive integration than every other ad provider I know.
You’re free to put ads on your own site and choose which provider you’ll use for it. But it’s up to you to choose a provider that works for you, your site and your hosting.
You can use any nameservers you want, and only our own are officially recommended. But when you start sticking additional proxy layers between our servers and your visitors, you risk breaking stuff, and we only support Cloudflare for this.